-- This file was included in WWP MIB release 04-10-01-0027 -- -- WWP-LEOS-RADIUS-CLIENT-MIB.my -- -- WWP-LEOS-RADIUS-CLIENT-MIB DEFINITIONS ::= BEGIN IMPORTS IpAddress, Integer32, Counter32, TimeTicks, Gauge32, OBJECT-TYPE, MODULE-IDENTITY FROM SNMPv2-SMI DisplayString, RowStatus, TruthValue, TEXTUAL-CONVENTION FROM SNMPv2-TC InetAddressType,InetAddress FROM INET-ADDRESS-MIB wwpModulesLeos FROM WWP-SMI; wwpLeosRadiusClientMIB MODULE-IDENTITY LAST-UPDATED "201204260000Z" ORGANIZATION "Ciena, Inc" CONTACT-INFO " Mib Meister 115 North Sullivan Road Spokane Valley, WA 99037 USA Phone: +1 509 242 9000 Email: support@ciena.com" DESCRIPTION "The MIB module for the WWP Radius Server specific configuration and monitoring information." REVISION "201204260000Z" DESCRIPTION "Corrected the maximum RADIUS authentication string length from 127 to 64 characters." REVISION "201204050000Z" DESCRIPTION "Add new MIB OIDs to support IP protocol version independent Inet addressing. New attributes include: wwpLeosRadiusClientServerResolvedInetAddrType, wwpLeosRadiusClientServerResolvedInetAddress." REVISION "200104031700Z" DESCRIPTION "Initial creation." ::= { wwpModulesLeos 20 } RadiusString ::= TEXTUAL-CONVENTION DISPLAY-HINT "255a" STATUS current DESCRIPTION "Used to represent the RADIUS authentication string." SYNTAX OCTET STRING (SIZE (8..64)) -- -- Node definitions -- wwpLeosRadiusClientMIBObjects OBJECT IDENTIFIER ::= { wwpLeosRadiusClientMIB 1 } wwpLeosRadiusClient OBJECT IDENTIFIER ::= {wwpLeosRadiusClientMIBObjects 1 } -- Notifications wwpLeosRadiusClientMIBNotificationPrefix OBJECT IDENTIFIER ::= { wwpLeosRadiusClientMIB 2 } wwpLeosRadiusClientMIBNotifications OBJECT IDENTIFIER ::= { wwpLeosRadiusClientMIBNotificationPrefix 0 } -- Conformance information wwpLeosRadiusClientMIBConformance OBJECT IDENTIFIER ::= { wwpLeosRadiusClientMIB 3 } wwpLeosRadiusClientMIBCompliances OBJECT IDENTIFIER ::= { wwpLeosRadiusClientMIBConformance 1 } wwpLeosRadiusClientMIBGroups OBJECT IDENTIFIER ::= { wwpLeosRadiusClientMIBConformance 2 } wwpLeosRadiusAdminState OBJECT-TYPE SYNTAX INTEGER { disabled(1), enabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object will administratively enable/disable radius client on the device." ::= { wwpLeosRadiusClient 1 } wwpLeosRadiusOperState OBJECT-TYPE SYNTAX INTEGER { disabled(1), enabled(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "This object returns the operational state of radius client." ::= { wwpLeosRadiusClient 2 } wwpLeosRadiusClientTimeout OBJECT-TYPE SYNTAX Integer32 (1..30) UNITS "seconds" MAX-ACCESS read-write STATUS current DESCRIPTION "This is the time in seconds between retransmissions to the RADIUS server." DEFVAL { 1 } ::= { wwpLeosRadiusClient 3 } wwpLeosRadiusClientRetries OBJECT-TYPE SYNTAX Integer32 (0..3) MAX-ACCESS read-write STATUS current DESCRIPTION "Indicates the number of times the RADIUS server should be tried before giving up on the server." DEFVAL { 3 } ::= { wwpLeosRadiusClient 4 } wwpLeosRadiusClientAuthKey OBJECT-TYPE SYNTAX RadiusString MAX-ACCESS read-write STATUS current DESCRIPTION "The Auth Key to be used for Radius Servers. Retrieving the value of this object via SNMP will return an empty string for security reasons." ::= { wwpLeosRadiusClient 5 } wwpLeosRadiusClientServerTable OBJECT-TYPE SYNTAX SEQUENCE OF WwpLeosRadiusClientServerEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Lists the possible RADIUS servers. While creating entry following mib objects must be specified wwpLeosRadiusClientServerStatus, wwpLeosRadiusClientServerAddr. SNMP multiple set operation must be used to create entry." ::= { wwpLeosRadiusClient 6 } wwpLeosRadiusClientAuthKeyUnset OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object to true will cause the value of wwpLeosRadiusClientAuthKey to be cleared. Reading this object always return a value of false." ::= { wwpLeosRadiusClient 7 } wwpLeosRadiusClientAuthSecretUnset OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this object to true will cause the value of wwpLeosRadiusClientAuthSecret to be cleared. Reading this object always return a value of false." ::= { wwpLeosRadiusClient 8 } wwpLeosRadiusClientServerEntry OBJECT-TYPE SYNTAX WwpLeosRadiusClientServerEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Radius server entry." INDEX { wwpLeosRadiusClientServerIndex} ::= { wwpLeosRadiusClientServerTable 1 } WwpLeosRadiusClientServerEntry ::= SEQUENCE { wwpLeosRadiusClientServerIndex Integer32, wwpLeosRadiusClientServerAddr DisplayString, wwpLeosRadiusClientServerResolvedAddr IpAddress, wwpLeosRadiusClientServerPriority Integer32, wwpLeosRadiusClientServerAuthPort Integer32, wwpLeosRadiusClientServerRoundTripTime TimeTicks, wwpLeosRadiusClientServerAccessRequests Counter32, wwpLeosRadiusClientServerAccessRetransmissions Counter32, wwpLeosRadiusClientServerAccessAccepts Counter32, wwpLeosRadiusClientServerAccessRejects Counter32, wwpLeosRadiusClientServerAccessChallenges Counter32, wwpLeosRadiusClientServerMalformedAccessResponses Counter32, wwpLeosRadiusClientServerBadAuthenticators Counter32, wwpLeosRadiusClientServerPendingRequests Gauge32, wwpLeosRadiusClientServerTimeouts Counter32, wwpLeosRadiusClientServerUnknownTypes Counter32, wwpLeosRadiusClientServerPacketsDropped Counter32, wwpLeosRadiusClientServerStatus RowStatus, wwpLeosRadiusClientServerApplication INTEGER, wwpLeosRadiusClientServerResolvedInetAddrType InetAddressType, wwpLeosRadiusClientServerResolvedInetAddress InetAddress } wwpLeosRadiusClientServerIndex OBJECT-TYPE SYNTAX Integer32 (1..8) MAX-ACCESS not-accessible STATUS current DESCRIPTION "Specifies the index of this table." ::= { wwpLeosRadiusClientServerEntry 1 } wwpLeosRadiusClientServerAddr OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-write STATUS current DESCRIPTION "Host name or ip address of the RADIUS server." ::= { wwpLeosRadiusClientServerEntry 2 } wwpLeosRadiusClientServerResolvedAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-only STATUS current DESCRIPTION "When wwpLeosRadiusClientServerAddr represents: Host name : The resolved address will either be Ipv4 address or Ipv6 address. Ipv4 address : The resolved address will be the same Ipv4 address. Ipv6 address : The resolved address will be the same Ipv6 address. When the resolved address represents: Ipv4 address : wwpLeosRadiusClientServerResolvedAddr will represent the resolved Ipv4 address. wwpLeosRadiusClientServerResolvedInetAddr used in conjunction with wwpLeosRadiusClientServerResolvedInetAddrType will represent the same Ipv4 address. Ipv6 address : wwpLeosRadiusClientServerResolvedAddr will represent 0.0.0.0. wwpLeosRadiusClientServerResolvedInetAddr used in conjunction with wwpLeosRadiusClientServerResolvedInetAddrType will represent the Ipv6 address." ::= { wwpLeosRadiusClientServerEntry 3 } wwpLeosRadiusClientServerPriority OBJECT-TYPE SYNTAX Integer32 (1..8) MAX-ACCESS read-write STATUS current DESCRIPTION "Specifies the priority of radius servers configured on the device." ::= { wwpLeosRadiusClientServerEntry 4 } wwpLeosRadiusClientServerAuthPort OBJECT-TYPE SYNTAX Integer32 (0..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "The destination UDP port number to which RADIUS messages should be sent. The RADIUS server will not be used for authentication if this port number is 0." DEFVAL { 1812 } ::= { wwpLeosRadiusClientServerEntry 5 } wwpLeosRadiusClientServerRoundTripTime OBJECT-TYPE SYNTAX TimeTicks MAX-ACCESS read-only STATUS current DESCRIPTION "The time interval (in hundredths of a second) between the most recent Access-Reply/Access-Challenge and the Access-Request that matched it from this RADIUS authentication server." ::= { wwpLeosRadiusClientServerEntry 6 } -- Request/Response statistics -- -- TotalIncomingPackets = Accepts + Rejects + Challenges + UnknownTypes -- -- TotalIncomingPackets - MalformedResponses - BadAuthenticators - -- UnknownTypes - PacketsDropped = Successfully received -- -- AccessRequests + PendingRequests + ClientTimeouts = -- Successfully Received -- -- wwpLeosRadiusClientServerAccessRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS Access-Request packets sent to this server. This does not include retransmissions." ::= { wwpLeosRadiusClientServerEntry 7 } wwpLeosRadiusClientServerAccessRetransmissions OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS Access-Request packets retransmitted to this RADIUS authentication server." ::= { wwpLeosRadiusClientServerEntry 8 } wwpLeosRadiusClientServerAccessAccepts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS Access-Accept packets (valid or invalid) received from this server." ::= { wwpLeosRadiusClientServerEntry 9 } wwpLeosRadiusClientServerAccessRejects OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS Access-Reject packets (valid or invalid) received from this server." ::= { wwpLeosRadiusClientServerEntry 10 } wwpLeosRadiusClientServerAccessChallenges OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS Access-Challenge packets (valid or invalid) received from this server." ::= { wwpLeosRadiusClientServerEntry 11 } -- "Access-Response" includes an Access-Accept, Access-Challenge -- or Access-Reject wwpLeosRadiusClientServerMalformedAccessResponses OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of malformed RADIUS Access-Response packets received from this server. Malformed packets include packets with an invalid length. Bad authenticators or Signature attributes or unknown types are not included as malformed access responses." ::= { wwpLeosRadiusClientServerEntry 12 } wwpLeosRadiusClientServerBadAuthenticators OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS Access-Response packets containing invalid authenticators or Signature attributes received from this server." ::= { wwpLeosRadiusClientServerEntry 13 } wwpLeosRadiusClientServerPendingRequests OBJECT-TYPE SYNTAX Gauge32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS Access-Request packets destined for this server that have not yet timed out or received a response. This variable is incremented when an Access-Request is sent and decremented due to receipt of an Access-Accept, Access-Reject or Access-Challenge, a timeout or retransmission." ::= { wwpLeosRadiusClientServerEntry 14 } wwpLeosRadiusClientServerTimeouts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of authentication timeouts to this server. After a timeout the client may retry to the same server, send to a different server, or give up. A retry to the same server is counted as a retransmit as well as a timeout. A send to a different server is counted as a Request as well as a timeout." ::= { wwpLeosRadiusClientServerEntry 15 } wwpLeosRadiusClientServerUnknownTypes OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS packets of unknown type which were received from this server on the authentication port." ::= { wwpLeosRadiusClientServerEntry 16 } wwpLeosRadiusClientServerPacketsDropped OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "The number of RADIUS packets of which were received from this server on the authentication port and dropped for some other reason." ::= { wwpLeosRadiusClientServerEntry 17} wwpLeosRadiusClientServerStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "To create a row in this table, a manager must set this object to createAndGo(4). While creating entry the following mib objects must be specified wwpLeosRadiusClientServerStatus, wwpLeosRadiusClientServerAddr. SNMP multiple set operation must be used to create entry. To disable a radius server, the operator can set wwpLeosRadiusClientServerStatus object to 'notInService' state." ::= { wwpLeosRadiusClientServerEntry 18 } wwpLeosRadiusClientServerApplication OBJECT-TYPE SYNTAX INTEGER { userLogin(1), dot1x(2), all(3) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies how the radius server should be used for authentication. Whether this radius server should be used for userLogin authentication or dot1x authentication or both is decided by the value of this mib object." DEFVAL {userLogin} ::= { wwpLeosRadiusClientServerEntry 19} wwpLeosRadiusClientServerResolvedInetAddrType OBJECT-TYPE SYNTAX InetAddressType MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the resolved IP address type. This OID is used in conjunction with wwpLeosRadiusClientServerInetAddrress. When set to : ipv4 : wwpLeosRadiusClientServerInetAddress should be compliant with InetAddressIPv4 ipv6 : wwpLeosRadiusClientServerInetAddress should be compliant with InetAddressIPv6 " ::= { wwpLeosRadiusClientServerEntry 20 } wwpLeosRadiusClientServerResolvedInetAddress OBJECT-TYPE SYNTAX InetAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the resolved IP address if wwpLeosRadiusClientServerAddr is set to host name. If wwpLeosRadiusClientServerAddr is set to ip address then wwpLeosRadiusClientServerResolvedInetAddress will contain same information as wwpLeosRadiusClientServerAddr. This OID should be used in conjuction with wwpLeosNtpServerResolvedInetAddrType." ::= { wwpLeosRadiusClientServerEntry 21 } wwpLeosRadiusClientSearchType OBJECT-TYPE SYNTAX INTEGER { cached(1), priority(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object sets the search type of the radius client." ::= { wwpLeosRadiusClient 10 } END -- -- WWP-RADIUS-CLIENT-MIB --