-- ******************************************************************* -- CISCO-SNMP-HANDSHAKE-MIB.my -- May 2007, Devesh Pujari -- -- Copyright (c) 2006-2007 by Cisco Systems, Inc. -- All rights reserved. -- ******************************************************************* -- CISCO-SNMP-HANDSHAKE-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF bsnWireless FROM AIRESPACE-WIRELESS-MIB TruthValue FROM SNMPv2-TC; --******************************************************************** --* MODULE IDENTITY --******************************************************************** ciscoSnmpHandshakeMIB MODULE-IDENTITY LAST-UPDATED "200705230000Z" ORGANIZATION "Cisco Systems Inc." CONTACT-INFO " Cisco Systems, Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 USA Tel: +1 800 553-NETS Email: cs-wnbu-snmp@cisco.com" DESCRIPTION "This MIB is intended for those devices where SNMP access is given to be given to known SNMP Manager only. All the SNMP MIBs are published, any thrid party SNMP browser can retrieve data using SNMP protocol. By implementing this MIB, a application layer handshake has to be done before any MIB view access is granted to SNMPV2c community string or SNMPV3 user. Once the handshake is successfully over then SNMP agent can create VACM entry to provide access to any MIB view. GLOSSARY View-based Access Control Model ( VACM ) The VACM determines whether access to a managed object in a local MIB by a remote SNMP manager should be allowed." REVISION "200705230000Z" DESCRIPTION "Initial version of this MIB module." ::= { bsnWireless 40 } --inside Airespace tree ciscoSnmpHandshakeMIBNotifs OBJECT IDENTIFIER ::= { ciscoSnmpHandshakeMIB 0 } ciscoSnmpHandshakeMIBObjects OBJECT IDENTIFIER ::= { ciscoSnmpHandshakeMIB 1 } ciscoSnmpHandshakeMIBConform OBJECT IDENTIFIER ::= { ciscoSnmpHandshakeMIB 2 } ciscoSnmpHandshakeProcess OBJECT IDENTIFIER ::= { ciscoSnmpHandshakeMIBObjects 1 } ciscoSnmpHandshakeTest OBJECT IDENTIFIER ::= { ciscoSnmpHandshakeMIBObjects 2 } -- ******************************************************************* -- Handshake Process -- ******************************************************************* csHandshakeInit OBJECT-TYPE SYNTAX OCTET STRING (SIZE(16)) MAX-ACCESS read-only STATUS current DESCRIPTION "Get on this object will return random 16 bytes octet-string. Device will cache this string against IP-Address of sender. This string will be later used to comeplete the handshake." ::= { ciscoSnmpHandshakeProcess 1 } csHandshakeUpdate OBJECT-TYPE SYNTAX OCTET STRING (SIZE(16)) MAX-ACCESS read-write STATUS current DESCRIPTION "Set on this object will make snmp agent to run the secret algorithm to give access or deny access to SNMP manager. Access will be given to the community string used and to the sender's IP-Address only." ::= { ciscoSnmpHandshakeProcess 2 } -- ******************************************************************* -- Handshake Test -- ******************************************************************* csHandshakeCheck OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-only STATUS current DESCRIPTION "This object can be use to perform test of MIB view access. Once the handshake is successfully completed. The MIB-view access will be granted for this object, If MIB-view is not granted yet for this object then no-access error will be returned." ::= { ciscoSnmpHandshakeTest 1 } --******************************************************************** --* Compliance statements --******************************************************************** ciscoSnmpHandshakeMIBCompliances OBJECT IDENTIFIER ::= { ciscoSnmpHandshakeMIBConform 1 } ciscoSnmpHandshakeMIBGroups OBJECT IDENTIFIER ::= { ciscoSnmpHandshakeMIBConform 2 } ciscoSnmpHandshakeMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoSnmpHandshakeMIB module." MODULE MANDATORY-GROUPS { ciscoSnmpHandshakeGroup } ::= { ciscoSnmpHandshakeMIBCompliances 1 } --******************************************************************* --* Units of conformance --******************************************************************* ciscoSnmpHandshakeGroup OBJECT-GROUP OBJECTS { csHandshakeInit, csHandshakeUpdate, csHandshakeCheck } STATUS current DESCRIPTION "This collection of objects represents the information about attributes needed to completed SNMP handhshake" ::= { ciscoSnmpHandshakeMIBGroups 1 } END