456 lines
12 KiB
Plaintext
456 lines
12 KiB
Plaintext
-- This file is corresponding to Release 9.1.10.101 from 2014/08/11 00:00:00
|
|
|
|
|
|
-- (C)opyright 1991-2014 bintec elmeg GmbH,
|
|
-- All Rights Reserved
|
|
-- $RCSfile: mibradius,v $
|
|
-- $Revision: 1.22 $
|
|
|
|
BIANCA-BRICK-RADIUS-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
Counter, IpAddress, enterprises
|
|
FROM RFC1155-SMI
|
|
|
|
DisplayString
|
|
FROM RFC1158-MIB
|
|
|
|
OBJECT-TYPE
|
|
FROM RFC-1212;
|
|
|
|
bintec OBJECT IDENTIFIER ::= { enterprises 272 }
|
|
bintecsec OBJECT IDENTIFIER
|
|
::= { bintec 254 }
|
|
radius OBJECT IDENTIFIER
|
|
::= { bintecsec 8 }
|
|
|
|
radiusServerTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF RadiusServerEntry
|
|
ACCESS not-accessible
|
|
STATUS mandatory
|
|
DESCRIPTION
|
|
""
|
|
::= { radius 1 }
|
|
|
|
radiusServerEntry OBJECT-TYPE
|
|
SYNTAX RadiusServerEntry
|
|
ACCESS not-accessible
|
|
STATUS mandatory
|
|
DESCRIPTION
|
|
""
|
|
INDEX { radiusSrvProtocol }
|
|
::= { radiusServerTable 1 }
|
|
|
|
RadiusServerEntry ::=
|
|
SEQUENCE {
|
|
radiusSrvProtocol INTEGER,
|
|
radiusSrvAddress IpAddress,
|
|
radiusSrvPort INTEGER,
|
|
radiusSrvSecret DisplayString,
|
|
radiusSrvPriority INTEGER,
|
|
radiusSrvTimeout INTEGER,
|
|
radiusSrvRetries INTEGER,
|
|
radiusSrvState INTEGER,
|
|
radiusSrvPolicy INTEGER,
|
|
radiusSrvValidate INTEGER,
|
|
radiusSrvDialout INTEGER,
|
|
radiusSrvDefaultPW DisplayString,
|
|
radiusSrvReloadInterval INTEGER,
|
|
radiusSrvAuthRequests Counter,
|
|
radiusSrvAuthAccepts Counter,
|
|
radiusSrvAuthRejects Counter,
|
|
radiusSrvAuthReqRetrans Counter,
|
|
radiusSrvAuthReqFailed Counter,
|
|
radiusSrvAuthReqPending Counter,
|
|
radiusSrvAcctStarts Counter,
|
|
radiusSrvAcctStops Counter,
|
|
radiusSrvKeepalive INTEGER,
|
|
radiusSrvGroupId INTEGER,
|
|
radiusSrvNasLocation DisplayString,
|
|
radiusSrvVendorMode INTEGER,
|
|
radiusSrvAcctOns Counter,
|
|
radiusSrvAcctOffs Counter,
|
|
radiusSrvAcctResponses Counter,
|
|
radiusSrvGroupDescr DisplayString,
|
|
radiusSrvNasOspfAreaId IpAddress
|
|
}
|
|
|
|
radiusSrvProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
authentication(1),
|
|
accounting(2),
|
|
login(3),
|
|
ipsec(4),
|
|
wpa802-1x(5),
|
|
xauth(6)
|
|
}
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Type of authentication server. To configure the radius
|
|
authentication use authentication(1), for radius accounting
|
|
accounting(2), for user authentication on login shell
|
|
login(3), for extended authentication (XAUTH) with IPSec
|
|
xauth(6) and other special IPSEC requests(4)."
|
|
DEFVAL { authentication }
|
|
::= { radiusServerEntry 1 }
|
|
|
|
radiusSrvAddress OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"The Radius Server IP Address."
|
|
::= { radiusServerEntry 2 }
|
|
|
|
radiusSrvPort OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"The radius server port.
|
|
Please notice that RFC2138 assigns port 1812 and 1813
|
|
for authentication and accounting, respectively. Many
|
|
Radius servers still use the former assigned port 1645
|
|
and 1646 instead. The default value is 1812 and 1813."
|
|
DEFVAL { 1812 }
|
|
::= { radiusServerEntry 3 }
|
|
|
|
radiusSrvSecret OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"The shared secret between radius server and Brick."
|
|
DEFVAL { "" }
|
|
::= { radiusServerEntry 4 }
|
|
|
|
radiusSrvPriority OBJECT-TYPE
|
|
SYNTAX INTEGER (0..7)
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"The radius server with the lowest priority is the first
|
|
used for request. If there is no response (see also the
|
|
values Timeout and Retries) the radius server with the
|
|
next lowest priority will be used. Default value is 0."
|
|
DEFVAL { 0 }
|
|
::= { radiusServerEntry 5 }
|
|
|
|
radiusSrvTimeout OBJECT-TYPE
|
|
SYNTAX INTEGER (50..50000)
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"The amount of milliseconds (1/1000s) waiting for an
|
|
outstanding request. Default is 1000 (1 second)."
|
|
DEFVAL { 1000 }
|
|
::= { radiusServerEntry 6 }
|
|
|
|
radiusSrvRetries OBJECT-TYPE
|
|
SYNTAX INTEGER (0..10)
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"The number of retries sent for each request, until the
|
|
server state is set to inactive. Default value is 1.
|
|
To prevent the radiusSrvState ever switch to inactive,
|
|
set this value to 0."
|
|
DEFVAL { 1 }
|
|
::= { radiusServerEntry 7 }
|
|
|
|
radiusSrvState OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
active(1),
|
|
inactive(2),
|
|
disabled(3),
|
|
delete(4)
|
|
}
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"When operational, the server state is active(1).
|
|
If the radius server does not respond, its state is set
|
|
to inactive(2). The administrator can set the state
|
|
manually to disabled(3), or delete(4) the entry."
|
|
DEFVAL { active }
|
|
::= { radiusServerEntry 8 }
|
|
|
|
radiusSrvPolicy OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
authoritative(1),
|
|
non-authoritative(2)
|
|
}
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"If set to authoritative(1), a negative answer to a
|
|
request will be accepted. This is not necessarily
|
|
true when set to non-authoritative(2), where the
|
|
next radius server will be asked until there is
|
|
finally an authoritative(1) server configured."
|
|
DEFVAL { authoritative }
|
|
::= { radiusServerEntry 9 }
|
|
|
|
radiusSrvValidate OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enabled(1),
|
|
disabled(2)
|
|
}
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"This additional option is only used for bogus RADIUS
|
|
servers, which send response messages with a wrong
|
|
calculated MD5 checksum. All messages generated by
|
|
the brick, however, will always use the proper
|
|
authentication scheme. For security reasons, this
|
|
option should always be set to enabled(1)."
|
|
DEFVAL { enabled }
|
|
::= { radiusServerEntry 10 }
|
|
|
|
radiusSrvDialout OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enabled(1),
|
|
disabled(2),
|
|
reload(3)
|
|
}
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"This option provides a means for RADIUS dialout
|
|
configuration.
|
|
When set to enabled(1), routing information is read
|
|
into the brick after system startup. This information
|
|
must be configured in the RADIUS server as dialout-1 to
|
|
dialout-n, where n is a value of range 1-99. The end is
|
|
automatically determined when the brick gets a negative
|
|
response. This means, all entrys must be consecutive.
|
|
The default value is disabled(2)."
|
|
DEFVAL { disabled }
|
|
::= { radiusServerEntry 11 }
|
|
|
|
radiusSrvDefaultPW OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"This is the default USER-PASSWORD the brick sends
|
|
where no password is available (for example, in
|
|
requests for the calling number or boot requests).
|
|
Some RADIUS servers rely on a configured USER- or
|
|
CHAP-PASSWORD for any RADIUS request.
|
|
The default value is an empty string."
|
|
DEFVAL { "" }
|
|
::= { radiusServerEntry 12 }
|
|
|
|
radiusSrvReloadInterval OBJECT-TYPE
|
|
SYNTAX INTEGER (0..1440)
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Reload interval for RADIUS dialout configuration in minutes.
|
|
The default is 0 (no reload is performed automatically."
|
|
DEFVAL { 0 }
|
|
::= { radiusServerEntry 13 }
|
|
|
|
radiusSrvAuthRequests OBJECT-TYPE
|
|
SYNTAX Counter
|
|
ACCESS read-only
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Total number of access requests sent."
|
|
DEFVAL { 0 }
|
|
::= { radiusServerEntry 14 }
|
|
|
|
radiusSrvAuthAccepts OBJECT-TYPE
|
|
SYNTAX Counter
|
|
ACCESS read-only
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Total number of access accepts received."
|
|
DEFVAL { 0 }
|
|
::= { radiusServerEntry 15 }
|
|
|
|
radiusSrvAuthRejects OBJECT-TYPE
|
|
SYNTAX Counter
|
|
ACCESS read-only
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Total number of access rejects received."
|
|
DEFVAL { 0 }
|
|
::= { radiusServerEntry 16 }
|
|
|
|
radiusSrvAuthReqRetrans OBJECT-TYPE
|
|
SYNTAX Counter
|
|
ACCESS read-only
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Total number of retransmitted access requests."
|
|
DEFVAL { 0 }
|
|
::= { radiusServerEntry 17 }
|
|
|
|
radiusSrvAuthReqFailed OBJECT-TYPE
|
|
SYNTAX Counter
|
|
ACCESS read-only
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Total number of failed (not rejected) access requests."
|
|
DEFVAL { 0 }
|
|
::= { radiusServerEntry 18 }
|
|
|
|
radiusSrvAuthReqPending OBJECT-TYPE
|
|
SYNTAX Counter
|
|
ACCESS read-only
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Total number of pending access requests."
|
|
DEFVAL { 0 }
|
|
::= { radiusServerEntry 19 }
|
|
|
|
radiusSrvAcctStarts OBJECT-TYPE
|
|
SYNTAX Counter
|
|
ACCESS read-only
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Total number of accounting starts sent."
|
|
DEFVAL { 0 }
|
|
::= { radiusServerEntry 20 }
|
|
|
|
radiusSrvAcctStops OBJECT-TYPE
|
|
SYNTAX Counter
|
|
ACCESS read-only
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Total number of accounting stops sent."
|
|
DEFVAL { 0 }
|
|
::= { radiusServerEntry 21 }
|
|
|
|
radiusSrvKeepalive OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enabled(1),
|
|
disabled(2)
|
|
}
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Enables the periodicaly keep alive check of 'inactive'
|
|
(see radiusSrvState) server."
|
|
DEFVAL { enabled }
|
|
::= { radiusServerEntry 22 }
|
|
|
|
radiusSrvGroupId OBJECT-TYPE
|
|
SYNTAX INTEGER (0..9)
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"ID for creating logical groups of RADIUS servers to be
|
|
addressed for RADIUS ACCESS and ACCOUNTING requests.
|
|
Note: the priority within a defined group is still determined
|
|
by radiusSrvPriority."
|
|
DEFVAL { 0 }
|
|
::= { radiusServerEntry 23 }
|
|
|
|
radiusSrvNasLocation OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Description of the NAS location - to be used for accounting
|
|
in some vendor-specific modes (see radiusSrvVendorMode)."
|
|
DEFVAL { "" }
|
|
::= { radiusServerEntry 24 }
|
|
|
|
radiusSrvVendorMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
default(1), -- standard mode
|
|
emulation-1(2), -- emulation for FT WIFI hotspot
|
|
emulation-2(3) -- emulation for Synergy hotspot
|
|
}
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Vendor-specific NAS emulation needed for dedicated customer
|
|
projects."
|
|
DEFVAL { default }
|
|
::= { radiusServerEntry 25 }
|
|
|
|
radiusSrvAcctOns OBJECT-TYPE
|
|
SYNTAX Counter
|
|
ACCESS read-only
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Total number of accounting 'ON' messages sent."
|
|
DEFVAL { 0 }
|
|
::= { radiusServerEntry 26 }
|
|
|
|
radiusSrvAcctOffs OBJECT-TYPE
|
|
SYNTAX Counter
|
|
ACCESS read-only
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Total number of accounting 'OFF' messages sent."
|
|
DEFVAL { 0 }
|
|
::= { radiusServerEntry 27 }
|
|
|
|
radiusSrvAcctResponses OBJECT-TYPE
|
|
SYNTAX Counter
|
|
ACCESS read-only
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Total number of received accounting response messages."
|
|
DEFVAL { 0 }
|
|
::= { radiusServerEntry 28 }
|
|
|
|
radiusSrvGroupDescr OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (0..20))
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"Description for the logical group of RADIUS servers
|
|
that is identified by radiuSrvGroupId."
|
|
DEFVAL { "" }
|
|
::= { radiusServerEntry 29 }
|
|
|
|
radiusSrvNasOspfAreaId OBJECT-TYPE
|
|
SYNTAX IpAddress
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
DESCRIPTION
|
|
"OSPF area ID to be used for all temporarily created
|
|
WAN interfaces associated with this NAS location and
|
|
RADIUS server context."
|
|
::= { radiusServerEntry 30 }
|
|
|
|
END
|