WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/hp/HP-USER-AUTH

3510 lines
136 KiB
Plaintext
Raw Permalink Blame History

--**MOD+***********************************************************************
--* Module: hpicfUsrAuth.mib
--*
--* Copyright (C) 2013-2018, 2020 Hewlett Packard Enterprise Development
--* Company LP All Right Reserved.
--*
--* The contents of this software are proprietary and confidential
--* to the Hewlett Packard Enterprise Development Company LP. No part of this
--* program may be photocopied, reproduced, or translated into another
--* programming language without prior written consent of the
--* Hewlett Packard Enterprise Development Company LP.
--*
--*Purpose: This file contains MIB definition of HP-USER-AUTH-MIB
--*
--**MOD-**************************************************************************
HP-USER-AUTH DEFINITIONS ::= BEGIN
IMPORTS
hpSwitch
FROM HP-ICF-OID
InterfaceIndex
FROM IF-MIB
VlanIndex
FROM Q-BRIDGE-MIB
SnmpAdminString
FROM SNMP-FRAMEWORK-MIB
OBJECT-GROUP, MODULE-COMPLIANCE, NOTIFICATION-GROUP
FROM SNMPv2-CONF
IpAddress, Integer32, Unsigned32, OBJECT-TYPE, Counter32,
MODULE-IDENTITY, NOTIFICATION-TYPE
FROM SNMPv2-SMI
TruthValue, MacAddress, RowStatus, DisplayString, DateAndTime, TEXTUAL-CONVENTION
FROM SNMPv2-TC
InetAddressType, InetAddress
FROM INET-ADDRESS-MIB
HpAutzUserRoleName
FROM HP-AUTZ-MIB;
-- 1.3.6.1.4.1.11.2.14.11.5.1.19
hpicfUsrAuthMIB MODULE-IDENTITY
LAST-UPDATED "202008130000Z" -- August 13, 2020
ORGANIZATION "HP Networking"
CONTACT-INFO
"Hewlett-Packard Enterprise Company
8000 Foothills Blvd.
Roseville, CA 95747"
DESCRIPTION
"This MIB module contains the definitions of Managed
Objects for various subsystems that perform
user authentication. The subsystems under control
by this MIB are:
WebAuth - Web-based login authentication
MacAuth - MAC address-based authentication
CLI Password - CLI-based login authentication"
REVISION "202008130000Z" -- August 13, 2020
DESCRIPTION "Added new object called hpicfUsrAuthStationIdFormat"
REVISION "201810300000Z" -- October 30, 2018
DESCRIPTION "Added new object called hpicfUsrAuthMacAuthUnauthVidLLDPNwkPolicy"
REVISION "201808300000Z" -- August 30, 2018
DESCRIPTION "Added new MIB objects for Authentication Order and
Authentication priority that can be
configured per port:
hpicfUsrAuthOrderFirst,
hpicfUsrAuthOrderSecond,
hpicfUsrAuthOrderLmaFallback,
hpicfUsrAuthPriorityFirst,
hpicfUsrAuthPrioritySecond
Added hpicfUsrAuthOrderPortsGroup. Added hpicfUsrAuthCompliance21"
REVISION "201808070000Z" -- August 7, 2018 at 00:00 GMT
DESCRIPTION
"Removed hpicfUsrAuthCDPBypassAdminStatus and
hpicfUsrAuthDeviceIdentityName from hpicfUsrAuthPortTable.
Added hpicfUsrAuthBypassPortTable with
hpicfUsrAuthBypassAdminStatus and hpicfUsrAuthDeviceIdentityName.
Added hpicfUsrAuthBypassPortsGroup. Added hpicfUsrAuthCompliance20
and depricated hpicfUsrAuthCompliance19."
REVISION "201807100000Z" -- July 10, 2018 at 00:00 GMT
DESCRIPTION
"Added hpicfMacAuthRadiusServer in hpicfUsrAuthGroups"
REVISION "201712050000Z" -- December 5, 2017 at 00:00 GMT
DESCRIPTION
"Added hpicfUsrAuthCDPBypassAdminStatus and hpicfUsrAuthDeviceIdentityName
in HpicfUsrAuthPortEntry"
REVISION "201710120000Z" -- October 12, 2017 at 00:00 GMT
DESCRIPTION
"Added new values criticalAuth(10) and openAuth(11) for objects
hpicfUsrAuthWebAuthSessionState and
hpicfUsrAuthMacAuthSessionState"
REVISION "201709130000Z" -- September 13, 2017 at 00:00 GMT
DESCRIPTION
"Added hpicfMacAuthRetainUnauthClients object"
REVISION "201706290000Z" -- June 29, 2017 at 00:00 GMT
DESCRIPTION
"Added hpicfUsrAuthMacPin object"
REVISION "201611110000Z" -- November 11, 2016 at 00:00 GMT
DESCRIPTION
"Added hpicfUsrAuthMacAuthPasswordEncrypted object"
REVISION "201607270000Z" -- July 27, 2016 at 00:00 GMT
DESCRIPTION
"Added hpicfUsrAuthLLDPBypassAdminStatus in HpicfUsrAuthPortEntry"
REVISION "201602180000Z" -- Feb 18, 2016 at 00:00 GMT
DESCRIPTION
"Added hpicfUsrAuthMacAuthMode and hpicfUsrAuthLLDPData objects."
REVISION "201602130000Z" -- Feb 13, 2016 at 00:00 GMT
DESCRIPTION
"Added hpicfUsrAuthWebAuthSessionRole,
hpicfUsrAuthMacAuthSessionName, and
hpicfUsrAuthMacAuthSessionRole objects.
Added initialRole, and initialRoleFailed
values to hpicfUsrAuthWebAuthSessionState and
hpicfUsrAuthMacAuthSessionState objects.
Updated description of hpicfUsrAuthWebAuthReAuthPeriod,
hpicfUsrAuthWebAuthAuthVid, hpicfUsrAuthWebAuthUnauthVid,
hpicfUsrAuthMacAuthReAuthPeriod, hpicfUsrAuthMacAuthAuthVid,
and hpicfUsrAuthMacAuthUnauthVid objects."
REVISION "201601152207Z" -- Jan 15, 2016 at 22:07 GMT
DESCRIPTION
"Added hpicfUsrAuthCaptivePortalProfileTable."
REVISION "201509110413Z" -- Sep 11, 2015 at 04:13 GMT
DESCRIPTION
"Added hpicfUsrAuthCaptivePortal objects and group
hpicfUsrAuthCaptivePortalGroup. Added objects
hpicfUsrAuthCaptivePortalConfigEnabled
hpicfUsrAuthCaptivePortalUrlHashKey
hpicfUsrAuthCaptivePortalUrlHashKeyEncrypted."
REVISION "201306120000Z" -- Jun 12, 2013 at 00:00 GMT
DESCRIPTION
"Added hpicfUsrAuthLastLogin objects and group
hpicfUsrAuthLastLoginGroup. Added objects
hpicfUsrAuthLastLoginNotifyStatus,
hpicfUsrAuthLastLoginNotifyAddrType,
hpicfUsrAuthLastLoginNotifyAddr and table
hpicfUsrAuthLastLoginEntry. Deprecated
compliances hpicfUsrAuthCompliance1,
hpicfUsrAuthCompliance1,
hpicfUsrAuthCompliance2,
hpicfUsrAuthCompliance3,
hpicfUsrAuthCompliance4,
hpicfUsrAuthCompliance5.
Deprecated groups
hpicfNotificationConfigDataGroup and
added hpicfNotificationConfigDataGroup1 "
REVISION "201302250000Z" -- Feb 25, 2013 at 00:00 GMT
DESCRIPTION
"Added hpicfUsrAuthLMAAdminStatus, hpicfUsrAuthPortsGroup1
hpicfUsrAuthCompliance8 and deprecated hpicfUsrAuthCompliance7,
hpicfUsrAuthPortsGroup."
REVISION "201205280000Z" -- May 28, 2012 at 00:00 GMT
DESCRIPTION
"Added description for hpicfUsrAuthMacAuthUsrNumberCnt in
hpicfUsrAuthSystem and hpicfUsrAuthMacAuthSessionUsrNumberCnt
in hpicfUsrAuthMacAuthSessionStatsEntry."
REVISION "201108290000Z" -- August 29, 2011 at 00:00 GMT
DESCRIPTION
"Added description for hpicfUsrAuthMacAuthSessionTimeout in
HpicfUsrAuthMacAuthSessionStatsEntry and hpicfUsrAuthWebAuthSessionTimeout
in HpicfUsrAuthWebAuthSessionStatsEntry."
REVISION "201107210000Z" -- July 21, 2011 at 00:00 GMT
DESCRIPTION
"Added hpicfUsrAuthMacAuthSessionTimeout in HpicfUsrAuthMacAuthSessionStatsEntry
and hpicfUsrAuthWebAuthSessionTimeout in HpicfUsrAuthWebAuthSessionStatsEntry."
REVISION "201001280000Z" -- January 28, 2010 at 00:00 GMT
DESCRIPTION
"Added hpicfUsrAuthWebAuthAccessDeniedMode and
hpicfUsrAuthWebAuthAccessDeniedMessage objects."
REVISION "200912150000Z" -- December 15, 2009 at 00:00 GMT
DESCRIPTION
"Added hpicfUsrAuthWebAuthAccessDeniedMode and
hpicfUsrAuthWebAuthAccessDeniedMessage objects."
REVISION "200907080000Z" -- July 08, 2009 at 00:00 GMT
DESCRIPTION
"Added hpicfUsrAuthMacAuthCachedReauthPeriod and
hpicfUsrAuthWebAuthCachedReauthPeriod objects."
REVISION "200903090000Z" -- March 09, 2009 at 00:00 GMT
DESCRIPTION
"Added hpicfUsrAuthMacAuthPassword object"
REVISION "200808061200Z" -- August 06, 2008 at 12:00 GMT
DESCRIPTION
"Added web reauthentication and user reauthentication objects."
REVISION "200708290000Z" -- August 29, 2007 at 00:00 GMT
DESCRIPTION
"Added hpicfUsrAuthWMA failure notification and objects"
REVISION "200706221200Z" -- June 22, 2007 at 12:00 GMT
DESCRIPTION
"Added hpicfUsrAuthNotifyConformance group and objects."
REVISION "200508050000Z" -- August 05, 2005 at 00:00 GMT
DESCRIPTION
"Added import objects."
REVISION "200305231020Z" -- May 23, 2003 at 10:20 GMT
DESCRIPTION
"Initial revision."
::= { hpSwitch 19 }
--
-- Node definitions
--
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.0
hpicfUsrAuthNotifications OBJECT IDENTIFIER ::= { hpicfUsrAuthMIB 0 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.0.1
hpicfUsrAuthCLIAuthFail NOTIFICATION-TYPE
OBJECTS { hpicfUsrAuthCLIFailCnt,
hpicfUsrAuthCLIInterface
-- Optional objects sent by new-style notifications (not
-- in the definition to avoid redefining this object)
-- hpicfUsrAuthLastLoginNotifyStatus,
-- hpicfUsrAuthLastLoginGeneration,
-- hpicfUsrAuthLastLoginNotifyAddrType,
-- hpicfUsrAuthLastLoginNotifyAddr
}
STATUS current
DESCRIPTION
"This notification signifies that CLI password
authentication has failed. Operational control of this
notification is provided using
hpicfUsrAuthCliNotifyEnable. Agents complying with
hpicfUsrAuthCompliance6 always additionally include
hpicfUsrAuthLastLoginStatus. They may include
hpicfUsrAuthLastLoginNotifyAddrType and
hpicfUsrAuthLastLoginNotifyAddr to identify the source of
the login attempt. They may also include an instance of
hpicfUsrAuthLastLoginGeneration. The
hpicfUsrAuthLastLoginEntry index in this object may be used
to retrieve other objects in the row that identify the
target user of this login attempt. If this index is zero,
then the login attempt was to an unknown username. The
value of hpicfUsrAuthLastLoginGeneration supplied in the
notification should be compared to the retrieved object
value to ensure that the row has not changed since the
notification was sent."
::= { hpicfUsrAuthNotifications 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.0.2
hpicfUsrAuthPasswdChng NOTIFICATION-TYPE
OBJECTS { hpicfUsrAuthCLIPasswdSet, hpicfUsrAuthCLIPwdNotifyCnt }
STATUS current
DESCRIPTION
"An hpicfUsrAuthPasswdChng notification signifies that
the manager password has been changed. The value of
hpicfUsrAuthCLIPasswdSet can be used to determine
whether the password has been set or cleared by this action.
"
::= { hpicfUsrAuthNotifications 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.0.3
hpicfPortSecAuthFailure NOTIFICATION-TYPE
OBJECTS { hpicfUsrAuthWMAFailCnt,
hpicfUsrAuthWMAFailVlan,
hpicfUsrAuthWMAFailPort,
hpicfUsrAuthWMAFailMAC }
STATUS current
DESCRIPTION
"This notification indicates a failed Port Security
(network access) authentication event."
::= { hpicfUsrAuthNotifications 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1
hpicfUsrAuthSystem OBJECT IDENTIFIER ::= { hpicfUsrAuthMIB 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.1
hpicfUsrAuthWebAuthDhcpBaseAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"For all ports running with web authentication
enabled: Specifies the base address that should
be used by the switch DHCP server for web-based
authentication purposes."
::= { hpicfUsrAuthSystem 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.2
hpicfUsrAuthWebAuthDhcpMask OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"For all ports running with web authentication
enabled: Specifies the subnet mask to be used in
conjunction with the DHCP base address when
servicing DHCP requests.
Allowable mask range is 255.255.240.0 (20) to
255.255.255.0 (24)."
::= { hpicfUsrAuthSystem 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.3
hpicfUsrAuthWebAuthDhcpLease OBJECT-TYPE
SYNTAX Integer32 (1..30)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"For all ports running with web authentication
enabled: Specifies the DHCP lease length in
seconds."
::= { hpicfUsrAuthSystem 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.4
hpicfUsrAuthMacAuthAddrFormat OBJECT-TYPE
SYNTAX INTEGER
{
noDelimiter(1),
singleDash(2),
multiDash(3),
multiColon(4),
noDelimiterUppercase(5),
singleDashUppercase(6),
multiDashUppercase(7),
multiColonUppercase(8)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"For all ports running with MAC authentication
enabled: Specifies the MAC address format to use
in the RADIUS access-request, as follows:
'noDelimiter' - Sends MAC address in aabbccddeeff format
'singleDash' - Sends MAC address in aabbcc-ddeeff format
'multiDash' - Sends MAC address in aa-bb-cc-dd-ee-ff format
'multiColon' - Sends MAC address in aa:bb:cc:dd:ee:ff format
'noDelimiterUppercase' - Sends MAC address in AABBCCDDEEFF format
'singleDashUppercase' - Sends MAC address in AABBCC-DDEEFF format
'multiDashUppercase' - Sends MAC address in AA-BB-CC-DD-EE-FF format
'multiColonUppercase' - Sends MAC address in AA:BB:CC:DD:EE:FF format
The default value is noDelimiter(1)."
::= { hpicfUsrAuthSystem 4 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.5
hpicfUsrAuthCliNotifyEnable OBJECT-TYPE
SYNTAX INTEGER
{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The operational status of hpicfUsrAuthCliAuthFail notifications.
The default value is 1 (Enabled). A value of 2 represents
Disabled. Writing this object requires authentication, such
as provided by SNMPv3.
"
::= { hpicfUsrAuthSystem 5 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.6
hpicfUsrAuthCLIInterface OBJECT-TYPE
SYNTAX INTEGER
{
serial(1),
telnet(2),
ssh(3),
sshPublicKey(4),
webui(5),
portAccess(6),
other(9)
}
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The physical interface, network protocol, or other
authentication type that is associated with this
notification."
::= { hpicfUsrAuthSystem 6 }
--
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.7
hpicfUsrAuthCLIPasswdSet OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"Indicates whether the CLI manager password
is set. 1 indicates True while 2
indicates False.
"
::= { hpicfUsrAuthSystem 7 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.8
hpicfUsrAuthCLIFailCnt OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The count of hpicfUsrAuthPasswdFail notifications sent by the hpicfUsrAuth
entity to the SNMP entity. The actual count of notifications sent by SNMP
may be lower due to rate limiting or configuration."
::= { hpicfUsrAuthSystem 8 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.9
hpicfUsrAuthCLIPwdNotifyCnt OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"A count of CLI password change notifications
sent from the Auth entity to the SNMP entity
within the switch. This count may therefore differ from
the count of notifications actually sent by the SNMP
entity due to switch configuration (e.g., the value
of hpicfUsrAuthNotifyEnable.)"
::= { hpicfUsrAuthSystem 9 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.10
hpicfUsrAuthWMAFailCnt OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The count of hpicfPortSecAuthFailure notifications sent by the hpicfUsrAuth
entity to the SNMP entity. The actual count of notifications sent by SNMP
may be lower due to rate limiting or configuration."
::= { hpicfUsrAuthSystem 10 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.11
hpicfUsrAuthWMAFailMAC OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The MAC address supplied in the failed authentication request."
::= { hpicfUsrAuthSystem 11 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.12
hpicfUsrAuthWMAFailPort OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The port index of the failed authentication request."
::= { hpicfUsrAuthSystem 12 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.13
hpicfUsrAuthWMAFailVlan OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The VLAN ID associated with the failed authentication request."
::= { hpicfUsrAuthSystem 13 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.14
hpicfUsrAuthPortSecNotifyEnable OBJECT-TYPE
SYNTAX INTEGER
{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Provides operational control of hpicfPortSecAuthFailure
notification. When enabled (1), the notification will
be sent. When disabled (2), the notification will not
be sent. Setting this object requires authentication,
such as provided by SNMPv3.
"
::= { hpicfUsrAuthSystem 14 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.15
hpicfUsrAuthPasswdNotifyEnable OBJECT-TYPE
SYNTAX INTEGER
{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Provides operational control of hpicfUsrAuthPasswdChng notification.
When enabled (1), the notification will be sent.
When disabled (2), the notification will not be sent.
Setting this object requires authentication, such
as provided by SNMPv3."
::= { hpicfUsrAuthSystem 15 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.16
--
-- EWA Server Table
--
hpicfUsrAuthWMAEWAServerTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpicfUsrAuthWMAEWAServerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of the Enhanced Web Auth servers."
::= { hpicfUsrAuthSystem 16 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.16.1
hpicfUsrAuthWMAEWAServerEntry OBJECT-TYPE
SYNTAX HpicfUsrAuthWMAEWAServerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Addresses for an Enhanced Web Auth server."
INDEX { hpicfUsrAuthWMAeWAServerIndex }
::= { hpicfUsrAuthWMAEWAServerTable 1 }
HpicfUsrAuthWMAEWAServerEntry ::= SEQUENCE {
hpicfUsrAuthWMAeWAServerIndex Integer32,
hpicfUsrAuthWMAeWAServerIPAddressType InetAddressType,
hpicfUsrAuthWMAeWAServerIPAddress InetAddress,
hpicfUsrAuthWMAeWAServerPath OCTET STRING,
hpicfUsrAUthWMAeWAServerRowStatus RowStatus
}
hpicfUsrAuthWMAeWAServerIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Index into hpicfUsrAuthWMAEWAServerTable."
::= { hpicfUsrAuthWMAEWAServerEntry 1 }
hpicfUsrAuthWMAeWAServerIPAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The type of Enhanced Web Auth Server Address."
DEFVAL { unknown }
::= { hpicfUsrAuthWMAEWAServerEntry 2 }
hpicfUsrAuthWMAeWAServerIPAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The IP address of the Enhanced Web Auth Server.
If set to 0.0.0.0 or URL not configured
no Enhanced Web Auth Server will run."
::= { hpicfUsrAuthWMAEWAServerEntry 3 }
hpicfUsrAuthWMAeWAServerPath OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Enhanced Web Auth Server Path for the location
of the Enhanced Web Auth Pages. If not configured
the default path will be used."
::= { hpicfUsrAuthWMAEWAServerEntry 4 }
hpicfUsrAUthWMAeWAServerRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This marks the row as active/inactive."
::= { hpicfUsrAuthWMAEWAServerEntry 5 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.17
--
-- WMA Redirect Server Table
--
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.17
hpicfUsrAuthRedirectServerTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpicfUsrAuthRedirectServerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of the authentication Redirect Servers."
::= { hpicfUsrAuthSystem 17 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.17.X
hpicfUsrAuthRedirectServerEntry OBJECT-TYPE
SYNTAX HpicfUsrAuthRedirectServerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Attributes of an authentication Redirect Server."
INDEX { hpicfUsrAuthRedirectServerIndex }
::= { hpicfUsrAuthRedirectServerTable 1 }
HpicfUsrAuthRedirectServerEntry ::= SEQUENCE {
hpicfUsrAuthRedirectServerIndex Integer32,
hpicfUsrAuthRedirectServerURL OCTET STRING,
hpicfUsrAuthRedirectServerRowStatus RowStatus
}
hpicfUsrAuthRedirectServerIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Index into hpicfUsrAuthRedirectServerTable."
::= { hpicfUsrAuthRedirectServerEntry 1 }
hpicfUsrAuthRedirectServerURL OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object represents the authentication
Redirect Server's complete URL for the location
of the redirect server login or warning page. This
value must begin with 'http://' or 'https://' and
should include the DNS name, TCP port of the server
if not 80 or SSL's 443, and the page path, if necessary."
::= { hpicfUsrAuthRedirectServerEntry 2 }
hpicfUsrAuthRedirectServerRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the status of this entry.
Must NOT be active in order to modify some other
column of this config entry."
::= { hpicfUsrAuthRedirectServerEntry 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.18
hpicfUsrAuthRedirectServerRestrictiveFilter OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"If enabled, only the configured initial
web page will be returned for all client requests. The enabled state would
generally be used to simply display an informative warning
message to failed macAuth clients. If disabled, all
client/redirect-server http traffic will be permitted."
DEFVAL { disabled }
::= { hpicfUsrAuthSystem 18 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.19
hpicfUsrAuthRedirectServerClientTimeout OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The time (in seconds) that a client will be left in the
unauthorized authentication redirection state before
being removed from the state tables, temporarily
suspending further client/redirect-server http
traffic. After state table removal, client is
free to initiate authentication."
DEFVAL { 180 }
::= { hpicfUsrAuthSystem 19 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.20
hpicfUsrAuthRedirectServerAuthFailureStats OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The total number of times clients fail authentication
and initiate the authentication Redirect Server process
since reboot. A single client can be counted multiple
times."
::= { hpicfUsrAuthSystem 20 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.21
hpicfUsrAuthCacheCredTimeOut OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the time in seconds, that the
switch should remove the credentials.
Reauthentication should take place with in
small amount of time."
DEFVAL { 600 }
::= { hpicfUsrAuthSystem 21 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.22
hpicfUsrAuthClientReauthenticateTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpicfUsrAuthClientReauthenticateEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table containing configuration/control variables
indexed by port and client MAC."
::= { hpicfUsrAuthSystem 22 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.22.1
hpicfUsrAuthClientReauthenticateEntry OBJECT-TYPE
SYNTAX HpicfUsrAuthClientReauthenticateEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table entry provides the means by which a
client on an authentication interface can be forced to
reauthenticate."
INDEX { hpicfUsrAuthClientReauthenticateInterfaceIndex,
hpicfUsrAuthClientReauthenticateMacAddress}
::= { hpicfUsrAuthClientReauthenticateTable 1 }
HpicfUsrAuthClientReauthenticateEntry ::= SEQUENCE {
hpicfUsrAuthClientReauthenticateInterfaceIndex
InterfaceIndex,
hpicfUsrAuthClientReauthenticateMacAddress
MacAddress,
hpicfUsrAuthClientReauthenticate
TruthValue
}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.22.1.1
hpicfUsrAuthClientReauthenticateInterfaceIndex OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Index of client interfaces."
::= { hpicfUsrAuthClientReauthenticateEntry 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.22.1.2
hpicfUsrAuthClientReauthenticateMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Specifies the MAC address of the client."
::= { hpicfUsrAuthClientReauthenticateEntry 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.22.1.3
hpicfUsrAuthClientReauthenticate OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The reauthentication control for this client on this
authentication interface. Setting this attribute TRUE
forces this authenticated client to
reauthenticate. That is, the client is deauthenticated
and must transmit traffic in order to trigger
reauthentication. Setting this attribute FALSE has no
effect."
::= { hpicfUsrAuthClientReauthenticateEntry 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.23
hpicfUsrAuthMacAuthPassword OBJECT-TYPE
SYNTAX OCTET STRING
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents the secret password value used by all
MAC auth clients. The default value of password is NULL. The
password if set(non NULL) will be used instead of MAC address
while constructing Radius request packet. The current maximum
length of password is 16."
::= { hpicfUsrAuthSystem 23 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.24
hpicfUsrAuthWebAuthAccessDeniedMode OBJECT-TYPE
SYNTAX INTEGER {
disabled (1),
custom (2),
radius (3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the access denied mode that applies to the
custom message embedded into the login failure page.
The values:
disabled (1) - the feature is disabled.
custom (2) - use the string configured by
administrator via CLI or SNMP.
radius (3) - use the string in the 'reply-message'
attribute of the received RADIUS response message."
DEFVAL {1}
::= { hpicfUsrAuthSystem 24}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.25
hpicfUsrAuthWebAuthAccessDeniedMessage OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (1..1024))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Text of the access denied message that will be embedded
into the custom web auth login failure page. This message
will only be used when the access denied mode is set to
'custom'. It can take up to 250 characters"
::= { hpicfUsrAuthSystem 25}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.26
hpicfUsrAuthMacAuthUsrNumberCnt OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object specifies the total number of authenticated clients
currently present in the switch. This does not include the
clients which are under process of authentication."
::= { hpicfUsrAuthSystem 26}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.27
hpicfUsrAuthLastLoginNotifyStatus OBJECT-TYPE
SYNTAX INTEGER { unknown(0),
successful(1),
failed(2),
failedLockOut(3),
lockedOut(4),
tableFull(5) }
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION "The status of the failed login attempt.
successful(1) is not currently used. failed(2)
indicates a regular failure that did not cause
user lockout. failedLockOut(3) indicates a failure
that caused user lockout. lockedOut(4) indicates
that the user was locked out before the attempt was
made. tableFull(5) indicates lockout due to a full
lockout table, likely an indication of a serious
attack."
::= { hpicfUsrAuthSystem 27 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.28
hpicfUsrAuthLastLoginNotifyAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION "The type of IP address from which the user's most
recent login attempt occurred. Unknown(0) indicates
the console."
::= { hpicfUsrAuthSystem 28 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.29
hpicfUsrAuthLastLoginNotifyAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION "The IP address from which the user's most recent
login attempt occurred."
::= { hpicfUsrAuthSystem 29 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.30
hpicfUsrAuthUseLLDPData OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Enable or disable LLDP data inclusion in client
authentication, which, in addition to using the source
MAC address of incoming packets, also uses client
information in the LLDP payload to authenticate clients."
DEFVAL { false }
::= { hpicfUsrAuthSystem 30 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.31
hpicfUsrAuthMacAuthPasswordEncrypted OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..256))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object represents the encrypted format of password
value stored in the object hpicfUsrAuthMacAuthPassword.
This object may only be read or written when
hpSwitchAuthenticationEncryptCredentialsMethod is set to a
value other than none(0). This object should only be
written with an encrypted key."
::= { hpicfUsrAuthSystem 31 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.1.32
hpicfUsrAuthStationIdFormat OBJECT-TYPE
SYNTAX INTEGER
{
multiDashLowercase(1),
multiDashUppercase(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object represents the format of Calling-Station-Id
and Called-Station-Id in the RADIUS Access-Request.
'multiDashLowercase' - Sends MAC address in aa-bb-cc-dd-ee-ff format
'multiDashUppercase' - Sends MAC address in AA-BB-CC-DD-EE-FF format."
DEFVAL { 1 }
::= { hpicfUsrAuthSystem 32 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.2
hpicfUsrAuthPorts OBJECT IDENTIFIER ::= { hpicfUsrAuthMIB 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.2.1
hpicfUsrAuthPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpicfUsrAuthPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of system level information about Web-
MAC-based authentication for each port in the
switch."
::= { hpicfUsrAuthPorts 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.2.1.1
hpicfUsrAuthPortEntry OBJECT-TYPE
SYNTAX HpicfUsrAuthPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The port number, operational mode and
reauthentication control for each switch port."
INDEX { hpicfUsrAuthPortNumber }
::= { hpicfUsrAuthPortTable 1 }
HpicfUsrAuthPortEntry ::=
SEQUENCE {
hpicfUsrAuthPortNumber
InterfaceIndex,
hpicfUsrAuthWebAuthAdminStatus
TruthValue,
hpicfUsrAuthMacAuthAdminStatus
TruthValue,
hpicfUsrAuthPortReauthenticate
TruthValue,
hpicfUsrAuthLMAAdminStatus
TruthValue,
hpicfUsrAuthLLDPBypassAdminStatus
TruthValue
}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.2.1.1.1
hpicfUsrAuthPortNumber OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The port number associated with this switch port."
::= { hpicfUsrAuthPortEntry 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.2.1.1.2
hpicfUsrAuthWebAuthAdminStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this attribute TRUE enables web-based
authentication services. A value of FALSE
disabled web-based authentication. This attribute
cannot be set TRUE concurrently with
hpicfUsrAuthMacAuthAdminStatus."
::= { hpicfUsrAuthPortEntry 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.2.1.1.3
hpicfUsrAuthMacAuthAdminStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this attribute TRUE enables MAC-based
authentication services. A value of FALSE
disabled MAC-based authentication. This attribute
cannot be set TRUE concurrently with
hpicfUsrAuthWebAuthAdminStatus."
::= { hpicfUsrAuthPortEntry 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.2.1.1.4
hpicfUsrAuthPortReauthenticate OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The reauthentication control for this port. Setting this
attribute TRUE forces all authenticated clients to
reauthenticate themselves. Setting this attribute FALSE
has no effect. This attribute always returns FALSE
when read."
::= { hpicfUsrAuthPortEntry 4 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.2.1.1.5
hpicfUsrAuthLMAAdminStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this attribute TRUE enables Local MAC-based
authentication services. A value of FALSE
disabled MAC-based authentication. This attribute
cannot be set TRUE concurrently with
hpicfUsrAuthWebAuthAdminStatus."
::= { hpicfUsrAuthPortEntry 5 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.2.1.1.6
hpicfUsrAuthLLDPBypassAdminStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this attribute as TRUE enables lldp-bypass
authentication. A value of FALSE disables lldp-bypass
authentication. This attribute cannot be set to
TRUE concurrently with MAC lockdown, MACsec, Trunk,
Distributed Trunking and mesh port features. The
lldp-bypass feature is limited only for Aruba-APs
that send special LLDP TLVs."
DEFVAL { false }
::= { hpicfUsrAuthPortEntry 6 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.2.1.2
hpicfUsrAuthOrderPortEntry OBJECT-TYPE
SYNTAX HpicfUsrAuthOrderPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The port number, authentication order control for each switch port."
INDEX { hpicfUsrAuthPortNumber }
::= { hpicfUsrAuthPortTable 2 }
HpicfUsrAuthOrderPortEntry ::=
SEQUENCE {
hpicfUsrAuthPortNumber
InterfaceIndex,
hpicfUsrAuthOrderFirst INTEGER,
hpicfUsrAuthOrderSecond INTEGER,
hpicfUsrAuthOrderLmaFallback TruthValue,
hpicfUsrAuthPriorityFirst INTEGER,
hpicfUsrAuthPrioritySecond INTEGER
}
hpicfUsrAuthOrderFirst OBJECT-TYPE
SYNTAX INTEGER { none(0), authenticator(1), mac-auth(2) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object specifies the first Authentication method to be used for the port."
DEFVAL { none }
::= { hpicfUsrAuthOrderPortEntry 1 }
hpicfUsrAuthOrderSecond OBJECT-TYPE
SYNTAX INTEGER { none(0), authenticator(1), mac-auth(2) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object specifies the second Authentication method to be used for the port."
DEFVAL { none }
::= { hpicfUsrAuthOrderPortEntry 2 }
hpicfUsrAuthOrderLmaFallback OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object specifies if Authentication order fallback is enabled for the port."
DEFVAL { false }
::= { hpicfUsrAuthOrderPortEntry 3 }
hpicfUsrAuthPriorityFirst OBJECT-TYPE
SYNTAX INTEGER { none(0), authenticator(1), mac-auth(2) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object specifies the first priority of Authentication method for the port."
DEFVAL { none }
::= { hpicfUsrAuthOrderPortEntry 4 }
hpicfUsrAuthPrioritySecond OBJECT-TYPE
SYNTAX INTEGER { none(0), authenticator(1), mac-auth(2) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object specifies the second priority of Authentication method for the port."
DEFVAL { none }
::= { hpicfUsrAuthOrderPortEntry 5 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.2.2
hpicfUsrAuthBypassPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpicfUsrAuthBypassPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of system level information about CDP and LLDP
bypass authentication for each port in the switch."
::= { hpicfUsrAuthPorts 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.2.2.1
hpicfUsrAuthBypassPortEntry OBJECT-TYPE
SYNTAX HpicfUsrAuthBypassPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The entry for system level information about CDP and LLDP
bypass authentication for each port in the switch."
INDEX { hpicfUsrAuthPortNumber }
::= { hpicfUsrAuthBypassPortTable 1 }
HpicfUsrAuthBypassPortEntry ::=
SEQUENCE {
hpicfUsrAuthBypassAdminStatus
TruthValue,
hpicfUsrAuthDeviceIdentityName
OCTET STRING
}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.2.2.1.1
hpicfUsrAuthBypassAdminStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this attribute as TRUE enables bypass
authentication. A value of FALSE disables bypass
authentication. This attribute is set only with
hpicfUsrAuthDeviceIdentityName."
DEFVAL { false }
::= { hpicfUsrAuthBypassPortEntry 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.2.2.1.2
hpicfUsrAuthDeviceIdentityName OBJECT-TYPE
SYNTAX OCTET STRING ( SIZE (1..20))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents the device identity name
to enable bypass authentication."
::= { hpicfUsrAuthBypassPortEntry 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3
hpicfUsrAuthWebAuthConfig OBJECT IDENTIFIER ::= { hpicfUsrAuthMIB 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1
hpicfUsrAuthWebAuthConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpicfUsrAuthWebAuthConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains the configuration objects for
Web-based Authentication associated with each port. An entry
appears in this table for each port that may authenticate
access to itself."
::= { hpicfUsrAuthWebAuthConfig 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1
hpicfUsrAuthWebAuthConfigEntry OBJECT-TYPE
SYNTAX HpicfUsrAuthWebAuthConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The configuration information for Web-based authentication."
INDEX { hpicfUsrAuthPortNumber }
::= { hpicfUsrAuthWebAuthConfigTable 1 }
HpicfUsrAuthWebAuthConfigEntry ::=
SEQUENCE {
hpicfUsrAuthWebAuthClientLimit
Integer32,
hpicfUsrAuthWebAuthClientMoves
INTEGER,
hpicfUsrAuthWebAuthSSLState
INTEGER,
hpicfUsrAuthWebAuthRedirectUrl
OCTET STRING,
hpicfUsrAuthWebAuthQuietPeriod
Integer32,
hpicfUsrAuthWebAuthServerTimeout
Integer32,
hpicfUsrAuthWebAuthServerMaxReq
Integer32,
hpicfUsrAuthWebAuthMaxRetries
Integer32,
hpicfUsrAuthWebAuthLogoffPeriod
Integer32,
hpicfUsrAuthWebAuthReAuthPeriod
Integer32,
hpicfUsrAuthWebAuthAuthVid
VlanIndex,
hpicfUsrAuthWebAuthUnauthVid
VlanIndex,
hpicfUsrAuthWebAuthCacheCredentials
INTEGER,
hpicfUsrAuthWebAuthCachedReauthPeriod
Unsigned32
}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.1
hpicfUsrAuthWebAuthClientLimit OBJECT-TYPE
SYNTAX Integer32 (1..256)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The maximum number of authenticated clients to allow on
the port."
DEFVAL { 1 }
::= { hpicfUsrAuthWebAuthConfigEntry 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.2
hpicfUsrAuthWebAuthClientMoves OBJECT-TYPE
SYNTAX INTEGER
{
disabled(1),
enabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies whether client may roam across ports under
web authentication control. Setting this attribute
'enabled'allows authenticated clients to roam to other
ports under web authentication control (that also have
this attribute set to 'enabled') without requiring a
reauthentication.
Setting this attribute 'disabled' disallows authenticated
clients from roaming to other ports (regardless of that
port's attribute value). The client has to reauthenticate,
if it attempts to roam."
DEFVAL { 1 }
::= { hpicfUsrAuthWebAuthConfigEntry 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.3
hpicfUsrAuthWebAuthSSLState OBJECT-TYPE
SYNTAX INTEGER
{
disabled(1),
enabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies whether web-based authentication should use an
SSL connection (i.e. https://) to switch to collect client
credentials.
Note: A valid certificate must be configured on switch
before SSL connections are enabled."
DEFVAL { 1 }
::= { hpicfUsrAuthWebAuthConfigEntry 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.4
hpicfUsrAuthWebAuthRedirectUrl OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (0..127))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the URL, to which an authenticated client should
be redirected, after successful authentication."
::= { hpicfUsrAuthWebAuthConfigEntry 4 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.5
hpicfUsrAuthWebAuthQuietPeriod OBJECT-TYPE
SYNTAX Integer32 (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the time, in seconds, that the switch should
refrain from reattempting an authentication request for
a client whose credentials were rejected."
DEFVAL { 60 }
::= { hpicfUsrAuthWebAuthConfigEntry 5 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.6
hpicfUsrAuthWebAuthServerTimeout OBJECT-TYPE
SYNTAX Integer32 (1..300)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the time, in seconds, that the switch should
wait for an authentication reply to return before
considering it as timed out."
DEFVAL { 30 }
::= { hpicfUsrAuthWebAuthConfigEntry 6 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.7
hpicfUsrAuthWebAuthServerMaxReq OBJECT-TYPE
SYNTAX Integer32 (1..10)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the number of authentication requests that
must time out before failing authentication."
DEFVAL { 3 }
::= { hpicfUsrAuthWebAuthConfigEntry 7 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.8
hpicfUsrAuthWebAuthMaxRetries OBJECT-TYPE
SYNTAX Integer32 (1..10)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the number of authentication requests that
must fail (i.e. invalid credentials) before failing
authentication."
DEFVAL { 3 }
::= { hpicfUsrAuthWebAuthConfigEntry 8 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.9
hpicfUsrAuthWebAuthLogoffPeriod OBJECT-TYPE
SYNTAX Integer32 (1..999999999)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the period, in seconds, at which an
authenticated client will be considered unauthenticated
for a lack of activity (i.e. traffic originating
from client)."
DEFVAL { 300 }
::= { hpicfUsrAuthWebAuthConfigEntry 9 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.10
hpicfUsrAuthWebAuthReAuthPeriod OBJECT-TYPE
SYNTAX Integer32 (0..999999999)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the period, in seconds, at which an
authenticated client must reauthenticate. A value of
0 signifies that an authenticated client will never have
to reauthenticate. When hpSwitchAutzUserRoleEnabled is
true, this value will be superseded by the value of
hpSwitchAutzUserRoleReauthPeriod from the
client's assigned role."
DEFVAL { 0 }
::= { hpicfUsrAuthWebAuthConfigEntry 10 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.11
hpicfUsrAuthWebAuthAuthVid OBJECT-TYPE
SYNTAX VlanIndex
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the port VID (PVID) that should be used for
an authenticated client. When hpSwitchAutzUserRoleEnabled is
true, this value may be superseded by the value of
hpSwitchAutzUserRoleVlanId or hpSwitchAutzUserRoleVlanName from
the client's assigned role."
::= { hpicfUsrAuthWebAuthConfigEntry 11 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.12
hpicfUsrAuthWebAuthUnauthVid OBJECT-TYPE
SYNTAX VlanIndex
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the port VID (PVID) that should be used for
an unauthenticated client. When hpSwitchAutzUserRoleEnabled is
true, this value may be superseded by the value of
hpSwitchAutzUserRoleVlanId or hpSwitchAutzUserRoleVlanName from
the role identified by hpSwitchAutzUserRoleInitialRoleName."
::= { hpicfUsrAuthWebAuthConfigEntry 12 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.13
hpicfUsrAuthWebAuthCacheCredentials OBJECT-TYPE
SYNTAX INTEGER
{
disabled(1),
enabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies whether to cache client credentials or not.
Setting this variable 'enabled' allows to cache
authenticated clients credentials.
Setting this variable 'disabled' disallows to cache
authenticated clients credentials."
DEFVAL { 1 }
::= { hpicfUsrAuthWebAuthConfigEntry 13 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.14
hpicfUsrAuthWebAuthCachedReauthPeriod OBJECT-TYPE
SYNTAX Unsigned32 (0..2147483647)
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The value indicates the period in seconds, during which
cached reauthentication is allowed on the port. If value is
zero then the period of cached reauthentication is unlimited."
DEFVAL { 0 }
::= { hpicfUsrAuthWebAuthConfigEntry 14 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.2
hpicfUsrAuthWebAuthClientReauthenticateTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpicfUsrAuthWebAuthClientReauthenticateEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table containing WebAuth configuration/control variables
indexed by port and client MAC."
::= { hpicfUsrAuthWebAuthConfig 2 }
hpicfUsrAuthWebAuthClientReauthenticateEntry OBJECT-TYPE
SYNTAX HpicfUsrAuthWebAuthClientReauthenticateEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table entry provides the means by which a WebAuth
client on an authentication interface can be forced to
reauthenticate."
INDEX { hpicfUsrAuthWebAuthClientReauthenticateInterfaceIndex,
hpicfUsrAuthWebAuthClientReauthenticateMacAddress}
::= { hpicfUsrAuthWebAuthClientReauthenticateTable 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.2.1
HpicfUsrAuthWebAuthClientReauthenticateEntry ::= SEQUENCE {
hpicfUsrAuthWebAuthClientReauthenticateInterfaceIndex
InterfaceIndex,
hpicfUsrAuthWebAuthClientReauthenticateMacAddress
MacAddress,
hpicfUsrAuthWebAuthClientReauthenticate
TruthValue
}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.2.1.1
hpicfUsrAuthWebAuthClientReauthenticateInterfaceIndex OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Index of WebAuth client interfaces."
::= { hpicfUsrAuthWebAuthClientReauthenticateEntry 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.2.1.2
hpicfUsrAuthWebAuthClientReauthenticateMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Specifies the MAC address of the client."
::= { hpicfUsrAuthWebAuthClientReauthenticateEntry 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.3.2.1.3
hpicfUsrAuthWebAuthClientReauthenticate OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The reauthentication control for this client on this
authentication interface. Setting this attribute TRUE
forces this authenticated WebAuth client to
reauthenticate. That is, the client is deauthenticated
and must transmit traffic in order to trigger
reauthentication. Setting this attribute FALSE has no
effect."
::= { hpicfUsrAuthWebAuthClientReauthenticateEntry 3 }
--
--
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4
hpicfUsrAuthMacAuthConfig OBJECT IDENTIFIER ::= { hpicfUsrAuthMIB 4 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1
hpicfUsrAuthMacAuthConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpicfUsrAuthMacAuthConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains the configuration objects for
Mac-based Authentication associated with each port. An entry
appears in this table for each port that may authenticate
access to itself."
::= { hpicfUsrAuthMacAuthConfig 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1
hpicfUsrAuthMacAuthConfigEntry OBJECT-TYPE
SYNTAX HpicfUsrAuthMacAuthConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The configuration information for Mac-based authentication."
INDEX { hpicfUsrAuthPortNumber }
::= { hpicfUsrAuthMacAuthConfigTable 1 }
HpicfUsrAuthMacAuthConfigEntry ::=
SEQUENCE {
hpicfUsrAuthMacAuthClientLimit
Integer32,
hpicfUsrAuthMacAuthClientMoves
INTEGER,
hpicfUsrAuthMacAuthQuietPeriod
Integer32,
hpicfUsrAuthMacAuthServerTimeout
Integer32,
hpicfUsrAuthMacAuthServerMaxReq
Integer32,
hpicfUsrAuthMacAuthLogoffPeriod
Integer32,
hpicfUsrAuthMacAuthReAuthPeriod
Integer32,
hpicfUsrAuthMacAuthAuthVid
VlanIndex,
hpicfUsrAuthMacAuthUnauthVid
VlanIndex,
hpicfUsrAuthMacAuthCachedReauthPeriod
Unsigned32,
hpicfUsrAuthMacAuthUnAuthPeriod
Integer32,
hpicfUsrAuthMacAuthMode
INTEGER,
hpicfUsrAuthMacPin
TruthValue,
hpicfMacAuthRetainUnauthClients
TruthValue,
hpicfMacAuthRadiusServer
OCTET STRING,
hpicfUsrAuthMacAuthUnauthVidLLDPNwkPolicy
TruthValue
}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.1
hpicfUsrAuthMacAuthClientLimit OBJECT-TYPE
SYNTAX Integer32 (1..256)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The maximum number of authenticated clients to allow on
the port."
DEFVAL { 1 }
::= { hpicfUsrAuthMacAuthConfigEntry 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.2
hpicfUsrAuthMacAuthClientMoves OBJECT-TYPE
SYNTAX INTEGER
{
disabled(1),
enabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies whether client may roam across ports under
web authentication control. Setting this attribute
'enabled'allows authenticated clients to roam to other
ports under web authentication control (that also have
this attribute set to 'enabled') without requiring a
reauthentication.
Setting this attribute 'disabled' disallows authenticated
clients from roaming to other ports (regardless of that
port's attribute value). The client has to reauthenticate,
if it attempts to roam."
DEFVAL { 1 }
::= { hpicfUsrAuthMacAuthConfigEntry 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.3
hpicfUsrAuthMacAuthQuietPeriod OBJECT-TYPE
SYNTAX Integer32 (1..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the time, in seconds, that the switch should
refrain from reattempting an authentication request for
a client whose credentials were rejected."
DEFVAL { 60 }
::= { hpicfUsrAuthMacAuthConfigEntry 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.4
hpicfUsrAuthMacAuthServerTimeout OBJECT-TYPE
SYNTAX Integer32 (1..300)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the time, in seconds, that the switch should
wait for an authentication reply to return before
considering it as timed out."
DEFVAL { 30 }
::= { hpicfUsrAuthMacAuthConfigEntry 4 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.5
hpicfUsrAuthMacAuthServerMaxReq OBJECT-TYPE
SYNTAX Integer32 (1..10)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the number of authentication requests that
must time out before failing authentication."
DEFVAL { 3 }
::= { hpicfUsrAuthMacAuthConfigEntry 5 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.6
hpicfUsrAuthMacAuthLogoffPeriod OBJECT-TYPE
SYNTAX Integer32 (1..999999999)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the period, in seconds, at which an
authenticated client will be considered unauthenticated
for a lack of activity (i.e. traffic originating
from client)."
DEFVAL { 300 }
::= { hpicfUsrAuthMacAuthConfigEntry 6 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.7
hpicfUsrAuthMacAuthReAuthPeriod OBJECT-TYPE
SYNTAX Integer32 (0..999999999)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the period, in seconds, at which an
authenticated client must reauthenticate. A value of
0 signifies that an authenticated client will never have
to reauthenticate. When hpSwitchAutzUserRoleEnabled is
true, this value will be superseded by the value of
hpSwitchAutzUserRoleReauthPeriod from the client's
assigned role."
DEFVAL { 0 }
::= { hpicfUsrAuthMacAuthConfigEntry 7 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.8
hpicfUsrAuthMacAuthAuthVid OBJECT-TYPE
SYNTAX VlanIndex
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the port VID (PVID) that should be used for
an authenticated client. When hpSwitchAutzUserRoleEnabled is
true, this value may be superseded by the value of
hpSwitchAutzUserRoleVlanId or hpSwitchAutzUserRoleVlanName from
the client's assigned role."
::= { hpicfUsrAuthMacAuthConfigEntry 8 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.9
hpicfUsrAuthMacAuthUnauthVid OBJECT-TYPE
SYNTAX VlanIndex
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the port VID (PVID) that should be used for
an unauthenticated client. When hpSwitchAutzUserRoleEnabled is
true, this value may be superseded by the value of
hpSwitchAutzUserRoleVlanId or hpSwitchAutzUserRoleVlanName from
the role identified by hpSwitchAutzUserRoleInitialRoleName."
::= { hpicfUsrAuthMacAuthConfigEntry 9 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.10
hpicfUsrAuthMacAuthCachedReauthPeriod OBJECT-TYPE
SYNTAX Unsigned32 (0..2147483647)
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The value indicates the period in seconds, during which
cached reauthentication is allowed on the port. If value
is zero then the period of cached reauthentication is
unlimited."
DEFVAL { 0 }
::= { hpicfUsrAuthMacAuthConfigEntry 10 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.11
hpicfUsrAuthMacAuthUnAuthPeriod OBJECT-TYPE
SYNTAX Integer32 (0..65535)
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the period, in seconds, at which an
authenticated client must reauthenticate. A value of
0 signifies that an authenticated client will never have
to reauthenticate."
DEFVAL { 0 }
::= { hpicfUsrAuthMacAuthConfigEntry 11 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.12
hpicfUsrAuthMacAuthMode OBJECT-TYPE
SYNTAX INTEGER
{
userBased(1),
portBased(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object provides information about the authentication mode
of a specific port performing MAC authentication. In 'userBased'
mode, the port performing MAC authentication will authenticate
every client coming in the port; the port will change into
'portBased' mode when a client is authenticated on the port and
is authorized to open its connecting switch port to all other
clients (i.e., its client account on the RADIUS server is
configured with VSA 'HP-Port-Auth-Mode-MA').
A port in portBased MAC authentication mode will grant access for
any client coming in the port."
::= { hpicfUsrAuthMacAuthConfigEntry 12 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.13
hpicfUsrAuthMacPin OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Enables MAC-Pinning on this port. Setting this
attribute TRUE pins the authenticated MAC
addresses to the Mac address table.
Authenticated clients will not be
de-authenticated even when clients are inactive
throughout the logoff period."
DEFVAL { 2 }
::= { hpicfUsrAuthMacAuthConfigEntry 13 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.14
hpicfMacAuthRetainUnauthClients OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Setting this attribute TRUE(1) allows access to Mac-based
unauthorized clients by placing the port in unauthorized VLAN
during reauthentication."
DEFVAL { false }
::= { hpicfUsrAuthMacAuthConfigEntry 14 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.15
hpicfMacAuthRadiusServer OBJECT-TYPE
SYNTAX OCTET STRING ( SIZE (0..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This holds the configuration of per port RADIUS server
group for MAC based authentication."
::= { hpicfUsrAuthMacAuthConfigEntry 15 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.16
hpicfUsrAuthMacAuthUnauthVidLLDPNwkPolicy OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Setting this attribute TRUE(1) will suppress
the transmission of LLDP Network Policy TLV
from port when an unauthorized client is placed
in unauth VLAN during MAC authentication."
DEFVAL { false }
::= { hpicfUsrAuthMacAuthConfigEntry 16 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.2
hpicfUsrAuthMacAuthClientReauthenticateTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpicfUsrAuthMacAuthClientReauthenticateEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table containing macAuth configuration/control variables
indexed by port and client MAC."
::= { hpicfUsrAuthMacAuthConfig 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.2.1
hpicfUsrAuthMacAuthClientReauthenticateEntry OBJECT-TYPE
SYNTAX HpicfUsrAuthMacAuthClientReauthenticateEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The table entry provides the means by which a macAuth
client on an authentication interface can be forced to
reauthenticate."
INDEX { hpicfUsrAuthMacAuthClientReauthenticateInterfaceIndex,
hpicfUsrAuthMacAuthClientReauthenticateMacAddress}
::= { hpicfUsrAuthMacAuthClientReauthenticateTable 1 }
HpicfUsrAuthMacAuthClientReauthenticateEntry ::= SEQUENCE {
hpicfUsrAuthMacAuthClientReauthenticateInterfaceIndex
InterfaceIndex,
hpicfUsrAuthMacAuthClientReauthenticateMacAddress
MacAddress,
hpicfUsrAuthMacAuthClientReauthenticate
TruthValue
}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.2.1.1
hpicfUsrAuthMacAuthClientReauthenticateInterfaceIndex OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Index of macAuth client interfaces."
::= { hpicfUsrAuthMacAuthClientReauthenticateEntry 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.2.1.2
hpicfUsrAuthMacAuthClientReauthenticateMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Specifies the MAC address of the client."
::= { hpicfUsrAuthMacAuthClientReauthenticateEntry 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.4.2.1.3
hpicfUsrAuthMacAuthClientReauthenticate OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The reauthentication control for this client on this
authentication interface. Setting this attribute TRUE
forces this authenticated macAuth client to
reauthenticate. That is, the client is deauthenticated
and must transmit traffic in order to trigger
reauthentication. Setting this attribute FALSE has no
effect."
::= { hpicfUsrAuthMacAuthClientReauthenticateEntry 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.5
hpicfUsrAuthWebAuthStats OBJECT IDENTIFIER ::= { hpicfUsrAuthMIB 5 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1
hpicfUsrAuthWebAuthSessionStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpicfUsrAuthWebAuthSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains session statistic objects
for each client (i.e. user) attempting to
authenticate to a port with Web-authentication
enabled. An entry appears in this table for each
port in the switch."
::= { hpicfUsrAuthWebAuthStats 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1
hpicfUsrAuthWebAuthSessionStatsEntry OBJECT-TYPE
SYNTAX HpicfUsrAuthWebAuthSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The session statistics information for a port with
Web-based authentication enabled. This shows
the current values being collected for active sessions."
INDEX { hpicfUsrAuthPortNumber, hpicfUsrAuthWebAuthSessionMacAddr }
::= { hpicfUsrAuthWebAuthSessionStatsTable 1 }
HpicfUsrAuthWebAuthSessionStatsEntry ::=
SEQUENCE {
hpicfUsrAuthWebAuthSessionMacAddr
MacAddress,
hpicfUsrAuthWebAuthSessionName
SnmpAdminString,
hpicfUsrAuthWebAuthSessionState
INTEGER,
hpicfUsrAuthWebAuthSessionStateTime
Unsigned32,
hpicfUsrAuthWebAuthSessionAuthVid
VlanIndex,
hpicfUsrAuthWebAuthSessionUnauthVid
VlanIndex,
hpicfUsrAuthWebAuthSessionTimeout
Unsigned32,
hpicfUsrAuthWebAuthSessionRole
HpAutzUserRoleName
}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1.1
hpicfUsrAuthWebAuthSessionMacAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies the MAC address of the client."
::= { hpicfUsrAuthWebAuthSessionStatsEntry 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1.2
hpicfUsrAuthWebAuthSessionName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies the username of the client."
::= { hpicfUsrAuthWebAuthSessionStatsEntry 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1.3
hpicfUsrAuthWebAuthSessionState OBJECT-TYPE
SYNTAX INTEGER
{
authenticated(1),
unauthenticated(2),
authenticating(3),
authReqRejectNoVlan(4),
authReqRejectUnauthVlan(5),
authReqTimeoutNoVlan(6),
authReqTimeoutUnauthVlan(7),
initialRole(8),
initialRoleFailed(9),
criticalAuth(10),
openAuth(11)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies the state of the client as follows:
'authenticated' - authenticated client
'unauthenticated' - unauthenticated client,
waiting for credentials
'authenticating' - credentials have been sent
for verification, waiting for
response
'authReqRejectNoVlan' - credentials invalid; client
does not have access to
unauthenticated VLAN
'authReqRejectUnauthVlan' - credentials invalid; client
does have access to
unauthenticated VLAN
'authReqTimeoutNoVlan' - credentials could not be
verified; client is still
unauthenticated and does
not have access to
unauthenticated VLAN
'authReqTimeoutUnauthVlan' - credentials could not be
verified; client is still
unauthenticated, but has
access to unauthenticated
VLAN
'initialRole' - client is assigned the initial role
'initialRoleFailed' - initial role could not be applied; client
does not have access to the network
'criticalAuth - client is authenticated on critical VLAN
'openAUth - client is authenticated on open auth VLAN"
::= { hpicfUsrAuthWebAuthSessionStatsEntry 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1.4
hpicfUsrAuthWebAuthSessionStateTime OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The duration, in seconds, a client has spent in the
state specified by hpicfUsrAuthSessionState."
::= { hpicfUsrAuthWebAuthSessionStatsEntry 4 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1.5
hpicfUsrAuthWebAuthSessionAuthVid OBJECT-TYPE
SYNTAX VlanIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies the PVID that the authenticated client is
utilizing. If client is unauthenticated, this object
has no meaning."
::= { hpicfUsrAuthWebAuthSessionStatsEntry 5 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1.6
hpicfUsrAuthWebAuthSessionUnauthVid OBJECT-TYPE
SYNTAX VlanIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies the PVID that the unauthenticated client is
utilizing. If client is authenticated, this object
has no meaning."
::= { hpicfUsrAuthWebAuthSessionStatsEntry 6 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1.7
hpicfUsrAuthWebAuthSessionTimeout OBJECT-TYPE
SYNTAX Unsigned32 (0..4294967295)
UNITS "seconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies the RADIUS Server set session timeout for
reauthentication of the user. When ST = 0, user gets
reauthenticated at reauth-period secs, ST < 60 it is
set to 60 secs and then user is reauthenticated, ST > 60
user is reauthenticated at ST secs."
DEFVAL { 0 }
::= { hpicfUsrAuthWebAuthSessionStatsEntry 7 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1.8
hpicfUsrAuthWebAuthSessionRole OBJECT-TYPE
SYNTAX HpAutzUserRoleName
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"When hpSwitchAutzUserRoleEnabled is true, specifies the user
role of the client."
::= { hpicfUsrAuthWebAuthSessionStatsEntry 8 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.6
hpicfUsrAuthMacAuthStats OBJECT IDENTIFIER ::= { hpicfUsrAuthMIB 6 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1
hpicfUsrAuthMacAuthSessionStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpicfUsrAuthMacAuthSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains session statistic objects
for each client (i.e. user) attempting to
authenticate to a port with MAC-authentication
enabled. An entry appears in this table for each
port in the switch."
::= { hpicfUsrAuthMacAuthStats 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1
hpicfUsrAuthMacAuthSessionStatsEntry OBJECT-TYPE
SYNTAX HpicfUsrAuthMacAuthSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The session statistics information for a port with
Mac-based authentication enabled. This shows
the current values being collected for active sessions."
INDEX { hpicfUsrAuthPortNumber, hpicfUsrAuthMacAuthSessionMacAddr }
::= { hpicfUsrAuthMacAuthSessionStatsTable 1 }
HpicfUsrAuthMacAuthSessionStatsEntry ::=
SEQUENCE {
hpicfUsrAuthMacAuthSessionMacAddr
MacAddress,
hpicfUsrAuthMacAuthSessionState
INTEGER,
hpicfUsrAuthMacAuthSessionStateTime
Unsigned32,
hpicfUsrAuthMacAuthSessionAuthVid
VlanIndex,
hpicfUsrAuthMacAuthSessionUnauthVid
VlanIndex,
hpicfUsrAuthMacAuthSessionTimeout
Unsigned32,
hpicfUsrAuthMacAuthSessionUsrNumberCnt
Counter32,
hpicfUsrAuthMacAuthSessionName
SnmpAdminString,
hpicfUsrAuthMacAuthSessionRole
HpAutzUserRoleName
}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1.1
hpicfUsrAuthMacAuthSessionMacAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies the MAC address of the client."
::= { hpicfUsrAuthMacAuthSessionStatsEntry 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1.2
hpicfUsrAuthMacAuthSessionState OBJECT-TYPE
SYNTAX INTEGER
{
authenticated(1),
unauthenticated(2),
authenticating(3),
authReqRejectNoVlan(4),
authReqRejectUnauthVlan(5),
authReqTimeoutNoVlan(6),
authReqTimeoutUnauthVlan(7),
initialRole(8),
initialRoleFailed(9),
criticalAuth(10),
openAuth(11)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies the state of the client as follows:
'authenticated' - authenticated client
'unauthenticated' - unauthenticated client,
waiting for credentials
'authenticating' - credentials have been sent
for verification, waiting for
response
'authReqRejectNoVlan' - credentials invalid; client
does not have access to
unauthenticated VLAN
'authReqRejectUnauthVlan - credentials invalid; client
does have access to
unauthenticated VLAN
'authReqTimeoutNoVlan' - credentials could not be
verified; client is still
unauthenticated and does
not have access to
unauthenticated VLAN
'authReqTimeoutUnauthVlan' - credentials could not be
verified; client is still
unauthenticated, but has
access to unauthenticated
VLAN
'initialRole' - client is assigned the initial role
'initialRoleFailed' - initial role could not be applied; client
does not have access to the network
'criticalAuth - client is authenticated on critical VLAN
'openAUth - client is authenticated on open auth VLAN"
::= { hpicfUsrAuthMacAuthSessionStatsEntry 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1.3
hpicfUsrAuthMacAuthSessionStateTime OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The duration, in seconds, a client has spent in the
state specified by hpicfUsrAuthSessionState."
::= { hpicfUsrAuthMacAuthSessionStatsEntry 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1.4
hpicfUsrAuthMacAuthSessionAuthVid OBJECT-TYPE
SYNTAX VlanIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies the PVID that the authenticated client is
utilizing. If client is unauthenticated, this object
has no meaning."
::= { hpicfUsrAuthMacAuthSessionStatsEntry 4 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1.5
hpicfUsrAuthMacAuthSessionUnauthVid OBJECT-TYPE
SYNTAX VlanIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies the PVID that the unauthenticated client is
utilizing. If client is authenticated, this object
has no meaning."
::= { hpicfUsrAuthMacAuthSessionStatsEntry 5 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1.6
hpicfUsrAuthMacAuthSessionTimeout OBJECT-TYPE
SYNTAX Unsigned32 (0..4294967295)
UNITS "seconds"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies the RADIUS Server set session timeout for
reauthentication of the user. When ST = 0, user gets
reauthenticated at reauth-period secs, ST < 60 it is
set to 60 secs and then user is reauthenticated, ST > 60
user is reauthenticated at ST secs."
DEFVAL { 0 }
::= { hpicfUsrAuthMacAuthSessionStatsEntry 6 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1.7
hpicfUsrAuthMacAuthSessionUsrNumberCnt OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"This object Specifies the number of authenticated client
currently present on this port. This does not include the
clients which are under process of authentication."
DEFVAL { 0 }
::= { hpicfUsrAuthMacAuthSessionStatsEntry 7 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1.8
hpicfUsrAuthMacAuthSessionName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies the username of the client."
::= { hpicfUsrAuthMacAuthSessionStatsEntry 8 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1.9
hpicfUsrAuthMacAuthSessionRole OBJECT-TYPE
SYNTAX HpAutzUserRoleName
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"When hpSwitchAutzUserRoleEnabled is true, specifies the user
role of the client."
::= { hpicfUsrAuthMacAuthSessionStatsEntry 9 }
-- ------------------------------------------------------------
-- User Last Login
-- ------------------------------------------------------------
hpicfUsrAuthLastLogin
OBJECT IDENTIFIER ::= { hpicfUsrAuthMIB 12 }
hpicfUsrAuthLastLoginCurrentGeneration OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The current generation number of the rows in
hpicfUsrAuthLastLoginTable. To obtain a consistent
table view, first read this object, then enumerate
the table (reading hpicfUsrAuthLastLoginGeneration
last), discarding any rows with
hpicfUsrAuthLastLoginGeneration greater than this
value."
::= { hpicfUsrAuthLastLogin 1 }
hpicfUsrAuthLastLoginTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpicfUsrAuthLastLoginEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This table records, per-username, the most recent
login and login attempts. A record is created by
the switch upon the first successful login to a
username, and updated upon each subsequent login
or login attempt."
::= { hpicfUsrAuthLastLogin 2 }
-- ------------------------------------------------------------
-- User Last Login table entry
-- ------------------------------------------------------------
hpicfUsrAuthLastLoginEntry OBJECT-TYPE
SYNTAX HpicfUsrAuthLastLoginEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "User last login table entry."
INDEX { hpicfUsrAuthLastLoginIndex }
::= { hpicfUsrAuthLastLoginTable 1 }
HpicfUsrAuthLastLoginEntry ::=
SEQUENCE {
hpicfUsrAuthLastLoginIndex Unsigned32,
hpicfUsrAuthLastLoginName DisplayString,
hpicfUsrAuthLastLoginPrivilege INTEGER,
hpicfUsrAuthLastLoginSuccTime DateAndTime,
hpicfUsrAuthLastLoginSuccAddrType InetAddressType,
hpicfUsrAuthLastLoginSuccAddr InetAddress,
hpicfUsrAuthLastLoginUnsuccTime DateAndTime,
hpicfUsrAuthLastLoginUnsuccCount Counter32,
hpicfUsrAuthLastLoginGeneration Unsigned32
}
hpicfUsrAuthLastLoginIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..64511)
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "The index value which uniquely identifies a row in
the user last-login table."
::= { hpicfUsrAuthLastLoginEntry 1 }
hpicfUsrAuthLastLoginName OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..64))
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The user's login name."
::= { hpicfUsrAuthLastLoginEntry 2 }
hpicfUsrAuthLastLoginPrivilege OBJECT-TYPE
SYNTAX INTEGER {
operator(1),
manager(2),
superuser(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The privilege level assigned to the user at the most
recent login."
::= { hpicfUsrAuthLastLoginEntry 3 }
hpicfUsrAuthLastLoginSuccTime OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The time of the user's most recent successful login."
::= { hpicfUsrAuthLastLoginEntry 4 }
hpicfUsrAuthLastLoginSuccAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The type of IP address from which the user's most recent
successful login occurred. Unknown(0) indicates a console
login."
::= { hpicfUsrAuthLastLoginEntry 5 }
hpicfUsrAuthLastLoginSuccAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The IP address from which the user's most recent
successful login occurred."
::= { hpicfUsrAuthLastLoginEntry 6 }
hpicfUsrAuthLastLoginUnsuccTime OBJECT-TYPE
SYNTAX DateAndTime
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The time of the user's most recent unsuccessful
login attempt. This will be zero length if there
have been no unsuccessful login attempts since the
most recent successful login."
::= { hpicfUsrAuthLastLoginEntry 7 }
hpicfUsrAuthLastLoginUnsuccCount OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The count of the user's unsuccessful login attempts since
the most recent successful login. This counter is reset to
zero whenever hpicfUsrAuthLastLoginSuccTime changes."
::= { hpicfUsrAuthLastLoginEntry 8 }
hpicfUsrAuthLastLoginGeneration OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The generation number of the objects in this row.
This object should be tested after reading other
objects in a row to ensure it has not changed from
hpicfUsrAuthLastLoginCurrentGeneration, or from
the value of hpicfUsrAuthLastLoginGeneration sent
in an hpicfUsrAuthCLIAuthFail notification."
::= { hpicfUsrAuthLastLoginEntry 9 }
hpicfUsrAuthLastLoginDeleteAll OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "When set to true(1), all rows of the last-login table
are deleted. Always reads as false(2)."
DEFVAL { false }
::= { hpicfUsrAuthLastLogin 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.13
hpicfUsrAuthCaptivePortal OBJECT IDENTIFIER ::= { hpicfUsrAuthMIB 13 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.13.1
hpicfUsrAuthCaptivePortalConfig OBJECT IDENTIFIER ::= { hpicfUsrAuthCaptivePortal 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.13.1.1
hpicfUsrAuthCaptivePortalConfigEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Enable redirection to a captive portal server for additional
client authentication. When enabled, clients will be
redirected to a captive portal server for further authentication
when the RADIUS response includes a redirect URL."
DEFVAL { false }
::= { hpicfUsrAuthCaptivePortalConfig 1}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.13.1.2
hpicfUsrAuthCaptivePortalUrlHashKey OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..64))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "A shared secret used by the captive portal server to validate a
redirected request. A read of this object always returns an
empty string."
::= { hpicfUsrAuthCaptivePortalConfig 2}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.13.1.3
hpicfUsrAuthCaptivePortalUrlHashKeyEncrypted OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..128))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The encrypted form of the shared secret used by
the captive portal server to validate a redirected
request. This object should only be written
with an encrypted password previously
read from a compatible HP Networking device."
::= { hpicfUsrAuthCaptivePortalConfig 3}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.13.2
hpicfUsrAuthCaptivePortalProfileTable OBJECT-TYPE
SYNTAX SEQUENCE OF HpicfUsrAuthCaptivePortalProfileEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This table consists of the captive portal
profiles configured on the switch. The size
of this table is implementation specific."
::= { hpicfUsrAuthCaptivePortal 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.13.2.1
hpicfUsrAuthCaptivePortalProfileEntry OBJECT-TYPE
SYNTAX HpicfUsrAuthCaptivePortalProfileEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "A captive portal profile table entry."
INDEX { hpicfUsrAuthCaptivePortalProfileName }
::= { hpicfUsrAuthCaptivePortalProfileTable 1 }
HpicfUsrAuthCaptivePortalProfileEntry::=
SEQUENCE {
hpicfUsrAuthCaptivePortalProfileName OCTET STRING,
hpicfUsrAuthCaptivePortalProfileRowStatus RowStatus,
hpicfUsrAuthCaptivePortalProfileType INTEGER,
hpicfUsrAuthCaptivePortalProfileRedirectUrl OCTET STRING
}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.13.2.1.1
hpicfUsrAuthCaptivePortalProfileName OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..63))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "The name of this profile. All printable ASCII
characters are allowed except '.', ' ', and '~'."
::= { hpicfUsrAuthCaptivePortalProfileEntry 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.13.2.1.2
hpicfUsrAuthCaptivePortalProfileRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION "The Row Status of this entry.
To create a new entry, send an SNMP SET request with a
RowStatus of 'createAndGo'.
active - the entry is ready to use.
notInService - not valid for this table.
notReady - the entry is not fully configured.
createAndGo - create a new entry.
createAndWait - not valid for this table.
delete - delete the entry. Entries of
hpicfUsrAuthCaptivePortalProfileType 'predefined'
cannot be deleted."
::= { hpicfUsrAuthCaptivePortalProfileEntry 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.13.2.1.3
hpicfUsrAuthCaptivePortalProfileType OBJECT-TYPE
SYNTAX INTEGER {
predefined(1),
custom(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Indicates whether the corresponding profile is predefined
or custom. Predefined profiles cannot be modified or
deleted."
::= { hpicfUsrAuthCaptivePortalProfileEntry 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.13.2.1.4
hpicfUsrAuthCaptivePortalProfileRedirectUrl OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..247))
MAX-ACCESS read-create
STATUS current
DESCRIPTION "The URL of the captive portal the user is redirected to
for authentication. An empty value indicates the URL will
be sent via the RADIUS VSA: HPE-CAPTIVE-PORTAL-URL(24)"
::= { hpicfUsrAuthCaptivePortalProfileEntry 4 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7
hpicfUsrAuthConformance OBJECT IDENTIFIER ::= { hpicfUsrAuthMIB 7 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2
hpicfUsrAuthGroups OBJECT IDENTIFIER ::= { hpicfUsrAuthConformance 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.1
hpicfUsrAuthSystemGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthWebAuthDhcpBaseAddress,
hpicfUsrAuthWebAuthDhcpMask,
hpicfUsrAuthWebAuthDhcpLease,
hpicfUsrAuthMacAuthAddrFormat,
hpicfUsrAuthCLIPasswdSet,
hpicfUsrAuthCLIInterface,
hpicfUsrAuthCacheCredTimeOut,
hpicfUsrAuthUseLLDPData }
STATUS deprecated
DESCRIPTION
"A collection of objects providing system
information about, and control over, Web- and
MAC-based authentication."
::= { hpicfUsrAuthGroups 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.2
hpicfUsrAuthPortsGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthPortNumber,
hpicfUsrAuthWebAuthAdminStatus,
hpicfUsrAuthMacAuthAdminStatus,
hpicfUsrAuthPortReauthenticate }
STATUS deprecated
DESCRIPTION
"A collection of objects providing system level
information about Web and MAC based authentication
for each port in the switch."
::= { hpicfUsrAuthGroups 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.3
hpicfUsrAuthWebAuthConfigGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthWebAuthClientLimit,
hpicfUsrAuthWebAuthClientMoves,
hpicfUsrAuthWebAuthSSLState,
hpicfUsrAuthWebAuthRedirectUrl,
hpicfUsrAuthWebAuthQuietPeriod,
hpicfUsrAuthWebAuthServerTimeout,
hpicfUsrAuthWebAuthServerMaxReq,
hpicfUsrAuthWebAuthMaxRetries,
hpicfUsrAuthWebAuthLogoffPeriod,
hpicfUsrAuthWebAuthReAuthPeriod,
hpicfUsrAuthWebAuthAuthVid,
hpicfUsrAuthWebAuthUnauthVid,
hpicfUsrAuthWebAuthCacheCredentials }
STATUS current
DESCRIPTION
"A collection of objects providing configuration
objects for Web-based authentication associated with
each port."
::= { hpicfUsrAuthGroups 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.4
hpicfUsrAuthMacAuthConfigGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthMacAuthClientLimit,
hpicfUsrAuthMacAuthClientMoves,
hpicfUsrAuthMacAuthQuietPeriod,
hpicfUsrAuthMacAuthServerTimeout,
hpicfUsrAuthMacAuthServerMaxReq,
hpicfUsrAuthMacAuthLogoffPeriod,
hpicfUsrAuthMacAuthReAuthPeriod,
hpicfUsrAuthMacAuthAuthVid,
hpicfUsrAuthMacAuthUnauthVid }
STATUS current
DESCRIPTION
"A collection of objects providing configuration
objects for MAC-based authentication associated with
each port."
::= { hpicfUsrAuthGroups 4 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.5
hpicfUsrAuthWebAuthSessionStatsGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthWebAuthSessionMacAddr,
hpicfUsrAuthWebAuthSessionName,
hpicfUsrAuthWebAuthSessionState,
hpicfUsrAuthWebAuthSessionStateTime,
hpicfUsrAuthWebAuthSessionAuthVid,
hpicfUsrAuthWebAuthSessionUnauthVid }
STATUS deprecated
DESCRIPTION
"A collection of objects providing statistics about
current sessions for Web-based authentication."
::= { hpicfUsrAuthGroups 5 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.6
hpicfUsrAuthMacAuthSessionStatsGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthMacAuthSessionMacAddr,
hpicfUsrAuthMacAuthSessionState,
hpicfUsrAuthMacAuthSessionStateTime,
hpicfUsrAuthMacAuthSessionAuthVid,
hpicfUsrAuthMacAuthSessionUnauthVid
}
STATUS deprecated
DESCRIPTION
"A collection of objects providing statistics about
current sessions for MAC-based authentication."
::= { hpicfUsrAuthGroups 6 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.7
hpicfUsrAuthWebAuthConfigGroup1 OBJECT-GROUP
OBJECTS { hpicfUsrAuthWebAuthClientLimit,
hpicfUsrAuthWebAuthClientMoves,
hpicfUsrAuthWebAuthSSLState,
hpicfUsrAuthWebAuthRedirectUrl,
hpicfUsrAuthWebAuthQuietPeriod,
hpicfUsrAuthWebAuthServerTimeout,
hpicfUsrAuthWebAuthServerMaxReq,
hpicfUsrAuthWebAuthMaxRetries,
hpicfUsrAuthWebAuthLogoffPeriod,
hpicfUsrAuthWebAuthReAuthPeriod,
hpicfUsrAuthWebAuthAuthVid,
hpicfUsrAuthWebAuthUnauthVid,
hpicfUsrAuthWebAuthCacheCredentials,
hpicfUsrAuthWebAuthCachedReauthPeriod }
STATUS current
DESCRIPTION
"A collection of objects providing configuration
objects for Web-based authentication associated with
each port."
::= { hpicfUsrAuthGroups 7 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.8
hpicfUsrAuthMacAuthConfigGroup1 OBJECT-GROUP
OBJECTS { hpicfUsrAuthMacAuthClientLimit,
hpicfUsrAuthMacAuthClientMoves,
hpicfUsrAuthMacAuthQuietPeriod,
hpicfUsrAuthMacAuthServerTimeout,
hpicfUsrAuthMacAuthServerMaxReq,
hpicfUsrAuthMacAuthLogoffPeriod,
hpicfUsrAuthMacAuthReAuthPeriod,
hpicfUsrAuthMacAuthAuthVid,
hpicfUsrAuthMacAuthUnauthVid,
hpicfUsrAuthMacAuthCachedReauthPeriod }
STATUS current
DESCRIPTION
"A collection of objects providing configuration
objects for MAC-based authentication associated with
each port."
::= { hpicfUsrAuthGroups 8 }
hpicfUsrAuthMacAuthConfigGroup2 OBJECT-GROUP
OBJECTS { hpicfUsrAuthMacAuthClientLimit,
hpicfUsrAuthMacAuthClientMoves,
hpicfUsrAuthMacAuthQuietPeriod,
hpicfUsrAuthMacAuthServerTimeout,
hpicfUsrAuthMacAuthServerMaxReq,
hpicfUsrAuthMacAuthLogoffPeriod,
hpicfUsrAuthMacAuthReAuthPeriod,
hpicfUsrAuthMacAuthAuthVid,
hpicfUsrAuthMacAuthUnauthVid,
hpicfUsrAuthMacAuthUnAuthPeriod,
hpicfUsrAuthMacAuthCachedReauthPeriod,
hpicfUsrAuthMacAuthMode }
STATUS deprecated
DESCRIPTION
"A collection of objects providing configuration
objects for MAC-based authentication associated with
each port."
::= { hpicfUsrAuthGroups 9 }
hpicfUsrAuthRedirectServerGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthRedirectServerURL,
hpicfUsrAuthRedirectServerRestrictiveFilter ,
hpicfUsrAuthRedirectServerClientTimeout,
hpicfUsrAuthRedirectServerAuthFailureStats,
hpicfUsrAuthRedirectServerRowStatus }
STATUS current
DESCRIPTION
"A collection of objects for authentication
Redirect Server."
::= { hpicfUsrAuthGroups 10 }
hpicfUsrAuthWMAeWAServerGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthWMAeWAServerIPAddressType,
hpicfUsrAuthWMAeWAServerIPAddress,
hpicfUsrAuthWMAeWAServerPath,
hpicfUsrAUthWMAeWAServerRowStatus}
STATUS current
DESCRIPTION
"A collection of objects for Enhanced
Web Auth servers."
::= { hpicfUsrAuthGroups 11 }
hpicfUsrAuthClientReauthenticateGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthClientReauthenticate,
hpicfUsrAuthWebAuthClientReauthenticate,
hpicfUsrAuthMacAuthClientReauthenticate}
STATUS current
DESCRIPTION
"A collection of objects for Reauthentication
settings ."
::= { hpicfUsrAuthGroups 12 }
hpicfUsrAuthMacAuthSessionStatsGroup1 OBJECT-GROUP
OBJECTS { hpicfUsrAuthMacAuthSessionTimeout }
STATUS current
DESCRIPTION "A collection of objects providing RADIUS server
set session timeout for MAC-based user
reauthentication."
::= { hpicfUsrAuthGroups 13 }
hpicfUsrAuthWebAuthSessionStatsGroup1 OBJECT-GROUP
OBJECTS { hpicfUsrAuthWebAuthSessionTimeout }
STATUS current
DESCRIPTION "A collection of objects providing RADIUS server
set session timeout for Web-based user
reauthentication."
::= { hpicfUsrAuthGroups 14 }
hpicfUsrAuthLastLoginGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthLastLoginCurrentGeneration,
hpicfUsrAuthLastLoginDeleteAll,
hpicfUsrAuthLastLoginName,
hpicfUsrAuthLastLoginPrivilege,
hpicfUsrAuthLastLoginSuccTime,
hpicfUsrAuthLastLoginSuccAddrType,
hpicfUsrAuthLastLoginSuccAddr,
hpicfUsrAuthLastLoginUnsuccTime,
hpicfUsrAuthLastLoginUnsuccCount,
hpicfUsrAuthLastLoginGeneration
}
STATUS current
DESCRIPTION "A collection of objects for viewing the most recent
logins to the switch by users, and for deleting the
table."
::= { hpicfUsrAuthGroups 15 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.16
hpicfUsrAuthPortsGroup1 OBJECT-GROUP
OBJECTS { hpicfUsrAuthPortNumber,
hpicfUsrAuthWebAuthAdminStatus,
hpicfUsrAuthMacAuthAdminStatus,
hpicfUsrAuthPortReauthenticate,
hpicfUsrAuthLMAAdminStatus
}
STATUS deprecated
DESCRIPTION
"A collection of objects providing system level
information about Web and MAC based authentication
for each port in the switch."
::= { hpicfUsrAuthGroups 16 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.17
hpicfUsrAuthCaptivePortalGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthCaptivePortalConfigEnabled,
hpicfUsrAuthCaptivePortalUrlHashKey,
hpicfUsrAuthCaptivePortalUrlHashKeyEncrypted
}
STATUS current
DESCRIPTION
"A collection of objects providing configuration for the captive
portal feature."
::= { hpicfUsrAuthGroups 17 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.18
hpicfUsrAuthCaptivePortalProfileGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthCaptivePortalProfileRowStatus,
hpicfUsrAuthCaptivePortalProfileType,
hpicfUsrAuthCaptivePortalProfileRedirectUrl
}
STATUS current
DESCRIPTION
"A collection of objects providing configuration for captive
portal profiles."
::= { hpicfUsrAuthGroups 18 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.19
hpicfUsrAuthWebAuthSessionStatsGroup2 OBJECT-GROUP
OBJECTS { hpicfUsrAuthWebAuthSessionMacAddr,
hpicfUsrAuthWebAuthSessionName,
hpicfUsrAuthWebAuthSessionState,
hpicfUsrAuthWebAuthSessionStateTime,
hpicfUsrAuthWebAuthSessionAuthVid,
hpicfUsrAuthWebAuthSessionUnauthVid,
hpicfUsrAuthWebAuthSessionRole
}
STATUS current
DESCRIPTION
"A collection of objects providing statistics about
current sessions for Web-based authentication."
::= { hpicfUsrAuthGroups 19 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.20
hpicfUsrAuthMacAuthSessionStatsGroup2 OBJECT-GROUP
OBJECTS { hpicfUsrAuthMacAuthSessionMacAddr,
hpicfUsrAuthMacAuthSessionState,
hpicfUsrAuthMacAuthSessionStateTime,
hpicfUsrAuthMacAuthSessionAuthVid,
hpicfUsrAuthMacAuthSessionUnauthVid,
hpicfUsrAuthMacAuthSessionName,
hpicfUsrAuthMacAuthSessionRole
}
STATUS current
DESCRIPTION
"A collection of objects providing statistics about
current sessions for MAC-based authentication."
::= { hpicfUsrAuthGroups 20 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.21
hpicfUsrAuthPortsGroup2 OBJECT-GROUP
OBJECTS { hpicfUsrAuthPortNumber,
hpicfUsrAuthWebAuthAdminStatus,
hpicfUsrAuthMacAuthAdminStatus,
hpicfUsrAuthPortReauthenticate,
hpicfUsrAuthLMAAdminStatus,
hpicfUsrAuthLLDPBypassAdminStatus
}
STATUS deprecated
DESCRIPTION
"A collection of objects providing system level
information about Web and MAC based authentication
for each port in the switch."
::= { hpicfUsrAuthGroups 21 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.22
hpicfUsrAuthMacAuthConfigGroup3 OBJECT-GROUP
OBJECTS { hpicfUsrAuthMacAuthClientLimit,
hpicfUsrAuthMacAuthClientMoves,
hpicfUsrAuthMacAuthQuietPeriod,
hpicfUsrAuthMacAuthServerTimeout,
hpicfUsrAuthMacAuthServerMaxReq,
hpicfUsrAuthMacAuthLogoffPeriod,
hpicfUsrAuthMacAuthReAuthPeriod,
hpicfUsrAuthMacAuthAuthVid,
hpicfUsrAuthMacAuthUnauthVid,
hpicfUsrAuthMacAuthUnAuthPeriod,
hpicfUsrAuthMacAuthCachedReauthPeriod,
hpicfUsrAuthMacAuthMode,
hpicfUsrAuthMacPin,
hpicfMacAuthRetainUnauthClients }
STATUS deprecated
DESCRIPTION
"A collection of objects providing configuration
objects for MAC-based authentication associated with
each port."
::= { hpicfUsrAuthGroups 22 }
hpicfUsrAuthPortsGroup3 OBJECT-GROUP
OBJECTS { hpicfUsrAuthPortNumber,
hpicfUsrAuthWebAuthAdminStatus,
hpicfUsrAuthMacAuthAdminStatus,
hpicfUsrAuthPortReauthenticate,
hpicfUsrAuthLMAAdminStatus,
hpicfUsrAuthLLDPBypassAdminStatus
}
STATUS current
DESCRIPTION
"A collection of objects providing system level
information about Web and MAC based authentication
for each port in the switch."
::= { hpicfUsrAuthGroups 23 }
hpicfUsrAuthMacAuthConfigGroup4 OBJECT-GROUP
OBJECTS { hpicfUsrAuthMacAuthClientLimit,
hpicfUsrAuthMacAuthClientMoves,
hpicfUsrAuthMacAuthQuietPeriod,
hpicfUsrAuthMacAuthServerTimeout,
hpicfUsrAuthMacAuthServerMaxReq,
hpicfUsrAuthMacAuthLogoffPeriod,
hpicfUsrAuthMacAuthReAuthPeriod,
hpicfUsrAuthMacAuthAuthVid,
hpicfUsrAuthMacAuthUnauthVid,
hpicfUsrAuthMacAuthUnAuthPeriod,
hpicfUsrAuthMacAuthCachedReauthPeriod,
hpicfUsrAuthMacAuthMode,
hpicfUsrAuthMacPin,
hpicfMacAuthRetainUnauthClients,
hpicfMacAuthRadiusServer }
STATUS deprecated
DESCRIPTION
"A collection of objects providing configuration
objects for MAC-based authentication associated with
each port."
::= { hpicfUsrAuthGroups 24 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.25
hpicfUsrAuthBypassPortsGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthBypassAdminStatus,
hpicfUsrAuthDeviceIdentityName
}
STATUS current
DESCRIPTION
"A collection of objects providing system level
information about LLDP and CDP bypass authentication
for each port in the switch."
::= { hpicfUsrAuthGroups 25 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.26
hpicfUsrAuthOrderPortsGroup OBJECT-GROUP
OBJECTS {
hpicfUsrAuthOrderFirst,
hpicfUsrAuthOrderSecond,
hpicfUsrAuthOrderLmaFallback,
hpicfUsrAuthPriorityFirst,
hpicfUsrAuthPrioritySecond
}
STATUS current
DESCRIPTION
"A collection of objects providing configuration support
for Authentication order and Priority on Port."
::= { hpicfUsrAuthGroups 26 }
hpicfUsrAuthMacAuthConfigGroup5 OBJECT-GROUP
OBJECTS { hpicfUsrAuthMacAuthClientLimit,
hpicfUsrAuthMacAuthClientMoves,
hpicfUsrAuthMacAuthQuietPeriod,
hpicfUsrAuthMacAuthServerTimeout,
hpicfUsrAuthMacAuthServerMaxReq,
hpicfUsrAuthMacAuthLogoffPeriod,
hpicfUsrAuthMacAuthReAuthPeriod,
hpicfUsrAuthMacAuthAuthVid,
hpicfUsrAuthMacAuthUnauthVid,
hpicfUsrAuthMacAuthUnAuthPeriod,
hpicfUsrAuthMacAuthCachedReauthPeriod,
hpicfUsrAuthMacAuthMode,
hpicfUsrAuthMacPin,
hpicfMacAuthRetainUnauthClients,
hpicfMacAuthRadiusServer,
hpicfUsrAuthMacAuthUnauthVidLLDPNwkPolicy
}
STATUS current
DESCRIPTION
"A collection of objects providing configuration
objects for MAC-based authentication associated with
each port."
::= { hpicfUsrAuthGroups 27 }
hpicfUsrAuthSystemGroup1 OBJECT-GROUP
OBJECTS { hpicfUsrAuthWebAuthDhcpBaseAddress,
hpicfUsrAuthWebAuthDhcpMask,
hpicfUsrAuthWebAuthDhcpLease,
hpicfUsrAuthMacAuthAddrFormat,
hpicfUsrAuthCLIPasswdSet,
hpicfUsrAuthCLIInterface,
hpicfUsrAuthCacheCredTimeOut,
hpicfUsrAuthUseLLDPData,
hpicfUsrAuthStationIdFormat}
STATUS current
DESCRIPTION
"A collection of objects providing system
information about, and control over, Web- and
MAC-based authentication."
::= { hpicfUsrAuthGroups 28 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4
hpicfUsrAuthCompliances OBJECT IDENTIFIER ::= { hpicfUsrAuthConformance 4 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.1
hpicfUsrAuthCompliance MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"********* THIS COMPLIANCE IS DEPRECATED *********
The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup,
hpicfUsrAuthWebAuthConfigGroup,
hpicfUsrAuthMacAuthConfigGroup,
hpicfUsrAuthWebAuthSessionStatsGroup,
hpicfUsrAuthMacAuthSessionStatsGroup }
::= { hpicfUsrAuthCompliances 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.2
hpicfUsrAuthCompliance1 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthMacAuthConfigGroup1,
hpicfUsrAuthWebAuthSessionStatsGroup,
hpicfUsrAuthMacAuthSessionStatsGroup }
::= { hpicfUsrAuthCompliances 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.3
hpicfUsrAuthCompliance2 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup,
hpicfUsrAuthWebAuthSessionStatsGroup,
hpicfUsrAuthMacAuthSessionStatsGroup,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthMacAuthConfigGroup2 }
::= { hpicfUsrAuthCompliances 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.4
hpicfUsrAuthCompliance3 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthRedirectServerGroup,
hpicfUsrAuthWMAeWAServerGroup,
hpicfUsrAuthClientReauthenticateGroup }
::= { hpicfUsrAuthCompliances 4 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.5
hpicfUsrAuthCompliance4 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthMacGroup,
hpicfNotifcationConfigDataGroup,
hpicfUsrAuthNotificationGroup,
hpicfUsrAuthWebAuthAccessDeniedGroup}
::= { hpicfUsrAuthCompliances 5 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.6
hpicfUsrAuthCompliance5 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthMacAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthSessionStatsGroup1}
::= { hpicfUsrAuthCompliances 6 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.7
hpicfUsrAuthCompliance6 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthMacAuthUsrNumberGroup
}
::= { hpicfUsrAuthCompliances 7 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.8
hpicfUsrAuthCompliance7 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for device support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup,
hpicfUsrAuthMacAuthConfigGroup2,
hpicfUsrAuthMacGroup,
hpicfUsrAuthMacAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthWebAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthAccessDeniedGroup,
hpicfUsrAuthClientReauthenticateGroup,
hpicfUsrAuthRedirectServerGroup,
hpicfUsrAuthWMAeWAServerGroup,
hpicfNotificationConfigDataGroup1,
hpicfUsrAuthLastLoginGroup }
::= { hpicfUsrAuthCompliances 8 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.9
hpicfUsrAuthCompliance8 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for device support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup1,
hpicfUsrAuthMacAuthConfigGroup2,
hpicfUsrAuthMacGroup,
hpicfUsrAuthMacAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthWebAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthAccessDeniedGroup,
hpicfUsrAuthClientReauthenticateGroup,
hpicfUsrAuthRedirectServerGroup,
hpicfUsrAuthWMAeWAServerGroup,
hpicfNotificationConfigDataGroup1,
hpicfUsrAuthLastLoginGroup }
::= { hpicfUsrAuthCompliances 9 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.10
hpicfUsrAuthCompliance9 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for device support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup1,
hpicfUsrAuthMacAuthConfigGroup2,
hpicfUsrAuthMacGroup,
hpicfUsrAuthMacAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthWebAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthAccessDeniedGroup,
hpicfUsrAuthClientReauthenticateGroup,
hpicfUsrAuthRedirectServerGroup,
hpicfUsrAuthWMAeWAServerGroup,
hpicfNotificationConfigDataGroup1,
hpicfUsrAuthLastLoginGroup,
hpicfUsrAuthCaptivePortalGroup }
::= { hpicfUsrAuthCompliances 10 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.11
hpicfUsrAuthCompliance10 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for device support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup1,
hpicfUsrAuthMacAuthConfigGroup2,
hpicfUsrAuthMacGroup,
hpicfUsrAuthMacAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthWebAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthAccessDeniedGroup,
hpicfUsrAuthClientReauthenticateGroup,
hpicfUsrAuthRedirectServerGroup,
hpicfUsrAuthWMAeWAServerGroup,
hpicfNotificationConfigDataGroup1,
hpicfUsrAuthLastLoginGroup,
hpicfUsrAuthCaptivePortalGroup,
hpicfUsrAuthCaptivePortalProfileGroup }
::= { hpicfUsrAuthCompliances 11 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.12
hpicfUsrAuthCompliance11 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup1,
hpicfUsrAuthWebAuthSessionStatsGroup2,
hpicfUsrAuthMacAuthSessionStatsGroup2,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthMacAuthConfigGroup2 }
::= { hpicfUsrAuthCompliances 12 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.13
hpicfUsrAuthCompliance12 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup2,
hpicfUsrAuthWebAuthSessionStatsGroup2,
hpicfUsrAuthMacAuthSessionStatsGroup2,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthMacAuthConfigGroup2 }
::= { hpicfUsrAuthCompliances 13 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.14
hpicfUsrAuthCompliance13 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthMacGroup1,
hpicfNotifcationConfigDataGroup,
hpicfUsrAuthNotificationGroup,
hpicfUsrAuthWebAuthAccessDeniedGroup}
::= { hpicfUsrAuthCompliances 14 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.15
hpicfUsrAuthCompliance14 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for device support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup2,
hpicfUsrAuthMacAuthConfigGroup2,
hpicfUsrAuthMacGroup1,
hpicfUsrAuthMacAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthWebAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthAccessDeniedGroup,
hpicfUsrAuthClientReauthenticateGroup,
hpicfUsrAuthRedirectServerGroup,
hpicfUsrAuthWMAeWAServerGroup,
hpicfNotificationConfigDataGroup1,
hpicfUsrAuthLastLoginGroup,
hpicfUsrAuthCaptivePortalGroup,
hpicfUsrAuthCaptivePortalProfileGroup }
::= { hpicfUsrAuthCompliances 15 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.16
hpicfUsrAuthCompliance15 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup2,
hpicfUsrAuthWebAuthSessionStatsGroup2,
hpicfUsrAuthMacAuthSessionStatsGroup2,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthMacAuthConfigGroup3 }
::= { hpicfUsrAuthCompliances 16 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.17
hpicfUsrAuthCompliance16 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for device support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup2,
hpicfUsrAuthMacAuthConfigGroup3,
hpicfUsrAuthMacGroup1,
hpicfUsrAuthMacAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthWebAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthAccessDeniedGroup,
hpicfUsrAuthClientReauthenticateGroup,
hpicfUsrAuthRedirectServerGroup,
hpicfUsrAuthWMAeWAServerGroup,
hpicfNotificationConfigDataGroup1,
hpicfUsrAuthLastLoginGroup,
hpicfUsrAuthCaptivePortalGroup,
hpicfUsrAuthCaptivePortalProfileGroup }
::= { hpicfUsrAuthCompliances 17 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.18
hpicfUsrAuthCompliance17 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS {
hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup3,
hpicfUsrAuthWebAuthSessionStatsGroup2,
hpicfUsrAuthMacAuthSessionStatsGroup2,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthMacAuthConfigGroup3 }
::= { hpicfUsrAuthCompliances 18 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.19
hpicfUsrAuthCompliance18 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for device support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup2,
hpicfUsrAuthMacAuthConfigGroup4,
hpicfUsrAuthMacGroup1,
hpicfUsrAuthMacAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthWebAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthAccessDeniedGroup,
hpicfUsrAuthClientReauthenticateGroup,
hpicfUsrAuthRedirectServerGroup,
hpicfUsrAuthWMAeWAServerGroup,
hpicfNotificationConfigDataGroup1,
hpicfUsrAuthLastLoginGroup,
hpicfUsrAuthCaptivePortalGroup,
hpicfUsrAuthCaptivePortalProfileGroup }
::= { hpicfUsrAuthCompliances 19 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.20
hpicfUsrAuthCompliance19 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS {
hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup3,
hpicfUsrAuthWebAuthSessionStatsGroup2,
hpicfUsrAuthMacAuthSessionStatsGroup2,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthMacAuthConfigGroup4 }
::= { hpicfUsrAuthCompliances 20 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.21
hpicfUsrAuthCompliance20 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS {
hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup3,
hpicfUsrAuthBypassPortsGroup,
hpicfUsrAuthWebAuthSessionStatsGroup2,
hpicfUsrAuthMacAuthSessionStatsGroup2,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthMacAuthConfigGroup4 }
::= { hpicfUsrAuthCompliances 21 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.22
hpicfUsrAuthCompliance21 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE
GROUP hpicfUsrAuthOrderPortsGroup
DESCRIPTION
"This group is mandatory for systems that support
Authenticaiton Order and Priority of Authenticator PAEs."
::= { hpicfUsrAuthCompliances 22 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.23
hpicfUsrAuthCompliance22 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for device support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup2,
hpicfUsrAuthMacAuthConfigGroup5,
hpicfUsrAuthMacGroup1,
hpicfUsrAuthMacAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthWebAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthAccessDeniedGroup,
hpicfUsrAuthClientReauthenticateGroup,
hpicfUsrAuthRedirectServerGroup,
hpicfUsrAuthWMAeWAServerGroup,
hpicfNotificationConfigDataGroup1,
hpicfUsrAuthLastLoginGroup,
hpicfUsrAuthCaptivePortalGroup,
hpicfUsrAuthCaptivePortalProfileGroup }
::= { hpicfUsrAuthCompliances 23 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.24
hpicfUsrAuthCompliance23 MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS {
hpicfUsrAuthSystemGroup,
hpicfUsrAuthPortsGroup3,
hpicfUsrAuthBypassPortsGroup,
hpicfUsrAuthWebAuthSessionStatsGroup2,
hpicfUsrAuthMacAuthSessionStatsGroup2,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthMacAuthConfigGroup5 }
::= { hpicfUsrAuthCompliances 24 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.25
hpicfUsrAuthCompliance24 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for device support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS { hpicfUsrAuthSystemGroup1,
hpicfUsrAuthPortsGroup2,
hpicfUsrAuthMacAuthConfigGroup5,
hpicfUsrAuthMacGroup1,
hpicfUsrAuthMacAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthWebAuthSessionStatsGroup1,
hpicfUsrAuthWebAuthAccessDeniedGroup,
hpicfUsrAuthClientReauthenticateGroup,
hpicfUsrAuthRedirectServerGroup,
hpicfUsrAuthWMAeWAServerGroup,
hpicfNotificationConfigDataGroup1,
hpicfUsrAuthLastLoginGroup,
hpicfUsrAuthCaptivePortalGroup,
hpicfUsrAuthCaptivePortalProfileGroup }
::= { hpicfUsrAuthCompliances 25 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.26
hpicfUsrAuthCompliance25 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for devices support of
HP-USER-AUTH MIB."
MODULE -- this module
MANDATORY-GROUPS {
hpicfUsrAuthSystemGroup1,
hpicfUsrAuthPortsGroup3,
hpicfUsrAuthBypassPortsGroup,
hpicfUsrAuthWebAuthSessionStatsGroup2,
hpicfUsrAuthMacAuthSessionStatsGroup2,
hpicfUsrAuthWebAuthConfigGroup1,
hpicfUsrAuthMacAuthConfigGroup5 }
::= { hpicfUsrAuthCompliances 26 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.8
hpicfUsrAuthNotifyConformance OBJECT IDENTIFIER ::= { hpicfUsrAuthMIB 8 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.8.1
hpicfUsrAuthNotificationGroup NOTIFICATION-GROUP
NOTIFICATIONS { hpicfUsrAuthCLIAuthFail,
hpicfUsrAuthPasswdChng,
hpicfPortSecAuthFailure }
STATUS current
DESCRIPTION
"A group of authorization notifications."
::= { hpicfUsrAuthNotifyConformance 1 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.8.2
hpicfNotifcationConfigDataGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthCLIFailCnt,
hpicfUsrAuthCLIPwdNotifyCnt,
hpicfUsrAuthWMAFailCnt,
hpicfUsrAuthWMAFailMAC,
hpicfUsrAuthWMAFailPort,
hpicfUsrAuthWMAFailVlan,
hpicfUsrAuthPasswdNotifyEnable,
hpicfUsrAuthCliNotifyEnable,
hpicfUsrAuthPortSecNotifyEnable }
STATUS deprecated
DESCRIPTION
"A group of notification data and configuration objects."
::= { hpicfUsrAuthNotifyConformance 2 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.8.3
hpicfNotificationConfigDataGroup1 OBJECT-GROUP
OBJECTS { hpicfUsrAuthCLIFailCnt,
hpicfUsrAuthCLIInterface,
hpicfUsrAuthLastLoginNotifyStatus,
hpicfUsrAuthLastLoginNotifyAddrType,
hpicfUsrAuthLastLoginNotifyAddr,
hpicfUsrAuthCLIPwdNotifyCnt,
hpicfUsrAuthWMAFailCnt,
hpicfUsrAuthWMAFailMAC,
hpicfUsrAuthWMAFailPort,
hpicfUsrAuthWMAFailVlan,
hpicfUsrAuthPasswdNotifyEnable,
hpicfUsrAuthCliNotifyEnable,
hpicfUsrAuthPortSecNotifyEnable }
STATUS current
DESCRIPTION
"A group of notification data and configuration objects."
::= { hpicfUsrAuthNotifyConformance 3 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.9
hpicfUsrAuthMacGlobalConformance OBJECT IDENTIFIER ::= { hpicfUsrAuthMIB 9 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.9.1
hpicfUsrAuthMacGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthMacAuthPassword }
STATUS deprecated
DESCRIPTION
"A group of Mac auth global configuration objects."
::= { hpicfUsrAuthMacGlobalConformance 1}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.9.1
hpicfUsrAuthMacGroup1 OBJECT-GROUP
OBJECTS { hpicfUsrAuthMacAuthPassword,
hpicfUsrAuthMacAuthPasswordEncrypted }
STATUS current
DESCRIPTION
"A group of Mac auth global configuration objects."
::= { hpicfUsrAuthMacGlobalConformance 2}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.10
hpicfUsrAuthWebAuthAccessDeniedConformance OBJECT IDENTIFIER ::= { hpicfUsrAuthMIB 10 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.10.1
hpicfUsrAuthWebAuthAccessDeniedGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthWebAuthAccessDeniedMode,
hpicfUsrAuthWebAuthAccessDeniedMessage }
STATUS current
DESCRIPTION
"A group of web-auth access denied configuration objects."
::= { hpicfUsrAuthWebAuthAccessDeniedConformance 1}
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.11
hpicfUsrAuthMacAuthUsrNumberConformance OBJECT IDENTIFIER ::= { hpicfUsrAuthMIB 11 }
-- 1.3.6.1.4.1.11.2.14.11.5.1.19.11.1
hpicfUsrAuthMacAuthUsrNumberGroup OBJECT-GROUP
OBJECTS { hpicfUsrAuthMacAuthUsrNumberCnt,
hpicfUsrAuthMacAuthSessionUsrNumberCnt }
STATUS current
DESCRIPTION
"Number of Mac authenticated client objects in the switch and port."
::= { hpicfUsrAuthMacAuthUsrNumberConformance 1}
END
View Git Blame Copy Permalink