811 lines
29 KiB
Plaintext
811 lines
29 KiB
Plaintext
|
|
BAY-STACK-RADIUS-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
OBJECT-TYPE, MODULE-IDENTITY, Integer32, Unsigned32, NOTIFICATION-TYPE,
|
|
Counter32
|
|
FROM SNMPv2-SMI
|
|
RowStatus, TruthValue, DisplayString
|
|
FROM SNMPv2-TC
|
|
InetAddressType, InetAddress, InetPortNumber
|
|
FROM INET-ADDRESS-MIB
|
|
radiusDynAuthClientEntry
|
|
FROM RADIUS-DYNAUTH-SERVER-MIB
|
|
bayStackMibs
|
|
FROM SYNOPTICS-ROOT-MIB;
|
|
|
|
bayStackRadiusMib MODULE-IDENTITY
|
|
LAST-UPDATED "202103020000Z"
|
|
ORGANIZATION "Avaya"
|
|
CONTACT-INFO "avaya.com"
|
|
DESCRIPTION
|
|
"This MIB module is used for RADIUS configuration
|
|
settings in Nortel's software and products."
|
|
|
|
REVISION "202103020000Z" -- March 02, 2021
|
|
DESCRIPTION
|
|
"Ver 16: Added useStatusServer(3) to bsRadiusReachability object."
|
|
|
|
REVISION "201507230000Z" -- July 23, 2015
|
|
DESCRIPTION
|
|
"Ver 15: Added bsRadiusExtDynAuthClientEntry,
|
|
bsRadiusDynAuthClientProcessReAuthRequests ."
|
|
|
|
REVISION "201410200000Z" -- Oct 20, 2014
|
|
DESCRIPTION
|
|
"Ver 14: Added bsRadiusReachabilityTimeout
|
|
bsRadiusReachabilityRetry
|
|
bsRadiusReachabilityBadTimer
|
|
bsRadiusReachabilityGoodTimer ."
|
|
|
|
REVISION "201203150000Z" -- March 15, 2012
|
|
DESCRIPTION
|
|
"Ver 13: Added bsRadiusEncapsulationProtocol."
|
|
|
|
REVISION "201010150000Z" -- Oct 15, 2010
|
|
DESCRIPTION
|
|
"Ver 12: Added notification types for reachability up/down."
|
|
|
|
REVISION "201010140000Z" -- Oct 14, 2010
|
|
DESCRIPTION
|
|
"Ver 11: Added additional radius server settings."
|
|
|
|
REVISION "201009070000Z" -- Sep 07, 2010
|
|
DESCRIPTION
|
|
"Ver 10: Added bsRadiusReachabilityUserName and
|
|
bsRadiusReachabilityPassword."
|
|
|
|
REVISION "201002100000Z" -- Feb 10, 2010
|
|
DESCRIPTION
|
|
"Ver 9: Added bsRadiusReachability."
|
|
|
|
REVISION "200910130000Z" -- Oct 13, 2009
|
|
DESCRIPTION
|
|
"Ver 8: Added bsRadiusDynAuthReplayProtection."
|
|
|
|
REVISION "200905280000Z" -- May 28, 2009
|
|
DESCRIPTION
|
|
"Ver 7: Added bsRadiusAccountingInterimUpdatesIntervalSource."
|
|
|
|
REVISION "200904160000Z" -- April 16, 2009
|
|
DESCRIPTION
|
|
"Ver 6: Added bsRadiusDynAuthClientReplayProtection
|
|
Added bsRadiusAccountingInterimUpdates and
|
|
bsRadiusAccountingInterimUpdatesInterval."
|
|
|
|
REVISION "200903300000Z" -- March 30, 2009
|
|
DESCRIPTION
|
|
"Ver 5: Added bsRadiusAccountingEnabled,
|
|
bsRadiusPasswordFallbackEnabled,
|
|
bsRadiusAccountingPort"
|
|
|
|
REVISION "200810300000Z" -- October 30, 2008
|
|
DESCRIPTION
|
|
"Ver 4: Added bsRadiusUseMgmtIp."
|
|
|
|
REVISION "200805290000Z" -- May 29, 2008
|
|
DESCRIPTION
|
|
"Ver 3: Changes based on RFC 5176."
|
|
|
|
REVISION "200803250000Z" -- March 25, 2008
|
|
DESCRIPTION
|
|
"Ver 2: Added support for RADIUS requests servers."
|
|
|
|
REVISION "200704030000Z" -- April 3, 2007
|
|
DESCRIPTION
|
|
"Ver 1: Initial version."
|
|
::= { bayStackMibs 21 }
|
|
|
|
bsRadiusNotifications OBJECT IDENTIFIER ::= { bayStackRadiusMib 0 }
|
|
bsRadiusObjects OBJECT IDENTIFIER ::= { bayStackRadiusMib 1 }
|
|
|
|
-- ============================================================================
|
|
-- RADIUS scalar objects
|
|
-- ============================================================================
|
|
|
|
bsRadiusScalars OBJECT IDENTIFIER ::= { bsRadiusObjects 1 }
|
|
|
|
bsRadiusUseMgmtIp OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object controls whether RADIUS uses the system's management
|
|
IP address as the source address for RADIUS requests."
|
|
DEFVAL { true }
|
|
::= { bsRadiusScalars 1 }
|
|
|
|
bsRadiusAccountingEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object controls whether RADIUS accounting is enabled."
|
|
DEFVAL { false }
|
|
::= { bsRadiusScalars 2 }
|
|
|
|
bsRadiusPasswordFallbackEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object controls whether RADIUS password fallback is enabled."
|
|
DEFVAL { false }
|
|
::= { bsRadiusScalars 3 }
|
|
|
|
bsRadiusAccountingPort OBJECT-TYPE
|
|
SYNTAX InetPortNumber
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object controls the port used for RADIUS accounting."
|
|
DEFVAL { 1813 }
|
|
::= { bsRadiusScalars 4 }
|
|
|
|
bsRadiusAccountingInterimUpdates OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object controls whether RADIUS interim updates are enabled
|
|
or disabled."
|
|
DEFVAL { false }
|
|
::= { bsRadiusScalars 5 }
|
|
|
|
bsRadiusAccountingInterimUpdatesInterval OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0 | 60..3600)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object controls the interval for RADIUS interim updates."
|
|
DEFVAL { 60 }
|
|
::= { bsRadiusScalars 6 }
|
|
|
|
bsRadiusAccountingInterimUpdatesIntervalSource OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
configuredValue(1),
|
|
radiusServer(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object controls the source for the interval value for RADIUS
|
|
interim updates. If the value is configuredValue(1), then the value
|
|
of bsRadiusAccountingInterimUpdatesInterval is used. If the value is
|
|
radiusServer(2), then a value obtained from the RADIUS server is used."
|
|
DEFVAL { configuredValue }
|
|
::= { bsRadiusScalars 7 }
|
|
|
|
bsRadiusDynAuthReplayProtection OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Globally enable or disable RADIUS replay protection."
|
|
::= { bsRadiusScalars 8 }
|
|
|
|
bsRadiusReachability OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
useRadius(1),
|
|
useIcmp(2),
|
|
useStatusServer(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Select the method used to test RADIUS server reachablity."
|
|
DEFVAL { useIcmp }
|
|
::= { bsRadiusScalars 9 }
|
|
|
|
bsRadiusReachabilityUserName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (1..16))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The username used for the RADIUS server reachability useRadius option."
|
|
DEFVAL { "avaya" }
|
|
::= { bsRadiusScalars 10 }
|
|
|
|
bsRadiusReachabilityPassword OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE (1..16))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The password used for the RADIUS server reachability useRadius option."
|
|
DEFVAL { "avaya" }
|
|
::= { bsRadiusScalars 11 }
|
|
|
|
bsRadiusEncapsulationProtocol OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
pap(1),
|
|
ms-chap-v2(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the type of encapsulation for RADIUS packets."
|
|
DEFVAL { pap }
|
|
::= { bsRadiusScalars 12 }
|
|
|
|
bsRadiusReachabilityTimeout OBJECT-TYPE
|
|
SYNTAX Integer32 (1..60)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the time interval to wait before re-sending a message to the
|
|
RADIUS server ."
|
|
DEFVAL { 2 }
|
|
::= { bsRadiusScalars 13 }
|
|
|
|
bsRadiusReachabilityRetry OBJECT-TYPE
|
|
SYNTAX Integer32 (1..5)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the number of retry attempts to reach the RADIUS server."
|
|
DEFVAL { 3 }
|
|
::= { bsRadiusScalars 14 }
|
|
|
|
bsRadiusReachabilityBadTimer OBJECT-TYPE
|
|
SYNTAX Integer32 (30..600)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the interval between checks when the RADIUS server is
|
|
unreachable."
|
|
DEFVAL { 60 }
|
|
::= { bsRadiusScalars 15 }
|
|
|
|
bsRadiusReachabilityGoodTimer OBJECT-TYPE
|
|
SYNTAX Integer32 (30..600)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the interval between checks when the RADIUS server is
|
|
reachable."
|
|
DEFVAL { 180 }
|
|
::= { bsRadiusScalars 16 }
|
|
|
|
-- ============================================================================
|
|
-- RADIUS server configuration table
|
|
-- ============================================================================
|
|
|
|
bsRadiusServerTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF BsRadiusServerEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table is used to control RADIUS server settings."
|
|
::= { bsRadiusObjects 2 }
|
|
|
|
bsRadiusServerEntry OBJECT-TYPE
|
|
SYNTAX BsRadiusServerEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry containing objects defining how to connect to a
|
|
RADIUS server."
|
|
INDEX { bsRadiusServerIndex }
|
|
::= { bsRadiusServerTable 1 }
|
|
|
|
BsRadiusServerEntry ::=
|
|
SEQUENCE {
|
|
bsRadiusServerIndex Integer32,
|
|
bsRadiusServerPriority Integer32,
|
|
bsRadiusServerAddressType InetAddressType,
|
|
bsRadiusServerAddress InetAddress,
|
|
bsRadiusServerUdpPort InetPortNumber,
|
|
bsRadiusServerTimeout Integer32,
|
|
bsRadiusServerSecret OCTET STRING,
|
|
bsRadiusServerRowStatus RowStatus,
|
|
bsRadiusServerAccountingPort InetPortNumber,
|
|
bsRadiusServerAccountingEnabled TruthValue,
|
|
bsRadiusServerRetryLimit Integer32
|
|
}
|
|
|
|
bsRadiusServerIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (1..64)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A unique integer value used to identify entries in this table."
|
|
::= { bsRadiusServerEntry 1 }
|
|
|
|
bsRadiusServerPriority OBJECT-TYPE
|
|
SYNTAX Integer32 (1..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This value indicates the order in which entries in this table
|
|
are used when attempting to contact a RADIUS server. Entries
|
|
with a lower priority number are tried first. If two entries
|
|
have the same priority value, the entry with a lower index
|
|
value is tried first.
|
|
|
|
Also note that entries which contain an invalid internet
|
|
address will not be used."
|
|
::= { bsRadiusServerEntry 2 }
|
|
|
|
bsRadiusServerAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of address contained in the corresponding instance
|
|
of bsRadiusServerAddress."
|
|
::= { bsRadiusServerEntry 3 }
|
|
|
|
bsRadiusServerAddress OBJECT-TYPE
|
|
SYNTAX InetAddress
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The internet address to use when attempting to contact a
|
|
RADIUS server."
|
|
::= { bsRadiusServerEntry 4 }
|
|
|
|
bsRadiusServerUdpPort OBJECT-TYPE
|
|
SYNTAX InetPortNumber
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The UDP port number to use when trying to contact the RADIUS
|
|
server at the address contained in the corresponding instance
|
|
of bsRadiusServerAddress."
|
|
::= { bsRadiusServerEntry 5 }
|
|
|
|
bsRadiusServerTimeout OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time interval to wait before re-sending a message to this
|
|
RADIUS server."
|
|
::= { bsRadiusServerEntry 6 }
|
|
|
|
bsRadiusServerSecret OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..16))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The shared RADIUS secret to use when communicating with the
|
|
RADIUS server. Note that when this object is retrieved, its
|
|
value will always by a zero-length octet string."
|
|
::= { bsRadiusServerEntry 7 }
|
|
|
|
bsRadiusServerRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Controls row creation/deletion in this table."
|
|
::= { bsRadiusServerEntry 8 }
|
|
|
|
bsRadiusServerAccountingPort OBJECT-TYPE
|
|
SYNTAX InetPortNumber
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The UDP accounting port number to use when trying to contact the
|
|
RADIUS server at the address contained in the corresponding instance
|
|
of bsRadiusServerAddress."
|
|
::= { bsRadiusServerEntry 9 }
|
|
|
|
bsRadiusServerAccountingEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object controls whether RADIUS accounting is enabled for this
|
|
RADIUS server instance."
|
|
DEFVAL { false }
|
|
::= { bsRadiusServerEntry 10 }
|
|
|
|
bsRadiusServerRetryLimit OBJECT-TYPE
|
|
SYNTAX Integer32 (1..5)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object specifies the number of RADIUS retry attempts, for this
|
|
RADIUS server instance."
|
|
DEFVAL { 3 }
|
|
::= { bsRadiusServerEntry 11 }
|
|
|
|
-- ============================================================================
|
|
-- RADIUS Dynamic Authorization Clients configuration table
|
|
-- ============================================================================
|
|
|
|
bsRadiusDynAuthClientTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF BsRadiusDynAuthClientEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table is used to configure RADIUS Dynamic Authorization
|
|
Clients. RADIUS Dynamic Authorization Clients are entities
|
|
which can send Disconnect and Change Of Authorization
|
|
requests to a RADIUS Dynamic Authorization Server."
|
|
::= { bsRadiusObjects 3 }
|
|
|
|
bsRadiusDynAuthClientEntry OBJECT-TYPE
|
|
SYNTAX BsRadiusDynAuthClientEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry containing objects defining RADIUS Dynamic Authorization
|
|
Clients which can connect to this RADIUS Dynamic Authorization
|
|
Server."
|
|
INDEX { bsRadiusDynAuthClientAddressType,
|
|
bsRadiusDynAuthClientAddress }
|
|
::= { bsRadiusDynAuthClientTable 1 }
|
|
|
|
BsRadiusDynAuthClientEntry ::=
|
|
SEQUENCE {
|
|
bsRadiusDynAuthClientAddressType InetAddressType,
|
|
bsRadiusDynAuthClientAddress InetAddress,
|
|
bsRadiusDynAuthClientUdpPort InetPortNumber,
|
|
bsRadiusDynAuthClientSecret OCTET STRING,
|
|
bsRadiusDynAuthClientEnabled TruthValue,
|
|
bsRadiusDynAuthClientProcessDisconnectRequests TruthValue,
|
|
bsRadiusDynAuthClientProcessCoARequests TruthValue,
|
|
bsRadiusDynAuthClientRowStatus RowStatus,
|
|
bsRadiusDynAuthClientReplayProtection TruthValue,
|
|
bsRadiusDynAuthClientProcessReAuthRequests TruthValue
|
|
}
|
|
|
|
bsRadiusDynAuthClientAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of address contained in the corresponding instance
|
|
of bsRadiusDynAuthClientAddress."
|
|
::= { bsRadiusDynAuthClientEntry 1 }
|
|
|
|
bsRadiusDynAuthClientAddress OBJECT-TYPE
|
|
SYNTAX InetAddress (SIZE(0..113))
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The internet address of a RADIUS Dynamic Authorization
|
|
Client configured in this entry."
|
|
::= { bsRadiusDynAuthClientEntry 2 }
|
|
|
|
bsRadiusDynAuthClientUdpPort OBJECT-TYPE
|
|
SYNTAX InetPortNumber
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The UDP port number the server/NAS listens on for requests from the
|
|
RADIUS Dynamic Authorization Client configured in this entry."
|
|
DEFVAL { 3799 }
|
|
::= { bsRadiusDynAuthClientEntry 3 }
|
|
|
|
bsRadiusDynAuthClientSecret OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..16))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The secret shared between RADIUS Dynamic Authorization
|
|
Client and Server. Note that when this object is retrieved, its
|
|
value will always by a zero-length octet string."
|
|
DEFVAL { ''H }
|
|
::= { bsRadiusDynAuthClientEntry 4 }
|
|
|
|
bsRadiusDynAuthClientEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable or disable packet receive from this RADIUS Dynamic
|
|
Authorization Client. The NAS will not listen for requests
|
|
from the client unless this object is true(1)."
|
|
DEFVAL { false }
|
|
::= { bsRadiusDynAuthClientEntry 5 }
|
|
|
|
bsRadiusDynAuthClientProcessDisconnectRequests OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable or disable processing of Disconnect requests
|
|
from the RADIUS Dynamic Authorization Client."
|
|
DEFVAL { false }
|
|
::= { bsRadiusDynAuthClientEntry 6 }
|
|
|
|
bsRadiusDynAuthClientProcessCoARequests OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable or disable processing of Change-Of-Authorization
|
|
requests from the RADIUS Dynamic Authorization Client."
|
|
DEFVAL { false }
|
|
::= { bsRadiusDynAuthClientEntry 7 }
|
|
|
|
bsRadiusDynAuthClientRowStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Controls row creation/deletion in this table."
|
|
::= { bsRadiusDynAuthClientEntry 8 }
|
|
|
|
bsRadiusDynAuthClientReplayProtection OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable or disable RADIUS replay protection."
|
|
::= { bsRadiusDynAuthClientEntry 9 }
|
|
|
|
bsRadiusDynAuthClientProcessReAuthRequests OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable or disable the processing of Reauthentication
|
|
requests from the RADIUS Dynamic Authorization Client."
|
|
DEFVAL { false }
|
|
::= { bsRadiusDynAuthClientEntry 10 }
|
|
|
|
-- ============================================================================
|
|
-- RADIUS Dynamic Authorization Clients - Extended
|
|
-- ============================================================================
|
|
|
|
bsRadiusExtDynAuthClientTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF BsRadiusExtDynAuthClientEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The (conceptual) table listing the RADIUS Dynamic
|
|
Authorization Clients with which the server shares a
|
|
secret. This is an extension of radiusDynAuthClientTable."
|
|
::= { bsRadiusObjects 4 }
|
|
|
|
bsRadiusExtDynAuthClientEntry OBJECT-TYPE
|
|
SYNTAX BsRadiusExtDynAuthClientEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (conceptual row) representing one Dynamic
|
|
Authorization Client with which the server shares a
|
|
secret."
|
|
AUGMENTS { radiusDynAuthClientEntry }
|
|
::= { bsRadiusExtDynAuthClientTable 1 }
|
|
|
|
BsRadiusExtDynAuthClientEntry ::= SEQUENCE {
|
|
bsRadiusExtDynAuthServRcRequests Counter32,
|
|
bsRadiusExtDynAuthServRcAuthOnlyRequests Counter32,
|
|
bsRadiusExtDynAuthServRcDupRequests Counter32,
|
|
bsRadiusExtDynAuthServRcAcks Counter32,
|
|
bsRadiusExtDynAuthServRcNacks Counter32,
|
|
bsRadiusExtDynAuthServRcNacksAuthOnlyRequests Counter32,
|
|
bsRadiusExtDynAuthServRcNacksNoSess Counter32,
|
|
bsRadiusExtDynAuthServRcSessReauthenticated Counter32,
|
|
bsRadiusExtDynAuthServRcMalformed Counter32,
|
|
bsRadiusExtDynAuthServRcDropped Counter32,
|
|
bsRadiusExtDynAuthServRcBadAuths Counter32
|
|
}
|
|
|
|
bsRadiusExtDynAuthServRcRequests OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "requests"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of RADIUS Reauthentication-requests received
|
|
from this Dynamic Authorization Client. This also includes
|
|
the Reauthentication requests that have a Service-Type
|
|
attribute with value 'Authorize Only'. This counter may
|
|
experience a discontinuity when the DAS module (re)starts,
|
|
as indicated by the value of radiusDynAuthServerCounterDiscontinuity."
|
|
REFERENCE
|
|
"Reauthentication extension for RFC3576 ."
|
|
::= { bsRadiusExtDynAuthClientEntry 1 }
|
|
|
|
bsRadiusExtDynAuthServRcAuthOnlyRequests OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "requests"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of RADIUS Reauthentication-requests that include a
|
|
Service-Type attribute with value 'Authorize Only'
|
|
received from this Dynamic Authorization Client. This
|
|
counter may experience a discontinuity when the DAS
|
|
module (re)starts, as indicated by the value of
|
|
radiusDynAuthServerCounterDiscontinuity."
|
|
REFERENCE
|
|
"Reauthentication extension for RFC3576 ."
|
|
::= { bsRadiusExtDynAuthClientEntry 2 }
|
|
|
|
bsRadiusExtDynAuthServRcDupRequests OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "requests"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of duplicate RADIUS Reauthentication-Request packets
|
|
received from this Dynamic Authorization Client. This
|
|
counter may experience a discontinuity when the DAS
|
|
module (re)starts, as indicated by the value of
|
|
radiusDynAuthServerCounterDiscontinuity."
|
|
REFERENCE
|
|
"Reauthentication extension for RFC3576 ."
|
|
::= { bsRadiusExtDynAuthClientEntry 3 }
|
|
|
|
bsRadiusExtDynAuthServRcAcks OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "requests"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of incoming Reauthentication packets from this
|
|
Dynamic Authorization Client silently discarded
|
|
by the server application for some reason other than
|
|
malformed, bad authenticators, or unknown types. This
|
|
counter may experience a discontinuity when the DAS
|
|
module (re)starts, as indicated by the value of
|
|
radiusDynAuthServerCounterDiscontinuity."
|
|
REFERENCE
|
|
"Reauthentication extension for RFC3576 ."
|
|
::= { bsRadiusExtDynAuthClientEntry 4 }
|
|
|
|
bsRadiusExtDynAuthServRcNacks OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "requests"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of RADIUS Reauthentication-NAK packets sent to
|
|
this Dynamic Authorization Client. This includes
|
|
the RADIUS Reauthentication-NAK packets sent with a Service-Type
|
|
attribute with value 'Authorize Only' and the RADIUS
|
|
Reauthentication-NAK packets sent because no session context was
|
|
found. This counter may experience a discontinuity
|
|
when the DAS module (re)starts, as indicated by the
|
|
value of radiusDynAuthServerCounterDiscontinuity."
|
|
REFERENCE
|
|
"Reauthentication extension for RFC3576 ."
|
|
::= { bsRadiusExtDynAuthClientEntry 5 }
|
|
|
|
bsRadiusExtDynAuthServRcNacksAuthOnlyRequests OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "requests"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of RADIUS Reauthentication-NAK packets that include a
|
|
Service-Type attribute with value 'Authorize Only'
|
|
sent to this Dynamic Authorization Client. This counter
|
|
may experience a discontinuity when the DAS module
|
|
(re)starts, as indicated by the value of
|
|
radiusDynAuthServerCounterDiscontinuity."
|
|
REFERENCE
|
|
"Reauthentication extension for RFC3576 ."
|
|
::= { bsRadiusExtDynAuthClientEntry 6 }
|
|
|
|
bsRadiusExtDynAuthServRcNacksNoSess OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "requests"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of RADIUS Reauthentication-NAK packets sent to this
|
|
Dynamic Authorization Client because no session context
|
|
was found. This counter may experience a discontinuity
|
|
when the DAS module (re)starts, as indicated by the
|
|
value of radiusDynAuthServerCounterDiscontinuity."
|
|
REFERENCE
|
|
"Reauthentication extension for RFC3576 ."
|
|
::= { bsRadiusExtDynAuthClientEntry 7 }
|
|
|
|
bsRadiusExtDynAuthServRcSessReauthenticated OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "requests"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of user sessions reauthenticated
|
|
for the Reauthentication-Requests received from this
|
|
Dynamic Authorization Client. Depending on site-
|
|
specific policies, a single Reauthentication request can change
|
|
multiple user sessions' authorization. In cases where
|
|
this Dynamic Authorization Server has no knowledge of
|
|
the number of user sessions that are affected by a
|
|
single request, each such CoA-Request will
|
|
count as a single affected user session only. This
|
|
counter may experience a discontinuity when the DAS
|
|
module (re)starts, as indicated by the value of
|
|
radiusDynAuthServerCounterDiscontinuity."
|
|
REFERENCE
|
|
"Reauthentication extension for RFC3576 ."
|
|
::= { bsRadiusExtDynAuthClientEntry 8 }
|
|
|
|
bsRadiusExtDynAuthServRcMalformed OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "requests"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of malformed RADIUS Reauthentication-Request
|
|
packets received from this Dynamic Authorization Client.
|
|
Bad authenticators and unknown types are not included
|
|
as malformed Reauthentication-Requests. This counter
|
|
may experience a discontinuity when the DAS module
|
|
(re)starts, as indicated by the value of
|
|
radiusDynAuthServerCounterDiscontinuity."
|
|
REFERENCE
|
|
"Reauthentication extension for RFC3576 ."
|
|
::= { bsRadiusExtDynAuthClientEntry 9 }
|
|
|
|
bsRadiusExtDynAuthServRcDropped OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "requests"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of incoming Reauthentication packets from this
|
|
Dynamic Authorization Client silently discarded
|
|
by the server application for some reason other than
|
|
malformed, bad authenticators, or unknown types. This
|
|
counter may experience a discontinuity when the DAS
|
|
module (re)starts, as indicated by the value of
|
|
radiusDynAuthServerCounterDiscontinuity."
|
|
REFERENCE
|
|
"Reauthentication extension for RFC3576 ."
|
|
::= { bsRadiusExtDynAuthClientEntry 10 }
|
|
|
|
bsRadiusExtDynAuthServRcBadAuths OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
UNITS "requests"
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of RADIUS Reauthentication-Request packets that
|
|
contained an invalid Authenticator field received
|
|
from this Dynamic Authorization Client. This counter
|
|
may experience a discontinuity when the DAS module
|
|
(re)starts, as indicated by the value of
|
|
radiusDynAuthServerCounterDiscontinuity."
|
|
REFERENCE
|
|
"Reauthentication extension for RFC3576 ."
|
|
::= { bsRadiusExtDynAuthClientEntry 11 }
|
|
|
|
-- ============================================================================
|
|
-- Notifications
|
|
-- ============================================================================
|
|
|
|
bsRadiusReachabilityServerDown NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
bsRadiusServerAddressType,
|
|
bsRadiusServerAddress
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when a Radius server fails to
|
|
respond to reachability requests."
|
|
::= { bsRadiusNotifications 1 }
|
|
|
|
|
|
bsRadiusReachabilityServerUp NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
bsRadiusServerAddressType,
|
|
bsRadiusServerAddress
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This notification is generated when a Radius server, which has
|
|
previously failed to respond to reachability requests, responds
|
|
to a reachability request."
|
|
::= { bsRadiusNotifications 2 }
|
|
|
|
END
|
|
|