236 lines
9.5 KiB
Plaintext
236 lines
9.5 KiB
Plaintext
-- ZyXEL Communications Corporation
|
|
-- Private Enterprise MIB definition
|
|
|
|
-- This file describes the ZyXEL Communications Corporation Enterprise MIB.
|
|
-- It contains ZyXEL products OIDs, and common managed objects.
|
|
|
|
-- $Log: ZYXEL-PORT-AUTHENTICATION-MIB.mib $
|
|
-- Revision 1.7 2013/12/06 07:07:55 ccho
|
|
-- remove uncessary imports
|
|
-- Revision 1.6 2013/11/20 06:53:55 ccho
|
|
-- renaming identifier name for SMI.V2
|
|
-- Revision 1.5 2013/11/06 05:42:10 ccho
|
|
-- fix mib style
|
|
-- Revision 1.4 2012/09/19 07:43:52 Kevin
|
|
-- if it's leaf node, revise the vender name from zyxel to zy
|
|
-- Revision 1.3 2012/08/22 09:47:30 Kevin
|
|
-- clean warning for SNMPc
|
|
-- Revision 1.2 2012/07/05 06:24:13 Kevin
|
|
-- 1. upgrade from SNMP to SNMPv2
|
|
-- 2. clean warning
|
|
-- Revision 1.1 2012/05/30 07:50:24 Kevin
|
|
-- Initial revision
|
|
|
|
ZYXEL-PORT-AUTHENTICATION-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
OBJECT-TYPE
|
|
FROM SNMPv2-SMI -- RFC2578
|
|
|
|
MODULE-IDENTITY
|
|
FROM SNMPv2-SMI
|
|
|
|
EnabledStatus
|
|
FROM P-BRIDGE-MIB
|
|
|
|
dot1dBasePort
|
|
FROM BRIDGE-MIB
|
|
|
|
esMgmt
|
|
FROM ZYXEL-ES-SMI;
|
|
|
|
zyxelPortAuthentication MODULE-IDENTITY
|
|
LAST-UPDATED "201207010000Z"
|
|
ORGANIZATION "Enterprise Solution ZyXEL"
|
|
CONTACT-INFO
|
|
""
|
|
DESCRIPTION
|
|
"The subtree for port authentication"
|
|
::= { esMgmt 62 }
|
|
|
|
zyxelPortAuthenticationSetup OBJECT IDENTIFIER ::= { zyxelPortAuthentication 1 }
|
|
|
|
|
|
-- *******************************************************************
|
|
-- *
|
|
-- * zyxelPortAuthenticationSetup
|
|
-- *
|
|
-- *******************************************************************
|
|
|
|
-- zyxelPortAuthenticationState
|
|
zyPortAuthenticationState OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable/Disable 802.1x port authentication for the switch."
|
|
::= { zyxelPortAuthenticationSetup 1 }
|
|
|
|
-- zyxelPortAuthenticationTable
|
|
zyxelPortAuthenticationPortTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF ZyxelPortAuthenticationPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table contains port authentication configuration"
|
|
::= { zyxelPortAuthenticationSetup 2 }
|
|
|
|
zyxelPortAuthenticationPortEntry OBJECT-TYPE
|
|
SYNTAX ZyxelPortAuthenticationPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry contains port authentication configuration."
|
|
INDEX { dot1dBasePort }
|
|
::= { zyxelPortAuthenticationPortTable 1 }
|
|
|
|
ZyxelPortAuthenticationPortEntry ::=
|
|
SEQUENCE {
|
|
zyPortAuthenticationPortState EnabledStatus,
|
|
zyPortReAuthenticationPortState EnabledStatus,
|
|
zyPortReAuthenticationPortTimer INTEGER ,
|
|
zyPortAuthenticationPortQuietPeriod INTEGER ,
|
|
zyPortAuthenticationPortTxPeriod INTEGER ,
|
|
zyPortAuthenticationPortSupplicantTimeout INTEGER ,
|
|
zyPortAuthenticationPortMaxRequest INTEGER ,
|
|
zyPortAuthenticationPortGuestVlanState EnabledStatus,
|
|
zyPortAuthenticationPortGuestVlan INTEGER ,
|
|
zyPortAuthenticationPortGuestVlanHostMode INTEGER ,
|
|
zyPortAuthenticationPortGuestVlanHostModeMultiSecureNumber INTEGER ,
|
|
zyPortAuthenticationPortCompoundAuthenticationMode INTEGER
|
|
}
|
|
|
|
zyPortAuthenticationPortState OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable/Disable 802.1x port authentication on the port. You must first allow 802.1x authentication on
|
|
the Switch before configuring it on each port. "
|
|
::= { zyxelPortAuthenticationPortEntry 1 }
|
|
|
|
zyPortReAuthenticationPortState OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable/Disable 802.1x port re-authentication on the port. Specify if a subscriber has to periodically
|
|
re-enter his or her username and password to stay connected to the port."
|
|
::= { zyxelPortAuthenticationPortEntry 2 }
|
|
|
|
zyPortReAuthenticationPortTimer OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specify the length of time required to pass before a client has to re-enter his or her username and
|
|
password to stay connected to the port. "
|
|
::= { zyxelPortAuthenticationPortEntry 3 }
|
|
|
|
zyPortAuthenticationPortQuietPeriod OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specify the number of seconds the port remains in the HELD state and rejects further authentication
|
|
requests from the connected client after a failed authentication exchange. "
|
|
::= { zyxelPortAuthenticationPortEntry 4 }
|
|
|
|
zyPortAuthenticationPortTxPeriod OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specify the number of seconds the Switch waits for client's response before re-sending an identity
|
|
request to the client. "
|
|
::= { zyxelPortAuthenticationPortEntry 5 }
|
|
|
|
zyPortAuthenticationPortSupplicantTimeout OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specify the number of seconds the Switch waits for client's response to a challenge request before
|
|
sending another request. "
|
|
::= { zyxelPortAuthenticationPortEntry 6 }
|
|
|
|
zyPortAuthenticationPortMaxRequest OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specify the number of times the Switch tries to authenticate client(s) before sending unresponsive
|
|
ports to the Guest VLAN. This is set to 2 by default. That is, the Switch attempts to authenticate a
|
|
client twice. If the client does not respond to the first authentication request, the Switch tries again. If the client still does not respond to the second request, the Switch sends the client to the Guest VLAN. The client needs to send a new request to be authenticated by the Switch again. "
|
|
::= { zyxelPortAuthenticationPortEntry 7 }
|
|
|
|
zyPortAuthenticationPortGuestVlanState OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable/Disable Guest VLAN on the port. Clients that fail authentication are placed in the guest VLAN
|
|
and can receive limited services. "
|
|
::= { zyxelPortAuthenticationPortEntry 8 }
|
|
|
|
zyPortAuthenticationPortGuestVlan OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enter the number that identifies the guest VLAN. Make sure this is a VLAN recognized in your network.
|
|
A guest VLAN is a pre-configured VLAN on the Switch that allows non-authenticated users to access
|
|
limited network resources through the Switch. You must also enable IEEE 802.1x authentication on the
|
|
Switch and the associated ports. "
|
|
::= { zyxelPortAuthenticationPortEntry 9 }
|
|
|
|
zyPortAuthenticationPortGuestVlanHostMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
multiHost(0),
|
|
multiSecure(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specify how the Switch authenticates users when more than one user connect to the port (using a hub).
|
|
Select Multi-Host to authenticate only the first user that connects to this port. If the first user
|
|
enters the correct credential, any other users are allowed to access the port without authentication.
|
|
If the first user fails to enter the correct credential, they are all put in the guest VLAN. Once the
|
|
first user who did authentication logs out or disconnects from the port, rest of the users are blocked
|
|
until a user does the authentication process again.
|
|
Select Multi-Secure to authenticate each user that connects to this port. "
|
|
::= { zyxelPortAuthenticationPortEntry 10 }
|
|
|
|
zyPortAuthenticationPortGuestVlanHostModeMultiSecureNumber OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"If you set Host-mode to Multi-Secure, specify the maximum number of users that the
|
|
Switch will authenticate on this port. "
|
|
::= { zyxelPortAuthenticationPortEntry 11 }
|
|
|
|
zyPortAuthenticationPortCompoundAuthenticationMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
strict(0),
|
|
loose(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Set compound authentication mode at strict mode or loose mode for the switch. Users can use this setting
|
|
to choise authentication strict or loose of 802.1x and mac authentication."
|
|
::= { zyxelPortAuthenticationPortEntry 12 }
|
|
|
|
-- zyxelPortAuthenticationEapolFloodState
|
|
zyPortAuthenticationEapolFloodState OBJECT-TYPE
|
|
SYNTAX EnabledStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable/Disable EAPoL flood for the switch. Users can use
|
|
this setting to control forwarding of EAPoL packet when 802.1x function is disable."
|
|
::= { zyxelPortAuthenticationSetup 3 }
|
|
|
|
END
|