833 lines
34 KiB
Plaintext
833 lines
34 KiB
Plaintext
GB15629dot11-WAPI-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY,OBJECT-TYPE,Counter32,Unsigned32,Integer32
|
|
FROM SNMPv2-SMI
|
|
MacAddress,TruthValue,DisplayString
|
|
FROM SNMPv2-TC
|
|
MODULE-COMPLIANCE,OBJECT-GROUP
|
|
FROM SNMPv2-CONF
|
|
ifIndex
|
|
FROM RFC1213-MIB;
|
|
|
|
gb15629dot11wapiMIB MODULE-IDENTITY
|
|
LAST-UPDATED "200705211757Z"
|
|
ORGANIZATION
|
|
"China Broadband Wireless IP Standard Group."
|
|
CONTACT-INFO
|
|
"Contact:
|
|
E-mail: bwips@chinabwips.org
|
|
P.O.BOX 88, West High-tech Development Center, Xi'an, China.
|
|
710075
|
|
Tel: +86 29 8838 6220
|
|
Fax: +86 29 8838 6218
|
|
"
|
|
DESCRIPTION
|
|
"Manage WAPI module."
|
|
::= { gb15629-11-mibs 1 }
|
|
|
|
|
|
member-body OBJECT IDENTIFIER ::= { iso 2 }
|
|
cn OBJECT IDENTIFIER ::= { member-body 156 }
|
|
bwips OBJECT IDENTIFIER ::= { cn 11235 }
|
|
gb15629 OBJECT IDENTIFIER ::= { bwips 15629 }
|
|
gb15629-11 OBJECT IDENTIFIER ::= { gb15629 11 }
|
|
gb15629-11-mibs OBJECT IDENTIFIER ::= { gb15629-11 1 }
|
|
|
|
wapiMIBObjects OBJECT IDENTIFIER ::= { gb15629dot11wapiMIB 1 }
|
|
|
|
gb15629dot11wapiConfigTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Gb15629dot11wapiConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table containing WAPI configuration objects."
|
|
::= { wapiMIBObjects 1 }
|
|
|
|
gb15629dot11wapiConfigEntry OBJECT-TYPE
|
|
SYNTAX Gb15629dot11wapiConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the gb15629dot11wapiConfigTable."
|
|
INDEX { ifIndex }
|
|
::= { gb15629dot11wapiConfigTable 1 }
|
|
|
|
Gb15629dot11wapiConfigEntry ::=
|
|
SEQUENCE {
|
|
gb15629dot11wapiConfigVersion Integer32,
|
|
gb15629dot11wapiControlledAuthControl TruthValue,
|
|
gb15629dot11wapiControlledPortControl INTEGER,
|
|
gb15629dot11wapiOptionImplemented TruthValue,
|
|
gb15629dot11wapiPreauthenticationImplemented TruthValue,
|
|
gb15629dot11wapiEnabled TruthValue,
|
|
gb15629dot11wapiPreauthenticationEnabled TruthValue,
|
|
gb15629dot11wapiConfigUnicastKeysSupported Unsigned32,
|
|
gb15629dot11wapiConfigUnicastRekeyMethod INTEGER,
|
|
gb15629dot11wapiConfigUnicastRekeyTime Unsigned32,
|
|
gb15629dot11wapiConfigUnicastRekeyPackets Unsigned32,
|
|
gb15629dot11wapiConfigMulticastCipher OCTET STRING,
|
|
gb15629dot11wapiConfigMulticastRekeyMethod INTEGER,
|
|
gb15629dot11wapiConfigMulticastRekeyTime Unsigned32,
|
|
gb15629dot11wapiConfigMulticastRekeyPackets Unsigned32,
|
|
gb15629dot11wapiConfigMulticastRekeyStrict TruthValue,
|
|
gb15629dot11wapiConfigPSKValue OCTET STRING,
|
|
gb15629dot11wapiConfigPSKPassPhrase DisplayString,
|
|
gb15629dot11wapiConfigCertificateUpdateCount Unsigned32,
|
|
gb15629dot11wapiConfigMulticastUpdateCount Unsigned32,
|
|
gb15629dot11wapiConfigUnicastUpdateCount Unsigned32,
|
|
gb15629dot11wapiConfigMulticastCipherSize Unsigned32,
|
|
gb15629dot11wapiConfigBKLifetime Unsigned32,
|
|
gb15629dot11wapiConfigBKReauthThreshold Unsigned32,
|
|
gb15629dot11wapiConfigSATimeout Unsigned32,
|
|
gb15629dot11wapiAuthenticationSuiteSelected OCTET STRING,
|
|
gb15629dot11wapiUnicastCipherSelected OCTET STRING,
|
|
gb15629dot11wapiMulticastCipherSelected OCTET STRING,
|
|
gb15629dot11wapiBKIDUsed OCTET STRING,
|
|
gb15629dot11wapiAuthenticationSuiteRequested OCTET STRING,
|
|
gb15629dot11wapiUnicastCipherRequested OCTET STRING,
|
|
gb15629dot11wapiMulticastCipherRequested OCTET STRING
|
|
}
|
|
|
|
gb15629dot11wapiConfigVersion OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The highest WAPI version this entity supports."
|
|
::= { gb15629dot11wapiConfigEntry 1 }
|
|
|
|
gb15629dot11wapiControlledAuthControl OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether the entity enables
|
|
authentication. When the value is FALSE, it shall indicate that
|
|
authentication is not enabled on this entity, and the status of
|
|
the controlled port is 'authenticated'. When the value is TURE,
|
|
it shall indicate that authentication is enabled, and the status
|
|
of controlled port is decided by
|
|
gb15629dot11wapiControlledPortControl."
|
|
::= { gb15629dot11wapiConfigEntry 2 }
|
|
|
|
gb15629dot11wapiControlledPortControl OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the controlling type of the entity's port.
|
|
This object is available when
|
|
gb15629dot11wapiControlledAuthControl is TURE. When the value is
|
|
zero, it means 'automatic', and the status of the controlled port
|
|
is decided by authentication result. When the value is one,
|
|
it means 'forcible unauthenticated', and the status of the
|
|
controlled port is 'unauthenticated'."
|
|
::= { gb15629dot11wapiConfigEntry 3 }
|
|
|
|
gb15629dot11wapiOptionImplemented OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether the entity support WAPI. When the
|
|
value is TURE, it shall indicate that the entity support WAPI.
|
|
Otherwise, it shall indicate that the entity doesn't support WAPI."
|
|
::= { gb15629dot11wapiConfigEntry 4 }
|
|
|
|
gb15629dot11wapiPreauthenticationImplemented OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether the entity support WAPI
|
|
preauthentication. This object can't be set to TURE, unless
|
|
gb15629dot11wapiOptionImplemented is TURE."
|
|
::= { gb15629dot11wapiConfigEntry 5 }
|
|
|
|
gb15629dot11wapiEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When this object is set to TRUE, it shall indicate that WAPI is
|
|
enabled on this entity. The entity will advertise the WAPI
|
|
information element in its beacon and probe response frames."
|
|
::= { gb15629dot11wapiConfigEntry 6 }
|
|
|
|
gb15629dot11wapiPreauthenticationEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When this object is set to TRUE, it shall indicate that WAPI
|
|
preauthentication is enabled on this entity. Otherwise, it shall
|
|
indicate that WAPI preauthentication is disabled on this entity.
|
|
This object requires that gb15629dot11WAPIEnabled also be set to
|
|
TRUE."
|
|
::= { gb15629dot11wapiConfigEntry 7 }
|
|
|
|
gb15629dot11wapiConfigUnicastKeysSupported OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates how many unicast keys the entity supports
|
|
for WAPI."
|
|
::= { gb15629dot11wapiConfigEntry 8 }
|
|
|
|
gb15629dot11wapiConfigUnicastRekeyMethod OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disabled(1),
|
|
timeBased(2),
|
|
packetBased(3),
|
|
timepacket-Based(4)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object selects a mechanism for rekeying the WAPI USK. The
|
|
default is time-based, once per day. Rekeying the USK is only
|
|
applicable to an entity acting as a role of AE or ASUE."
|
|
DEFVAL { timeBased }
|
|
::= { gb15629dot11wapiConfigEntry 9 }
|
|
|
|
gb15629dot11wapiConfigUnicastRekeyTime OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time in seconds after which the WAPI USK shall be refreshed.
|
|
The timer shall start at the moment the USK was set using the
|
|
MLME-SETWPIKEYS request primitive."
|
|
DEFVAL { 86400 }
|
|
::= { gb15629dot11wapiConfigEntry 10 }
|
|
|
|
gb15629dot11wapiConfigUnicastRekeyPackets OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
UNITS "1000 packets"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A packet count (in 1000s of packets) after which the WAPI USK
|
|
shall be refreshed. The packet counter shall start at the moment
|
|
the USK was set using the MLME-SETKEYS request primitive and it
|
|
shall count all packets encrypted using the current USK."
|
|
::= { gb15629dot11wapiConfigEntry 11 }
|
|
|
|
gb15629dot11wapiConfigMulticastCipher OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the multicast cipher suite selector the
|
|
entity must use. The multicast cipher suite in the WAPI
|
|
information element shall take its value from this variable.
|
|
It consists of an OUI (the first 3 octets) and a cipher suite
|
|
identifier (the last octet)."
|
|
::= { gb15629dot11wapiConfigEntry 12 }
|
|
|
|
gb15629dot11wapiConfigMulticastRekeyMethod OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disabled(1),
|
|
timeBased(2),
|
|
packetBased(3),
|
|
timepacket-Based(4)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object selects a mechanism for rekeying the WAPI MSK. The
|
|
default is time-based, once per day. Rekeying the MSK is only
|
|
applicable to an entity acting as a role of AE or ASUE."
|
|
DEFVAL { timeBased }
|
|
::= { gb15629dot11wapiConfigEntry 13 }
|
|
|
|
gb15629dot11wapiConfigMulticastRekeyTime OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The time in seconds after which the WAPI MSK shall be refreshed.
|
|
The timer shall start at the moment the MSK was set using the
|
|
MLME-SETWPIKEYS request primitive."
|
|
DEFVAL { 86400 }
|
|
::= { gb15629dot11wapiConfigEntry 14 }
|
|
|
|
gb15629dot11wapiConfigMulticastRekeyPackets OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
UNITS "1000 packets"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A packet count (in 1000s of packets) after which the WAPI MSK
|
|
shall be refreshed. The packet counter shall start at the moment
|
|
the MSK was set using the MLME-SETKEYS request primitive and it
|
|
shall count all packets encrypted using the current MSK."
|
|
::= { gb15629dot11wapiConfigEntry 15 }
|
|
|
|
gb15629dot11wapiConfigMulticastRekeyStrict OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object signals that the MSK shall be refreshed whenever a
|
|
STA leaves the BSS that possesses the MSK."
|
|
::= { gb15629dot11wapiConfigEntry 16 }
|
|
|
|
gb15629dot11wapiConfigPSKValue OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(32))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The PSK value when WAPI in PSK mode is the selected AKM suite.
|
|
In that case, the BK will obtain its value from this object.
|
|
This object is logically write-only. Reading this variable shall
|
|
return unsuccessful status or null or zero."
|
|
::= { gb15629dot11wapiConfigEntry 17 }
|
|
|
|
gb15629dot11wapiConfigPSKPassPhrase OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The PSK value when WAPI in PSK mode is the selected AKM suite,
|
|
is configured by gb15629dot11wapiConfigPSKValue.
|
|
An alternative manner of setting the PSK uses the password-to-key
|
|
algorithm. This variable provides a means to enter a
|
|
pass-phrase. When this object is written, the WAPI entity shall
|
|
use the password-to-key algorithm to derive a preshared
|
|
and populate gb15629dot11wapiConfigPSKValue with this key.
|
|
This object is logically write-only. Reading this variable shall
|
|
return unsuccessful status or null or zero."
|
|
::= { gb15629dot11wapiConfigEntry 18 }
|
|
|
|
gb15629dot11wapiConfigCertificateUpdateCount OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of times message in the WAPI certificate
|
|
authenticating handshake will be retried per certificate
|
|
authenticating handshake attempt."
|
|
DEFVAL { 3 }
|
|
::= { gb15629dot11wapiConfigEntry 19 }
|
|
|
|
gb15629dot11wapiConfigMulticastUpdateCount OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of times message in the WAPI multicast key handshake
|
|
will be retried per MSK handshake attempt."
|
|
DEFVAL { 3 }
|
|
::= { gb15629dot11wapiConfigEntry 20 }
|
|
|
|
gb15629dot11wapiConfigUnicastUpdateCount OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of times message in the WAPI unicast key handshake
|
|
will be retried per 3-way handshake attempt."
|
|
DEFVAL { 3 }
|
|
::= { gb15629dot11wapiConfigEntry 21 }
|
|
|
|
gb15629dot11wapiConfigMulticastCipherSize OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..4294967295)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the length in bits of the multicast
|
|
cipher key. This should be 256 for SMS4. first 128 bits for
|
|
encrypting, last 128 bits for integrity checking."
|
|
::= { gb15629dot11wapiConfigEntry 22 }
|
|
|
|
gb15629dot11wapiConfigBKLifetime OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximum lifetime of a BK in the BK cache."
|
|
DEFVAL { 43200 }
|
|
::= { gb15629dot11wapiConfigEntry 23 }
|
|
|
|
gb15629dot11wapiConfigBKReauthThreshold OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..100)
|
|
UNITS "percentage"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The percentage of the BK lifetime that should expire before an
|
|
reauthentication occurs."
|
|
DEFVAL { 70 }
|
|
::= { gb15629dot11wapiConfigEntry 24 }
|
|
|
|
gb15629dot11wapiConfigSATimeout OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The maximum time a security association shall take to set up."
|
|
DEFVAL { 60 }
|
|
::= { gb15629dot11wapiConfigEntry 25 }
|
|
|
|
gb15629dot11wapiAuthenticationSuiteSelected OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of the last AKM suite negotiated."
|
|
::= { gb15629dot11wapiConfigEntry 26 }
|
|
|
|
gb15629dot11wapiUnicastCipherSelected OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of the last unicast cipher negotiated."
|
|
::= { gb15629dot11wapiConfigEntry 27 }
|
|
|
|
gb15629dot11wapiMulticastCipherSelected OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of the last multicast cipher negotiated."
|
|
::= { gb15629dot11wapiConfigEntry 28 }
|
|
|
|
gb15629dot11wapiBKIDUsed OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(16))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of the last BKID used in the last unicast
|
|
cipher key handshake."
|
|
::= { gb15629dot11wapiConfigEntry 29 }
|
|
|
|
gb15629dot11wapiAuthenticationSuiteRequested OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of the last AKM suite requested."
|
|
::= { gb15629dot11wapiConfigEntry 30 }
|
|
|
|
gb15629dot11wapiUnicastCipherRequested OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of the last unicast cipher requested."
|
|
::= { gb15629dot11wapiConfigEntry 31 }
|
|
|
|
gb15629dot11wapiMulticastCipherRequested OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of the last multicast cipher requested."
|
|
::= { gb15629dot11wapiConfigEntry 32 }
|
|
|
|
gb15629dot11wapiConfigUnicastCiphersTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Gb15629dot11wapiConfigUnicastCiphersEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table lists the unicast ciphers supported by this entity.
|
|
It allows enabling and disabling of each unicast cipher by
|
|
network management. The unicast cipher suite list in the WAPI
|
|
information element is formed using the information in this
|
|
table."
|
|
::= { wapiMIBObjects 2 }
|
|
|
|
gb15629dot11wapiConfigUnicastCiphersEntry OBJECT-TYPE
|
|
SYNTAX Gb15629dot11wapiConfigUnicastCiphersEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The table entry, indexed by the interface index (or all
|
|
interfaces) and the unicast cipher."
|
|
INDEX { ifIndex, gb15629dot11wapiConfigUnicastCipherIndex }
|
|
::= { gb15629dot11wapiConfigUnicastCiphersTable 1 }
|
|
|
|
Gb15629dot11wapiConfigUnicastCiphersEntry ::=
|
|
SEQUENCE {
|
|
gb15629dot11wapiConfigUnicastCipherIndex Unsigned32,
|
|
gb15629dot11wapiConfigUnicastCipher OCTET STRING,
|
|
gb15629dot11wapiConfigUnicastCipherEnabled TruthValue,
|
|
gb15629dot11wapiConfigUnicastCipherSize Unsigned32
|
|
}
|
|
|
|
gb15629dot11wapiConfigUnicastCipherIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The auxiliary index into the
|
|
gb15629dot11wapiConfigUnicastCiphersTable."
|
|
::= { gb15629dot11wapiConfigUnicastCiphersEntry 1 }
|
|
|
|
gb15629dot11wapiConfigUnicastCipher OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of a supported unicast cipher. It consists of an
|
|
OUI(the first 3 octets) and a cipher suite identifier
|
|
(the last octet)."
|
|
::= { gb15629dot11wapiConfigUnicastCiphersEntry 2 }
|
|
|
|
gb15629dot11wapiConfigUnicastCipherEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object enables or disables the unicast cipher."
|
|
::= { gb15629dot11wapiConfigUnicastCiphersEntry 3 }
|
|
|
|
gb15629dot11wapiConfigUnicastCipherSize OBJECT-TYPE
|
|
SYNTAX Unsigned32 (0..4294967295)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the length in bits of the unicast cipher
|
|
key. This should be 256 for SMS4, first 128 bits for encrypting,
|
|
last 128 bits for integrity checking."
|
|
::= { gb15629dot11wapiConfigUnicastCiphersEntry 4 }
|
|
|
|
gb15629dot11wapiConfigAuthenticationSuitesTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Gb15629dot11wapiConfigAuthenticationSuitesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table lists the AKM suites supported by this entity. Each
|
|
AKM suite can be individually enabled and disabled. The AKM
|
|
suite list in the WAPI information element is formed using the
|
|
information in this table."
|
|
::= { wapiMIBObjects 3 }
|
|
|
|
gb15629dot11wapiConfigAuthenticationSuitesEntry OBJECT-TYPE
|
|
SYNTAX Gb15629dot11wapiConfigAuthenticationSuitesEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (row) in the
|
|
gb15629dot11wapiConfigAuthenticationSuitesTable."
|
|
INDEX { gb15629dot11wapiConfigAuthenticationSuiteIndex }
|
|
::= { gb15629dot11wapiConfigAuthenticationSuitesTable 1 }
|
|
|
|
Gb15629dot11wapiConfigAuthenticationSuitesEntry ::=
|
|
SEQUENCE {
|
|
gb15629dot11wapiConfigAuthenticationSuiteIndex Unsigned32,
|
|
gb15629dot11wapiConfigAuthenticationSuite OCTET STRING,
|
|
gb15629dot11wapiConfigAuthenticationSuiteEnabled TruthValue
|
|
}
|
|
|
|
gb15629dot11wapiConfigAuthenticationSuiteIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The auxiliary variable used as an index into the
|
|
gb15629dot11wapiConfigAuthenticationSuitesTable."
|
|
::= { gb15629dot11wapiConfigAuthenticationSuitesEntry 1 }
|
|
gb15629dot11wapiConfigAuthenticationSuite OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The selector of an AKM suite. It consists of an OUI (the first 3
|
|
octets) and a cipher suite identifier (the last octet)."
|
|
::= { gb15629dot11wapiConfigAuthenticationSuitesEntry 2 }
|
|
|
|
gb15629dot11wapiConfigAuthenticationSuiteEnabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This variable indicates the corresponding AKM suite is enabled
|
|
or disabled."
|
|
::= { gb15629dot11wapiConfigAuthenticationSuitesEntry 3 }
|
|
|
|
gb15629dot11wapiStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF Gb15629dot11wapiStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This table maintains per-STA statistics in an WAPI. The entry
|
|
with gb15629dot11wapiStatsSTAAddress set to FF-FF-FF-FF-FF-FF
|
|
shall contain statistics for broadcast/multicast traffic."
|
|
::= { wapiMIBObjects 4 }
|
|
|
|
gb15629dot11wapiStatsEntry OBJECT-TYPE
|
|
SYNTAX Gb15629dot11wapiStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry in the gb15629dot11wapiStatsTable."
|
|
INDEX { ifIndex, gb15629dot11wapiStatsIndex }
|
|
::= { gb15629dot11wapiStatsTable 1 }
|
|
|
|
Gb15629dot11wapiStatsEntry ::=
|
|
SEQUENCE {
|
|
gb15629dot11wapiStatsIndex Unsigned32,
|
|
gb15629dot11wapiStatsSTAAddress MacAddress,
|
|
gb15629dot11wapiStatsVersion Unsigned32,
|
|
gb15629dot11wapiStatsControlledPortStatus TruthValue,
|
|
gb15629dot11wapiStatsSelectedUnicastCipher OCTET STRING,
|
|
gb15629dot11wapiStatsWPIReplayCounters Counter32,
|
|
gb15629dot11wapiStatsWPIDecryptableErrors Counter32,
|
|
gb15629dot11wapiStatsWPIMICErrors Counter32,
|
|
gb15629dot11wapiStatsWAISignatureErrors Counter32,
|
|
gb15629dot11wapiStatsWAIHMACErrors Counter32,
|
|
gb15629dot11wapiStatsWAIAuthenticationResultFailures Counter32,
|
|
gb15629dot11wapiStatsWAIDiscardCounters Counter32,
|
|
gb15629dot11wapiStatsWAITimeoutCounters Counter32,
|
|
gb15629dot11wapiStatsWAIFormatErrors Counter32,
|
|
gb15629dot11wapiStatsWAICertificateHandshakeFailures Counter32,
|
|
gb15629dot11wapiStatsWAIUnicastHandshakeFailures Counter32,
|
|
gb15629dot11wapiStatsWAIMulticastHandshakeFailures Counter32
|
|
}
|
|
|
|
gb15629dot11wapiStatsIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An auxiliary index into the gb15629dot11wapiStatsTable."
|
|
::= { gb15629dot11wapiStatsEntry 1 }
|
|
|
|
gb15629dot11wapiStatsSTAAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The MAC address of the STA to which the statistics in this
|
|
conceptual row belong."
|
|
::= { gb15629dot11wapiStatsEntry 2 }
|
|
|
|
gb15629dot11wapiStatsVersion OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The WAPI version with which the STA associated."
|
|
::= { gb15629dot11wapiStatsEntry 3 }
|
|
|
|
gb15629dot11wapiStatsControlledPortStatus OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates the status of the authentication
|
|
entity's controlled port. When the value is TURE, it means
|
|
'authenticated'. Otherwise, it means 'unauthenticated'."
|
|
::= { gb15629dot11wapiStatsEntry 4 }
|
|
|
|
gb15629dot11wapiStatsSelectedUnicastCipher OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(4))
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The unicast cipher suite selector used during association."
|
|
::= { gb15629dot11wapiStatsEntry 5 }
|
|
|
|
gb15629dot11wapiStatsWPIReplayCounters OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of WPI MPDUs discarded by the replay mechanism."
|
|
::= { gb15629dot11wapiStatsEntry 6 }
|
|
|
|
gb15629dot11wapiStatsWPIDecryptableErrors OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of WPI MPDUs discarded because of unavailable cipher
|
|
key when WPI-SMS4 decrypting."
|
|
::= { gb15629dot11wapiStatsEntry 7 }
|
|
|
|
gb15629dot11wapiStatsWPIMICErrors OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of WPI MPDUs discarded because of MIC checking
|
|
failure when WPI-SMS4 decrypting."
|
|
::= { gb15629dot11wapiStatsEntry 8 }
|
|
|
|
gb15629dot11wapiStatsWAISignatureErrors OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the received WAI packets' signature
|
|
is wrong."
|
|
::= { gb15629dot11wapiStatsEntry 9 }
|
|
|
|
gb15629dot11wapiStatsWAIHMACErrors OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the received WAI packets'
|
|
message authentication key checking error occurs."
|
|
::= { gb15629dot11wapiStatsEntry 10 }
|
|
|
|
gb15629dot11wapiStatsWAIAuthenticationResultFailures OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the WAI authentication result
|
|
is unsuccessful."
|
|
::= { gb15629dot11wapiStatsEntry 11 }
|
|
|
|
gb15629dot11wapiStatsWAIDiscardCounters OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the received WAI packet is
|
|
discarded."
|
|
::= { gb15629dot11wapiStatsEntry 12 }
|
|
|
|
gb15629dot11wapiStatsWAITimeoutCounters OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the WAI packet overtime is
|
|
detected."
|
|
::= { gb15629dot11wapiStatsEntry 13 }
|
|
|
|
gb15629dot11wapiStatsWAIFormatErrors OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the WAI packets' format error occurs"
|
|
::= { gb15629dot11wapiStatsEntry 14 }
|
|
|
|
gb15629dot11wapiStatsWAICertificateHandshakeFailures OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the WAI certificate authenticates
|
|
unsuccessfully."
|
|
::= { gb15629dot11wapiStatsEntry 15 }
|
|
|
|
gb15629dot11wapiStatsWAIUnicastHandshakeFailures OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the WAI unicast cipher key
|
|
negotiates unsuccessfully."
|
|
::= { gb15629dot11wapiStatsEntry 16 }
|
|
|
|
gb15629dot11wapiStatsWAIMulticastHandshakeFailures OBJECT-TYPE
|
|
SYNTAX Counter32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This counter increases when the WAI multicast cipher key
|
|
announces unsuccessfully."
|
|
::= { gb15629dot11wapiStatsEntry 17 }
|
|
|
|
wapiMIBConformance OBJECT IDENTIFIER ::= { gb15629dot11wapiMIB 2 }
|
|
gb15629dot11wapiGroups OBJECT IDENTIFIER ::= { wapiMIBConformance 1 }
|
|
gb15629wapiCompliances OBJECT IDENTIFIER ::= { wapiMIBConformance 2 }
|
|
|
|
gb15629dot11wapiBase OBJECT-GROUP
|
|
OBJECTS {
|
|
gb15629dot11wapiConfigVersion,
|
|
gb15629dot11wapiControlledAuthControl,
|
|
gb15629dot11wapiControlledPortControl,
|
|
gb15629dot11wapiOptionImplemented,
|
|
gb15629dot11wapiPreauthenticationImplemented,
|
|
gb15629dot11wapiEnabled,
|
|
gb15629dot11wapiPreauthenticationEnabled,
|
|
gb15629dot11wapiConfigUnicastKeysSupported,
|
|
gb15629dot11wapiConfigUnicastRekeyMethod,
|
|
gb15629dot11wapiConfigUnicastRekeyTime,
|
|
gb15629dot11wapiConfigUnicastRekeyPackets,
|
|
gb15629dot11wapiConfigMulticastCipher,
|
|
gb15629dot11wapiConfigMulticastRekeyMethod,
|
|
gb15629dot11wapiConfigMulticastRekeyTime,
|
|
gb15629dot11wapiConfigMulticastRekeyPackets,
|
|
gb15629dot11wapiConfigMulticastRekeyStrict,
|
|
gb15629dot11wapiConfigPSKValue,
|
|
gb15629dot11wapiConfigPSKPassPhrase,
|
|
gb15629dot11wapiConfigCertificateUpdateCount,
|
|
gb15629dot11wapiConfigMulticastUpdateCount,
|
|
gb15629dot11wapiConfigUnicastUpdateCount,
|
|
gb15629dot11wapiConfigMulticastCipherSize,
|
|
gb15629dot11wapiConfigUnicastCipher,
|
|
gb15629dot11wapiConfigUnicastCipherEnabled,
|
|
gb15629dot11wapiConfigUnicastCipherSize,
|
|
gb15629dot11wapiConfigAuthenticationSuite,
|
|
gb15629dot11wapiConfigAuthenticationSuiteEnabled,
|
|
gb15629dot11wapiConfigSATimeout,
|
|
gb15629dot11wapiAuthenticationSuiteSelected,
|
|
gb15629dot11wapiUnicastCipherSelected,
|
|
gb15629dot11wapiMulticastCipherSelected,
|
|
gb15629dot11wapiBKIDUsed,
|
|
gb15629dot11wapiAuthenticationSuiteRequested,
|
|
gb15629dot11wapiUnicastCipherRequested,
|
|
gb15629dot11wapiMulticastCipherRequested,
|
|
gb15629dot11wapiStatsSTAAddress,
|
|
gb15629dot11wapiStatsVersion,
|
|
gb15629dot11wapiStatsControlledPortStatus,
|
|
gb15629dot11wapiStatsSelectedUnicastCipher,
|
|
gb15629dot11wapiStatsWPIReplayCounters,
|
|
gb15629dot11wapiStatsWPIDecryptableErrors,
|
|
gb15629dot11wapiStatsWPIMICErrors,
|
|
gb15629dot11wapiStatsWAISignatureErrors,
|
|
gb15629dot11wapiStatsWAIHMACErrors,
|
|
gb15629dot11wapiStatsWAIAuthenticationResultFailures,
|
|
gb15629dot11wapiStatsWAIDiscardCounters,
|
|
gb15629dot11wapiStatsWAITimeoutCounters,
|
|
gb15629dot11wapiStatsWAIFormatErrors,
|
|
gb15629dot11wapiStatsWAICertificateHandshakeFailures,
|
|
gb15629dot11wapiStatsWAIUnicastHandshakeFailures,
|
|
gb15629dot11wapiStatsWAIMulticastHandshakeFailures
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The gb15629dot11wapiBase object class provides the
|
|
necessary support for managing WAPI functionality in the
|
|
STA."
|
|
::= { gb15629dot11wapiGroups 1 }
|
|
|
|
gb15629dot11wapiBKcachingGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
gb15629dot11wapiConfigBKLifetime,
|
|
gb15629dot11wapiConfigBKReauthThreshold
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The gb15629dot11wapiBKcachingGroup object class provides
|
|
the necessary support for managing BK caching
|
|
functionality in the STA"
|
|
::= { gb15629dot11wapiGroups 2 }
|
|
|
|
gb15629dot11wapiCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for SNMPv2 entities that implement the
|
|
WAPI MIB."
|
|
MODULE
|
|
MANDATORY-GROUPS { gb15629dot11wapiBase }
|
|
::= { gb15629wapiCompliances 1 }
|
|
|
|
END
|