WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/nortel/RC-RADIUS-MIB

2934 lines
113 KiB
Plaintext
Raw Blame History

RC-RADIUS-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Integer32, Counter32, IpAddress, TimeTicks
FROM SNMPv2-SMI
TruthValue, RowStatus, DisplayString, MacAddress
FROM SNMPv2-TC
SnmpAdminString
FROM SNMP-FRAMEWORK-MIB
InterfaceIndex
FROM IF-MIB
rcRadius, rcEap
FROM RAPID-CITY
PortList
FROM Q-BRIDGE-MIB
InetAddressType, InetAddress, InetPortNumber
FROM INET-ADDRESS-MIB
radiusDynAuthClientEntry
FROM RADIUS-DYNAUTH-SERVER-MIB;
rcRadiusMib MODULE-IDENTITY
LAST-UPDATED "202011120000Z"
ORGANIZATION "Bay Networks, Rapid-City Group"
CONTACT-INFO "
Edwin Tsang
Postal: Bay Networks, Inc.
4401 Great America Parkway
Santa Clara, CA 95052-8185
Tel: 408-495-6159
Fax: 408-495-5215
E-mail: edwin_tsang@baynetworks.com
"
DESCRIPTION "Enterprise MIB for the Accelar product family."
REVISION "202011120000Z" -- 12 Nov 2020
DESCRIPTION "Version 54: Correct BITS range to start from 0 for rcEapPortTrafficControlOrigin (Oana)"
REVISION "202011040000Z" -- 04 Nov 2020
DESCRIPTION "Version 53: Update range for rcEapMultiHostStatusAceIdList and
rcEapPortRadiusAceIdList. Request by Andreea Rusu (Oana)"
REVISION "202010270000Z" -- 27 Oct 2020
DESCRIPTION "Version 52: Add new element : rcEapPortTrafficControlOrigin (Oana)"
REVISION "202010090000Z" -- 09 Oct 2020
DESCRIPTION "Version 51: Add new elements : rcEapPortRadiusAclId and rcEapPortRadiusAceIdList;
rcEapMultiHostStatusAclId and rcEapMultiHostStatusAceIdList (Oana)"
REVISION "202010090000Z" -- 09 Oct 2020
DESCRIPTION "Version 50: Add new elements : rcEapMultiHostStatusIsidSource, rcEapPortRadiusIsidSource and rcEapPortRadiusNonEapAuthType (Oana)"
REVISION "202010090000Z" -- 09 Oct 2020
DESCRIPTION "Version 49: Add new elements rcEapGlobalAutoIsidOffset && rcEapGlobalAutoIsidOffsetEnable(Oana)"
REVISION "202008240000Z" -- 24 August 2020
DESCRIPTION "Version 48: Add new elements to RcEapPortEntry(Oana)"
REVISION "202006160000Z" -- 16 June 2020
DESCRIPTION "Version 47: Modify to read-create element :
rcRadiusServHostSecureLogLevel(Oana)"
REVISION "202006120000Z" -- 12 June 2020
DESCRIPTION "Version 46: Modify DisplayString to (SIZE(1..128))
for rcRadiusSecureProfileRootCertDestFile
rcRadiusSecureProfileCertDestFile and
rcRadiusSecureProfileKeyDestFile.(Oana)"
REVISION "202005280000Z" -- 28 May 2020
DESCRIPTION "Version 45: Add rcRadiusGlobalSecureEnable,
rcRadiusServHostSecureEnable,
rcRadiusServHostSecureMode,
rcRadiusServHostSecureProfile,
rcRadiusServHostSecureLogLevel,
rcRadiusSecureProfileTable
Based on 8.1.60.0 MRT check (Prem)"
REVISION "202005060000Z" -- 6 May 2020
DESCRIPTION "Version 44: Add rcEapPortAdminTrafficControl
and rcEapPortOperTrafficControl.
Requested by Andrei Bolojan (Prem)"
REVISION "202004270000Z" -- 27 Aril 2020
DESCRIPTION "Version 43: Add rcEapMultihostStatusSwUniBindings
and rcEapPortRadiusSwUniBindings.
Requested by Viorel Haiciu (Prem)"
REVISION "202004130000Z" -- 13 Aril 2020
DESCRIPTION "Version 42: Add rcEapPortFlexUniStatus
under rcEapPortTable.
Requested by Andrei Bolojan (Prem)"
REVISION "202004130000Z" -- 13 Aril 2020
DESCRIPTION "Version 41: Add rcEapPortGuestIsid and rcEapPortFailOpenIsid
under rcEapPortTable.
Requested by Andrei Bolojan (Prem)"
REVISION "201908230000Z" -- 23 Aug 2019
DESCRIPTION "Version 40: Update rcRadiusServHostTimeOut's default value."
REVISION "201904250000Z" -- 25 Apr 2019
DESCRIPTION "Version 39: Added endpointTracking(6) to
rcRadiusServHostUsedBy .
(Oana)."
REVISION "201904240000Z" -- 24 Apr 2019
DESCRIPTION "Version 38: Changed rcEapMultiHostStatusPriority to
rcEapMultihostStatusPriority to match the
VOSS software mib definition.
Based on what was released on VOSS software
(Prem)."
REVISION "201809280000Z" -- 28 Sep 2018
DESCRIPTION "Version 37: Changed the type for:
- rcEapMultiHostStatusVlanId
- rcEapPortRadiusVlanId
from INTEGER (which should have lower/upper
bounds) to Integer32 (azmeu)"
REVISION "201802150000Z" -- 15 Feb 2018
DESCRIPTION "Version 36: Changed configurable intervals for:
- rcRadiusServHostTimeOut
- rcEapPortMultiHostMaxClients
- rcEapPortNonEapMaxClients"
REVISION "201710180000Z" -- 18 Oct 2017
DESCRIPTION "Version 35: Chnaged rcEapPortRadiusMacClearPriority to
rcEapPortRadiusMacPriority"
REVISION "201709250000Z" -- 25 September 2017
DESCRIPTION "Version 34: added rcEapMultiHostStatusPriority and
rcEapPortRaidusMacPriority.
Requested by Caludiu
Gabriel Mitroi (ppalarapu)"
REVISION "201704120000Z" -- 12 April 2017
DESCRIPTION "Version 33: added rcRadiusNotifications,
rcRadiusNotificationObjects,
rcRadiusEapRAVErrorMacAddress,
rcRadiusEapRAVErrorPort,
rcRadiusEapServAddressType and
rcRadiusEapServAddress.
Requested by Alisa Niculescu/Caludiu
Gabriel Mitroi (prempa)"
REVISION "201703290000Z" -- 29 March 2017
DESCRIPTION "Version 32: added rcRadiusSupportedVendorIds"
REVISION "201703170000Z" -- 17 March 2017
DESCRIPTION "Version 31: Added the following -
rcRadiusDynAuthClientTable,
RcRadiusDynAuthClientEntry,
rcRadiusDynAuthClientAddressType,
rcRadiusDynAuthClientAddress,
rcRadiusDynAuthClientUdpPort,
rcRadiusDynAuthClientSecret,
rcRadiusDynAuthClientEnabled,
rcRadiusDynAuthClientRowStatus,
rcRadiusDynAuthClientReplayProtection,
rcRadiusDynAuthServerRcRequests,
rcRadiusDynAuthServerRcAuthOnlyRequests,
rcRadiusDynAuthServerRcDupRequests,
rcRadiusDynAuthServerRcAcks,
rcRadiusDynAuthServerRcNacks,
rcRadiusDynAuthServerRcNacksAuthOnlyRequests,
rcRadiusDynAuthServerRcNacksNoSess,
rcRadiusDynAuthServerRcSessReauthenticated,
rcRadiusDynAuthServerRcMalformed,
rcRadiusDynAuthServerRcDropped,
rcRadiusDynAuthServerRcBadAuths"
REVISION "201703130000Z" -- 13 March 2017
DESCRIPTION "Version 30: Change range of rcEapPortMultiHostMaxClients
from 0..32 to 1..32"
REVISION "201701050000Z" -- 5 January 2017
DESCRIPTION "Version 29: Added rcRadiusReachability,
rcRadiusReachabilityUserName,
rcRadiusReachabilityPassword,
rcRadiusReachabilityUnreachableTimer,
rcRadiusReachabilityKeepAliveTimer
in rcRadiusGlobal.
Requested by Bogdan Alexandrescu (prempa)."
REVISION "201609260000Z" -- 26 September 2016
DESCRIPTION "Version 28: Added the following -
rcEapPortEapMaxClients,
rcEapPortMultiHostSingleAuthEnabled,
rcEapPortAllowDhcpPhones,
rcEapPortEapPacketMode,
rcEapPortProcessRadiusCOAPackets,
rcEapPortFailOpenVlanId,
rcEapPortFailOpenVlanUBP,
rcEapPortCloneSettingsAction,
rcEapPortCloneSettingsDestPortList in rcEapPortTable
Change description and range for rcEapPortGuestVlanId
from 0..4000 to 0..4096
Change description and range for rcEapPortNonEapMaxClients
from 1..8 to 0..32"
REVISION "201605020000Z" -- 02 May 2016
DESCRIPTION "Version 27: Added rcRadiusIpsecEnable"
REVISION "201506290000Z" -- 29 June 2015
DESCRIPTION "Version 26: Added rcEapPortRadiusMacClear in
RcEapPortRadiusMacEntry"
REVISION "201506180000Z" -- 18 June 2015
DESCRIPTION "Version 25: Added rcEapPortRadiusMacClear,
rcEapGlobalClearNonEap"
REVISION "201503310000Z" -- 31 March 2015
DESCRIPTION "Version 24: Added held (6) and authenticating(7) to
rcEapPortRadiusMacStatus"
REVISION "201412110000Z" -- 11 December 2014
DESCRIPTION "Version 23: Added the following -
rcEapGlobalNonEapRadiusPwdAttrFmt,
rcEapGlobalNonEapRadiusPwdAttrKeyString,
rcEapPortStatus in rcEapPortTable,
rcEapMultiHostStatusVlanId in rcEapMultiHostStatusTable,
rcEapPortRadiusVlanId in rcEapPortRadiusMacTable.
Changed the range of rcEapPortMultiHostMaxClients
from 1..8 to 0..32.
Added the value unauthenticated(10) to
rcEapMultiHostStatusPaeState
Changes requested by Nithin Prabhu for EAPOL and NEAP
enhancements, submit 22049 (Prem)"
REVISION "201105130000Z" -- 13 May 2011
DESCRIPTION "Version 22: Added rcRadiusServHostTable"
REVISION "201009140000Z" -- 14 September 2010
DESCRIPTION "Version 21: Added web(5) to rcRadiusServUsedBy."
REVISION "200907140000Z" -- 14 Jul 2009
DESCRIPTION "Version 20: Added rcEapGlobalNonEapIpAddrEnable, rcEapGlobalNonEapMacAddrEnable
and rcEapGlobalNonEapPortNumEnable ."
REVISION "200706270000Z" -- 27 Jun 2007
DESCRIPTION "Version 19: Changed the range for rcRadiusServerSecretKey from 20 to 32"
REVISION "200601030000Z" -- 03 Jan 2006
DESCRIPTION "Version 18: Added rcRadiusPaePortNumber and
rcRadiusEapLastAuthMac."
REVISION "200512120000Z" -- 12 Dec 2005
DESCRIPTION "Version 17: Added rcRadiusEapLastRejMac under rcRadiusGlobalSnmp"
REVISION "200505230000Z" -- 23 May 2005
DESCRIPTION "Version 16: Added rcEapPortShutDownOnIntrusion"
REVISION "200505170000Z" -- 17 May 2005
DESCRIPTION "Version 15: Updated the description for rcEapGlobalRadDiscardFilterAgeout"
REVISION "200505161800Z" -- 16 May 2005
DESCRIPTION "Version 14: Updated the DEF value for rcEapGlobalRadDiscardFilterAgeout"
REVISION "200505160000Z" -- 16 May 2005
DESCRIPTION "Version 13: Updated rcEapGlobalRadDiscardFilterAgeout"
REVISION "200505060000Z" -- 06 May 2005
DESCRIPTION "Version 12: Added rcEapPortRadiusMacTable & rcEapGlobalRadDiscardFilterAgeout"
REVISION "200501241200Z" -- 24 January 2005
DESCRIPTION "Version 11: Updated the desc field of rcEapGlobalRadAuthNonEapClients"
REVISION "200501130000Z" -- 13 January 2005
DESCRIPTION "Version 10: Added rcEapGlobalRadAuthNonEapClients and rcEapPortRadAuthNonEapClients mibs"
REVISION "200501040000Z" -- 04 January 2005
DESCRIPTION "Version 9: Added rcRadiusServSourceIpAddr under Sequence of RcRadiusServEntry "
REVISION "200412240000Z" -- 24 December 2004
DESCRIPTION "Version 8: Added rcRadiusServSourceIpAddr "
REVISION "200409300000Z" -- 30 Sept 2004
DESCRIPTION "Version 7: Change the range rcEapPortGuestVlanId start from 0.
: Import SnmpAdminString, MacAddress, InterfaceIndex type"
REVISION "200409230000Z" -- 23 Sept 2004
DESCRIPTION "Version 6: Added rcEapGlobalGuestVlanEnable, rcEapGlobalGuestVlanId , rcEapPortTable, rcEapPortAllowedMacTable, rcEapMultiHostStatusTable, rcEapMultiHostSessionStatsTable mib"
REVISION "200409080000Z" -- 08 Sept 2004
DESCRIPTION "Version 5: Added rcRadiusGlobalCliCmdCount mib"
REVISION "200407200000Z" -- 20 July 2004
DESCRIPTION "Version 4: Added version info"
::= { rcRadius 0 }
-- Radius Group
-- Radius Global Infomation
rcRadiusGlobal OBJECT IDENTIFIER ::= { rcRadius 1 }
rcRadiusGlobalEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Enable/disable this feature."
DEFVAL { false }
::= { rcRadiusGlobal 1 }
rcRadiusGlobalMaxNumberServer OBJECT-TYPE
SYNTAX INTEGER (1..10)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Maximum number of RADIUS servers."
DEFVAL { 10 }
::= { rcRadiusGlobal 2 }
rcRadiusGlobalAttributeValue OBJECT-TYPE
SYNTAX INTEGER (192..240)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Integer value for Access-Priority attribute."
DEFVAL { 192 }
::= { rcRadiusGlobal 3 }
rcRadiusGlobalServerTableSize OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Used to indicate the number of entries in the
rcRadiusServerTable."
::= { rcRadiusGlobal 4 }
rcRadiusGlobalAcctEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Enable/disable Radius Accounting feature."
DEFVAL { false }
::= { rcRadiusGlobal 5 }
rcRadiusGlobalAcctAttributeValue OBJECT-TYPE
SYNTAX INTEGER (192..240)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Integer value for User-Command attribute."
DEFVAL { 193 }
::= { rcRadiusGlobal 6 }
rcRadiusGlobalAcctIncludeCli OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Include/Exclude cli-commands in radius
acccounting updates."
DEFVAL { false }
::= { rcRadiusGlobal 7 }
rcRadiusGlobalClearStat OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Clear Radius Statistic for all servers
configured."
DEFVAL { false }
::= { rcRadiusGlobal 8 }
rcRadiusGlobalMcastAttributeValue OBJECT-TYPE
SYNTAX INTEGER (0..255)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Integer value for multicast address vendor
specific attribute."
DEFVAL { 90 }
::= { rcRadiusGlobal 9 }
rcRadiusGlobalAuthInfoAttributeValue OBJECT-TYPE
SYNTAX INTEGER (0..255)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Integer value for Auth-Info vendor specific attribute."
DEFVAL { 91 }
::= { rcRadiusGlobal 10 }
rcRadiusGlobalCommandAccess OBJECT-TYPE
SYNTAX INTEGER (192..240)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Integer value for Command-Access attribute."
DEFVAL { 194 }
::= { rcRadiusGlobal 11 }
rcRadiusGlobalCliCommands OBJECT-TYPE
SYNTAX INTEGER (192..240)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Integer value for Cli-Command attribute."
DEFVAL { 195 }
::= { rcRadiusGlobal 12 }
rcRadiusGlobalIgapLogFSize OBJECT-TYPE
SYNTAX INTEGER (50..8192)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Maximum size for the IGAP accounting time-out
log file in KB."
DEFVAL { 512 }
::= { rcRadiusGlobal 13 }
rcRadiusGlobalCliProfEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Enable/disable Radius CLI Profiling."
DEFVAL { false }
::= { rcRadiusGlobal 14 }
rcRadiusGlobalAuthInvalidServerAddress OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Number of Access Responses from unknown or
invalid Radius servers."
::= { rcRadiusGlobal 15 }
rcRadiusGlobalSourceIpFlag OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Flag to include configured IP address as source
address in RADIUS packets."
DEFVAL { false }
::= { rcRadiusGlobal 16 }
rcRadiusGlobalIgapPasswdAttr OBJECT-TYPE
SYNTAX INTEGER {
standard(1),
authinfo(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION "When this variable is set to standard(1), password in
IGAP join request is sent in standard RADIUS password
attribute. When set to authinfo(2), the password is
encoded in Auth-Info attribute."
DEFVAL { standard }
::= { rcRadiusGlobal 17 }
rcRadiusGlobalCliCmdCount OBJECT-TYPE
SYNTAX INTEGER (1..40)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Integer value for Cli-Command-count."
DEFVAL { 40 }
::= { rcRadiusGlobal 18 }
rcRadiusIpsecEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Flag to enable IPSEC on RADIUS packets."
DEFVAL { false }
::= { rcRadiusGlobal 19 }
rcRadiusReachability OBJECT-TYPE
SYNTAX INTEGER {
useStatusServerPackets(1),
useDummyRadiusRequests(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Select the method used to test RADIUS server reachablity."
DEFVAL { useStatusServerPackets }
::= { rcRadiusGlobal 20 }
rcRadiusReachabilityUserName OBJECT-TYPE
SYNTAX DisplayString (SIZE (1..16))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The username used for the RADIUS server reachability useDummyRadiusRequests option."
DEFVAL { "avaya" }
::= { rcRadiusGlobal 21 }
rcRadiusReachabilityPassword OBJECT-TYPE
SYNTAX DisplayString (SIZE (1..16))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The password used for the RADIUS server reachability useDummyRadiusRequests option."
DEFVAL { "avaya" }
::= { rcRadiusGlobal 22 }
rcRadiusReachabilityUnreachableTimer OBJECT-TYPE
SYNTAX Integer32 (30..600)
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object specifies the interval between checks when the RADIUS server is unreachable."
DEFVAL { 60 }
::= { rcRadiusGlobal 23 }
rcRadiusReachabilityKeepAliveTimer OBJECT-TYPE
SYNTAX Integer32 (30..600)
UNITS "seconds"
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object specifies the interval between checks when the RADIUS server is reachable."
DEFVAL { 180 }
::= { rcRadiusGlobal 24 }
rcRadiusSupportedVendorIds OBJECT-TYPE
SYNTAX DisplayString (SIZE (1..16))
MAX-ACCESS read-only
STATUS current
DESCRIPTION "This object specifies the supported radius vendor ids."
DEFVAL { "562,1584" }
::= { rcRadiusGlobal 25 }
rcRadiusGlobalSecureEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Enable/disable Radius Secure feature."
DEFVAL { false }
::= { rcRadiusGlobal 26 }
-- Radius Server Table Infomation
rcRadiusServerTable OBJECT-TYPE
SYNTAX SEQUENCE OF RcRadiusServerEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION "The RADIUS table (0 to 10 entries). This
table lists the information of the RADIUS server."
::= { rcRadius 2 }
rcRadiusServerEntry OBJECT-TYPE
SYNTAX RcRadiusServerEntry
MAX-ACCESS not-accessible
STATUS deprecated
DESCRIPTION "A RADIUS server table entry."
INDEX { rcRadiusServerAddress}
::= { rcRadiusServerTable 1 }
RcRadiusServerEntry ::=
SEQUENCE {
rcRadiusServerPriority INTEGER,
rcRadiusServerAddress IpAddress,
rcRadiusServerTimeOut INTEGER,
rcRadiusServerEnable TruthValue,
rcRadiusServerMaxRetries INTEGER,
rcRadiusServerUdpPort INTEGER,
rcRadiusServerSecretKey DisplayString,
rcRadiusServerAccessRequests Counter32,
rcRadiusServerAccessAccepts Counter32,
rcRadiusServerAccessRejects Counter32,
rcRadiusServerBadResponses Counter32,
rcRadiusServerPendingRequests Counter32,
rcRadiusServerClientRetries Counter32,
rcRadiusServerRowStatus RowStatus,
rcRadiusServerAcctEnable TruthValue,
rcRadiusServerAcctUdpPort INTEGER,
rcRadiusServerAcctOnRequests Counter32,
rcRadiusServerAcctOffRequests Counter32,
rcRadiusServerAcctStartRequests Counter32,
rcRadiusServerAcctStopRequests Counter32,
rcRadiusServerAcctInterimRequests Counter32,
rcRadiusServerAcctBadResponses Counter32,
rcRadiusServerAcctPendingRequests Counter32,
rcRadiusServerAcctClientRetries Counter32
}
rcRadiusServerPriority OBJECT-TYPE
SYNTAX INTEGER (1..10)
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION "Server priority, used to control which server to choose
first to send authentication."
DEFVAL { 10 }
::= { rcRadiusServerEntry 1 }
rcRadiusServerAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION "Server IP address of the RADIUS authentication server
referred to in this table entry."
::= { rcRadiusServerEntry 2 }
rcRadiusServerTimeOut OBJECT-TYPE
SYNTAX INTEGER (1..10)
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION "The time interval in seconds before the client
retransmit the packet."
DEFVAL { 3 }
::= { rcRadiusServerEntry 3 }
rcRadiusServerEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION "Enable or disable this server."
DEFVAL { true }
::= { rcRadiusServerEntry 4 }
rcRadiusServerMaxRetries OBJECT-TYPE
SYNTAX INTEGER (1..6)
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION "Maximum number of retransmissions."
DEFVAL { 3 }
::= { rcRadiusServerEntry 5 }
rcRadiusServerUdpPort OBJECT-TYPE
SYNTAX INTEGER (1..65536)
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION "The UDP port the client is using to send requests
to this server."
DEFVAL { 1812 }
::= { rcRadiusServerEntry 6 }
rcRadiusServerSecretKey OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..32))
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION "The identifier of the RADIUS authentication client."
::= { rcRadiusServerEntry 7 }
rcRadiusServerAccessRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION "The number of RADIUS access-response packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServerEntry 8 }
rcRadiusServerAccessAccepts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION "The number of RADIUS access-accept packets (valid or
invalid) received from this server."
::= { rcRadiusServerEntry 9 }
rcRadiusServerAccessRejects OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION "The number of RADIUS access-reject packets (valid or
invalid) received from this server."
::= { rcRadiusServerEntry 10 }
rcRadiusServerBadResponses OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION "The number of RADIUS invalid access-response packets
received from this server."
::= { rcRadiusServerEntry 11 }
rcRadiusServerPendingRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION "The number of RADIUS access-request packets destined
for this server that have not yet timed out or
received a response. This variable is incremented
when an access-request is sent and decremented due
to receipt of an access-accept, access-reject, a
timeout or retransmission."
::= { rcRadiusServerEntry 12 }
rcRadiusServerClientRetries OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION "The number of authentication retransmission to
this server."
::= { rcRadiusServerEntry 13 }
rcRadiusServerRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION "Used to create/delete entries."
::= { rcRadiusServerEntry 14 }
rcRadiusServerAcctEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION "Enable or disable Radius Accounting on this server."
DEFVAL { true }
::= { rcRadiusServerEntry 15 }
rcRadiusServerAcctUdpPort OBJECT-TYPE
SYNTAX INTEGER (1..65536)
MAX-ACCESS read-write
STATUS deprecated
DESCRIPTION "The UDP port the client used to send accounting
requests to this server."
DEFVAL { 1813 }
::= { rcRadiusServerEntry 16 }
rcRadiusServerAcctOnRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION "The number of RADIUS accounting-on packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServerEntry 17 }
rcRadiusServerAcctOffRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION "The number of RADIUS accounting-off packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServerEntry 18 }
rcRadiusServerAcctStartRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION "The number of RADIUS accounting-start packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServerEntry 19 }
rcRadiusServerAcctStopRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION "The number of RADIUS accounting-stop packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServerEntry 20 }
rcRadiusServerAcctInterimRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION "The number of RADIUS accounting-interim packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServerEntry 21 }
rcRadiusServerAcctBadResponses OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION "The number of Invalid responses received from this
server."
::= { rcRadiusServerEntry 22 }
rcRadiusServerAcctPendingRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION "The number of RADIUS accounting packets that are waiting
be sent to this server. This variable is incremented
whenever any accounting-request is sent to this server and
decremented when an acknowledgement is received or timeout
occurs."
::= { rcRadiusServerEntry 23 }
rcRadiusServerAcctClientRetries OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS deprecated
DESCRIPTION "The number of RADIUS accounting packets retransmitted
to this server."
::= { rcRadiusServerEntry 24 }
-- Radius Serv Table
rcRadiusServTable OBJECT-TYPE
SYNTAX SEQUENCE OF RcRadiusServEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "The RADIUS table (0 to 10 entries). This
table lists the information of the RADIUS server."
::= { rcRadius 3 }
rcRadiusServEntry OBJECT-TYPE
SYNTAX RcRadiusServEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "A RADIUS server table entry."
INDEX { rcRadiusServAddress, rcRadiusServUsedBy }
::= { rcRadiusServTable 1 }
RcRadiusServEntry ::=
SEQUENCE {
rcRadiusServPriority INTEGER,
rcRadiusServAddress IpAddress,
rcRadiusServTimeOut INTEGER,
rcRadiusServEnable TruthValue,
rcRadiusServMaxRetries INTEGER,
rcRadiusServUdpPort INTEGER,
rcRadiusServSecretKey DisplayString,
rcRadiusServAccessRequests Counter32,
rcRadiusServAccessAccepts Counter32,
rcRadiusServAccessRejects Counter32,
rcRadiusServBadResponses Counter32,
rcRadiusServPendingRequests Counter32,
rcRadiusServClientRetries Counter32,
rcRadiusServRowStatus RowStatus,
rcRadiusServAcctEnable TruthValue,
rcRadiusServAcctUdpPort INTEGER,
rcRadiusServAcctOnRequests Counter32,
rcRadiusServAcctOffRequests Counter32,
rcRadiusServAcctStartRequests Counter32,
rcRadiusServAcctStopRequests Counter32,
rcRadiusServAcctInterimRequests Counter32,
rcRadiusServAcctBadResponses Counter32,
rcRadiusServAcctPendingRequests Counter32,
rcRadiusServAcctClientRetries Counter32,
rcRadiusServUsedBy INTEGER,
rcRadiusServNasIpAddress IpAddress,
rcRadiusServRoundTripTime DisplayString,
rcRadiusServAccessChallanges Counter32,
rcRadiusServSourceIpAddr IpAddress
}
rcRadiusServPriority OBJECT-TYPE
SYNTAX INTEGER (1..10)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Server priority, used to control which server to choose
first to send authentication."
DEFVAL { 10 }
::= { rcRadiusServEntry 1 }
rcRadiusServAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Server IP address of the RADIUS authentication server
referred to in this table entry."
::= { rcRadiusServEntry 2 }
rcRadiusServTimeOut OBJECT-TYPE
SYNTAX INTEGER (1..10)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The time interval in seconds before the client
retransmit the packet."
DEFVAL { 3 }
::= { rcRadiusServEntry 3 }
rcRadiusServEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Enable or disable this server."
DEFVAL { true }
::= { rcRadiusServEntry 4 }
rcRadiusServMaxRetries OBJECT-TYPE
SYNTAX INTEGER (0..6)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Maximum number of retransmissions."
DEFVAL { 1 }
::= { rcRadiusServEntry 5 }
rcRadiusServUdpPort OBJECT-TYPE
SYNTAX INTEGER (1..65536)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The UDP port the client is using to send requests
to this server."
DEFVAL { 1812 }
::= { rcRadiusServEntry 6 }
rcRadiusServSecretKey OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..20))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The identifier of the RADIUS authentication client."
::= { rcRadiusServEntry 7 }
rcRadiusServAccessRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS access-response packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServEntry 8 }
rcRadiusServAccessAccepts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS access-accept packets (valid or
invalid) received from this server."
::= { rcRadiusServEntry 9 }
rcRadiusServAccessRejects OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS access-reject packets (valid or
invalid) received from this server."
::= { rcRadiusServEntry 10 }
rcRadiusServBadResponses OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS invalid access-response packets
received from this server."
::= { rcRadiusServEntry 11 }
rcRadiusServPendingRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS access-request packets destined
for this server that have not yet timed out or
received a response. This variable is incremented
when an access-request is sent and decremented due
to receipt of an access-accept, access-reject, a
timeout or retransmission."
::= { rcRadiusServEntry 12 }
rcRadiusServClientRetries OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of authentication retransmission to
this server."
::= { rcRadiusServEntry 13 }
rcRadiusServRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Used to create/delete entries."
::= { rcRadiusServEntry 14 }
rcRadiusServAcctEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Enable or disable Radius Accounting on this server."
DEFVAL { true }
::= { rcRadiusServEntry 15 }
rcRadiusServAcctUdpPort OBJECT-TYPE
SYNTAX INTEGER (1..65536)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The UDP port the client used to send accounting
requests to this server."
DEFVAL { 1813 }
::= { rcRadiusServEntry 16 }
rcRadiusServAcctOnRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS accounting-on packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServEntry 17 }
rcRadiusServAcctOffRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS accounting-off packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServEntry 18 }
rcRadiusServAcctStartRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS accounting-start packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServEntry 19 }
rcRadiusServAcctStopRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS accounting-stop packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServEntry 20 }
rcRadiusServAcctInterimRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS accounting-interim packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServEntry 21 }
rcRadiusServAcctBadResponses OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of Invalid responses received from this
server."
::= { rcRadiusServEntry 22 }
rcRadiusServAcctPendingRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS accounting packets that are waiting
be sent to this server. This variable is incremented
whenever any accounting-request is sent to this server and
decremented when an acknowledgement is received or timeout
occurs."
::= { rcRadiusServEntry 23 }
rcRadiusServAcctClientRetries OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS accounting packets retransmitted
to this server."
::= { rcRadiusServEntry 24 }
rcRadiusServUsedBy OBJECT-TYPE
SYNTAX INTEGER {
cli(1),
igap(2),
snmp(3),
eap(4),
web(5)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION "cli(1): for cli login, igap(2): for igap,snmp(3):
for snmp login, eap(4): for EAP PAE Authenticator,
web(5): for web-server(http/https) login."
::= { rcRadiusServEntry 25 }
rcRadiusServNasIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION "RADIUS Client NAS Identifier for this server."
::= { rcRadiusServEntry 26 }
rcRadiusServRoundTripTime OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..20))
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Time different between the instance when
a RADIUS request is sent and the
corresponding response is received."
::= { rcRadiusServEntry 27 }
rcRadiusServAccessChallanges OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS access-challanges packets
sent to this server. This does not include
retransmission."
::= { rcRadiusServEntry 28 }
rcRadiusServSourceIpAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION "source IP address RADIUS packets."
::= { rcRadiusServEntry 29 }
rcRadiusGlobalSnmp OBJECT IDENTIFIER ::= { rcRadius 4 }
rcRadiusGlobalSnmpEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Enable/disable snmp radius authentication."
DEFVAL { false }
::= { rcRadiusGlobalSnmp 1 }
rcRadiusGlobalSnmpAcctEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Enable/disable Radius Accounting for SNMP."
DEFVAL { false }
::= { rcRadiusGlobalSnmp 2 }
rcRadiusGlobalSnmpReAuthenticateTimer OBJECT-TYPE
SYNTAX INTEGER (30..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Integer value representing Re-Authenticate
Timer in seconds. Timer to be used to Re-
Authenticate a SNMP Session."
DEFVAL { 180 }
::= { rcRadiusGlobalSnmp 3 }
rcRadiusGlobalSnmpAbortSessionTimer OBJECT-TYPE
SYNTAX INTEGER (30..65535)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Integer value representing the time in seconds
after which the snmp session is considered
expired and Radius Accounting Stop message
is sent."
DEFVAL { 180 }
::= { rcRadiusGlobalSnmp 4 }
rcRadiusGlobalSnmpUserName OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..20))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "User name for Radius SNMP Accounting."
::= { rcRadiusGlobalSnmp 5 }
rcRadiusEapLastRejMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Used to store the Last Rejected MAC address on an
EAP enabled port."
::= { rcRadiusGlobalSnmp 6 }
rcRadiusPaePortNumber OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Used to store the Port Number on which a MAC
intrusion occurred."
::= { rcRadiusGlobalSnmp 7 }
rcRadiusEapLastAuthMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Used to store the Last Authenticated MAC address
on an EAP enabled port."
::= { rcRadiusGlobalSnmp 8 }
-- EAP properietary group
-- EAP Global Info
rcEapGlobal OBJECT IDENTIFIER ::= { rcEap 1 }
rcEapGlobalRadAcctEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Indicates whether EAP Sessions need to be
Accounted with a RADIUS server. When this
value is TRUE, device attempts to send
RADIUS Accounting-Start and Accounting-Stop
requests upon 802.1x user login and logoff
respectively."
::= { rcEapGlobal 1 }
rcEapGlobalClearStats OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "When the value of this variable is set to
TRUE, all the EAPOL (8021x) related statistics
will be reset."
::= { rcEapGlobal 2 }
rcEapGlobalGuestVlanEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "When this variable is set to TRUE, EAPoL Guest Vlan
feature will be enabled globally"
DEFVAL { false }
::= { rcEapGlobal 3 }
rcEapGlobalGuestVlanId OBJECT-TYPE
SYNTAX INTEGER (1..4000)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "A value representing the VLAN to be used as a Global Guest
VLAN. When corresponding value is not specified at the
port level, supplicants are granted access to the network
through this VLAN before they are authenticated."
::= { rcEapGlobal 4 }
rcEapGlobalRadAuthNonEapClients OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "When this variable is set to TRUE, Radius Mac
Centralization feature will be enabled globally"
DEFVAL { false }
::= { rcEapGlobal 5 }
rcEapGlobalRadDiscardFilterAgeout OBJECT-TYPE
SYNTAX Integer32 (5..3600)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Age out period for pending non-eap-macs due to server timeout or unreachable"
DEFVAL { 10 }
::= { rcEapGlobal 6 }
rcEapGlobalNonEapIpAddrEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "When this variable is set to TRUE, Non-Eap password ip
address component will be enabled globally"
DEFVAL { true }
::= { rcEapGlobal 7 }
rcEapGlobalNonEapMacAddrEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "When this variable is set to TRUE, Non-Eap password mac
address component will be enabled globally"
DEFVAL { true }
::= { rcEapGlobal 8 }
rcEapGlobalNonEapPortNumEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "When this variable is set to TRUE, Non-Eap password port
number component will be enabled globally"
DEFVAL { true }
::= { rcEapGlobal 9 }
rcEapGlobalNonEapRadiusPwdAttrFmt OBJECT-TYPE
SYNTAX BITS {
ipAddr(0),
macAddr(1),
portNumber(2),
padding(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object controls the format of the RADIUS password
attribute that is included in requests to the RADIUS
server for authenticating non-EAP clients (MAC addresses).
If the ipAddr(0) bit is set, the password attribute will
contain the switch's IP address encoded as a string of
four 3-digit 0-padded integers. For example, the encoding
for the IP address 47.80.225.1 would be '047080225001'.
If the macAddr(1) bit is set, the password attribute will
contain the MAC address to be authenticated as a string of
six 2-digit hex numbers. For example, the MAC address
00:08:01:0a:33:34 would be encoded as '0008010a3334'.
If the portNumber(2) bit is set, the password attribute
will contain the port number on which the MAC address was
seen, encoded as a string of two 2-digit 0-padded integers.
The first integer is the unit/slot number, and the second
number is the port number on that unit/slot. For a
standalone unit, the unit/slot number will be 0. For
example, the encoding for unit/port 1/23 would be '0123',
and the encoding for port 7 on a standalone stackable
unit would be '0007'.
If the padding(3) bit is set, then the fields in the
password attribute will be separated by a . character.
By default, all the fields bit values will be set."
::= { rcEapGlobal 10 }
rcEapGlobalNonEapRadiusPwdAttrKeyString OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Key string used in the password format for Non-Eap RADIUS
authentication. If the key string is configured, the
password attribute will be <ipaddress>.<mac-address>.
<port>.<key-string>.
If No key string is configured, then the password
attribute will not contain key string."
::= { rcEapGlobal 11 }
rcEapGlobalClearNonEap OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "When the value of this variable is set to
TRUE, all the Non-EAPOL Mac sessions on port
will be cleared."
::= { rcEapGlobal 12 }
rcEapGlobalAutoIsidOffset OBJECT-TYPE
SYNTAX INTEGER (0..15995903)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Offset is a global parameter used to calculate I-SID value for a switched UNI, when no
I-SID value is provided by RADIUS. The ISID value will be calculated like this: offset + VLAN ID"
DEFVAL { 15980000 }
::= { rcEapGlobal 13 }
rcEapGlobalAutoIsidOffsetEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Global enable/disable value for EAP auto isid offset"
DEFVAL { false }
::= { rcEapGlobal 14 }
rcEapPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF RcEapPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "EAP properietery table for port level commands"
::= { rcEap 2 }
rcEapPortEntry OBJECT-TYPE
SYNTAX RcEapPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "Entry containing the EAP properietry configuration
information at the port level."
INDEX { rcEapPortIndex }
::= { rcEapPortTable 1 }
RcEapPortEntry ::= SEQUENCE {
rcEapPortIndex InterfaceIndex,
rcEapPortGuestVlanEnable TruthValue,
rcEapPortGuestVlanId INTEGER,
rcEapPortMultiHostEnable TruthValue,
rcEapPortMultiHostMaxClients INTEGER,
rcEapPortAllowNonEapHost TruthValue,
rcEapPortNonEapMaxClients INTEGER,
rcEapPortRadAuthNonEapClients TruthValue,
rcEapPortShutDownOnIntrusion TruthValue,
rcEapPortStatus INTEGER,
rcEapPortEapMaxClients Integer32,
rcEapPortMultiHostSingleAuthEnabled TruthValue,
rcEapPortAllowDhcpPhones TruthValue,
rcEapPortEapPacketMode INTEGER,
rcEapPortProcessRadiusCOAPackets TruthValue,
rcEapPortFailOpenVlanId Integer32,
rcEapPortFailOpenVlanUBP OCTET STRING,
rcEapPortCloneSettingsAction INTEGER,
rcEapPortCloneSettingsDestPortList PortList,
rcEapPortGuestIsid Integer32,
rcEapPortFailOpenIsid Integer32,
rcEapPortFlexUniStatus TruthValue,
rcEapPortAdminTrafficControl INTEGER,
rcEapPortOperTrafficControl INTEGER,
rcEapPortLldpAuthEnabled TruthValue,
rcEapPortOrigin INTEGER,
rcEapPortDynamicMHSAEnabled TruthValue,
rcEapPortTrafficControlOrigin BITS
}
rcEapPortIndex OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "An index value that uniquely identifies a port.
This value is similar to ifIndex in MIB2."
::= { rcEapPortEntry 1 }
rcEapPortGuestVlanEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "When this variable is set to TRUE, EAPoL Guest Vlan
feature will be enabled on the port"
DEFVAL { false }
::= { rcEapPortEntry 2 }
rcEapPortGuestVlanId OBJECT-TYPE
SYNTAX INTEGER (0..4096)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "A value representing the VLAN to be used as a Guest
VLAN. Access for unautheticated host/s connected to this port
is provided through this VLAN. A value of 0 indicates
that guest VLAN functionality is not enabled for this port."
DEFVAL { 0 }
::= { rcEapPortEntry 3 }
rcEapPortMultiHostEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "When this variable is set to TRUE, the system is enabled to
have multiple 802.1X supplicants authenticated from the same
port"
DEFVAL { false }
::= { rcEapPortEntry 4 }
rcEapPortMultiHostMaxClients OBJECT-TYPE
SYNTAX INTEGER (1..8192)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Integer value representing the maximum number of supplicants
that are allowed to get authenticated on the port. This is
applicable in MHMV mode."
DEFVAL { 1 }
::= { rcEapPortEntry 5 }
rcEapPortAllowNonEapHost OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "When this variable is set to TRUE, the system is enabled to
allow hosts that do not participate in 802.1X authentication
to get network access."
DEFVAL { false }
::= { rcEapPortEntry 6 }
rcEapPortNonEapMaxClients OBJECT-TYPE
SYNTAX INTEGER (0..8192)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Integer value representing the maximum number of non-802.1X
hosts that are allowed to connect to the port. A value of 0
indicates that non-802.1X authentication is disabled
on this port"
DEFVAL { 1 }
::= { rcEapPortEntry 7 }
rcEapPortRadAuthNonEapClients OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "When this variable is set to TRUE, the system is enabled to
allow Non-Eap hosts on the port to get network access through radius
based Mac authorization."
DEFVAL { false }
::= { rcEapPortEntry 8 }
rcEapPortShutDownOnIntrusion OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "When this variable is set to TRUE, the port is
shutdown on encountering [max + 1st] non-eap client
on the port"
DEFVAL { false }
::= { rcEapPortEntry 9 }
rcEapPortStatus OBJECT-TYPE
SYNTAX INTEGER {
forceUnauthorized(1),
auto(2),
forceAuthorized(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object allows enabling EAPoL on the port.
If status is forceUnauthorized(2), then EAPoL is
enabled on the port but it doesn't allow any traffic
on the port.
If status is auto(2), EAPoL is enabled and based on
the 802.1x authentication, traffic is allowed.
If status is forceAuthorized(3), EAPoL is disabled
on the port and the port allows all traffic irrespective
of 802.1x authentication."
::= { rcEapPortEntry 10 }
rcEapPortEapMaxClients OBJECT-TYPE
SYNTAX Integer32 (0..32)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object specifies the maximum number of EAP-authentication
MAC addresses allowed on this port. A value of 0 indicates that
802.1X authentication is disabled on this port."
DEFVAL { 1 }
::= { rcEapPortEntry 11 }
rcEapPortMultiHostSingleAuthEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object controls whether non-EAP clients (MAC addresses) may
be automatically authenticated on the port after one client
has been authenticated (known as MHSA). "
DEFVAL { false }
::= { rcEapPortEntry 12 }
rcEapPortAllowDhcpPhones OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object indicates whether IP phones will be allowed access
based on DHCP signature."
DEFVAL { false }
::= { rcEapPortEntry 13 }
rcEapPortEapPacketMode OBJECT-TYPE
SYNTAX INTEGER {
multicast(1),
unicast(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object indicates whether to use unicast or multicast packets
for Eap-ReqId packets. Normally, multicast packets are used."
DEFVAL { multicast }
::= { rcEapPortEntry 14 }
rcEapPortProcessRadiusCOAPackets OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object indicates whether to process any RADIUS requests-server
packets that are received on this port."
DEFVAL { false }
::= { rcEapPortEntry 15 }
rcEapPortFailOpenVlanId OBJECT-TYPE
SYNTAX Integer32 (0..4096)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object specifies the ID of the Fail-Open VLAN for this port.
Authenticated devices are moved into the configured Fail Open VLAN
when the switch declares the RADIUS servers unreachable.
A value of 0 indicates Fail Open VLAN functionality
is not enabled for this port."
DEFVAL { 0 }
::= { rcEapPortEntry 16 }
rcEapPortFailOpenVlanUBP OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..16))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object represents the UBP filter name of the fail-open policy"
::= { rcEapPortEntry 17 }
rcEapPortCloneSettingsAction OBJECT-TYPE
SYNTAX INTEGER {
none(1),
start(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object starts the action of copying eap settings from current
ifIndex to the list of ports specified in rcEapPortCloneSettingsDestPortList.
The default value will be returned by all read opperations.
The write operation must contain both rcEapPortCloneSettingsAction
and rcEapPortCloneSettingsDestPortList."
DEFVAL { none }
::= { rcEapPortEntry 18 }
rcEapPortCloneSettingsDestPortList OBJECT-TYPE
SYNTAX PortList
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object represents the destination port list on which the
EAP port configuration will be copied.
The default value will be returned by all read opperations.
The write operation must contain both rcEapPortCloneSettingsAction
and rcEapPortCloneSettingsDestPortList."
DEFVAL { ''H }
::= { rcEapPortEntry 19 }
rcEapPortGuestIsid OBJECT-TYPE
SYNTAX Integer32(0..16777215)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "A value representing the I-SID to be used as a Guest
I-SID. Access for untagged unauthenticated hosts connected to this port
is provided through this I-SID. A value of 0 indicates
that Guest I-SID functionality is not enabled for this port."
DEFVAL { 0 }
::= { rcEapPortEntry 20 }
rcEapPortFailOpenIsid OBJECT-TYPE
SYNTAX Integer32(0..16777215)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object specifies the Fail Open I-SID for this port.
Untagged unauthenticated devices are assigned to this I-SID
when the RADIUS Servers are unreachable.
A value of 0 indicates that Fail Open I-SID functionality
is not enabled for this port."
DEFVAL { 0 }
::= { rcEapPortEntry 21 }
rcEapPortFlexUniStatus OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION "This object specifies if flex-uni is enabled on this port.
If enabled, EAP will operate in flex-uni mode.
If disabled, EAP will operate in legacy VLAN mode."
::= { rcEapPortEntry 22 }
rcEapPortAdminTrafficControl OBJECT-TYPE
SYNTAX INTEGER {
inOut(1),
in(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This option controls the configured traffic blocking
directions for a port when there are no authenticated
clients for that port. Filtering only ingress packets will
permit egress traffic to reach sleeping or hibernating
devices. Main purpose is for WoL packets to reach to this
kind of devices, but it might be applicable to other
management packets as well."
DEFVAL { inOut }
::= { rcEapPortEntry 23 }
rcEapPortOperTrafficControl OBJECT-TYPE
SYNTAX INTEGER {
inOut(1),
in(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION "This option specifies the operational traffic blocking
directions for a port when there are no authenticated
clients for that port. Filtering only ingress packets will
permit egress traffic to reach sleeping or hibernating
devices. Main purpose is for WoL packets to reach to this
kind of devices, but it might be applicable to other
management packets as well."
::= { rcEapPortEntry 24 }
rcEapPortLldpAuthEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "This object specifies if lldp-authentication of IP phones is allowed."
DEFVAL { false }
::= { rcEapPortEntry 25 }
rcEapPortOrigin OBJECT-TYPE
SYNTAX INTEGER {
config(1),
autoSense(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Describes how EAPOL was configured on port: manual (CLI/SNMP) or
ZTF(Auto-Sense)."
::= { rcEapPortEntry 26 }
rcEapPortDynamicMHSAEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION "This object specifies if the port was dynamically added in the MHSA mode."
DEFVAL { false }
::= { rcEapPortEntry 27 }
rcEapPortTrafficControlOrigin OBJECT-TYPE
SYNTAX BITS {
config(0),
radius(1)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Indicates how the traffic control field was enabled.
Supported values:
config - traffic control was enabled by user.
radius - traffic control enabled by EAP via Radius response."
::= { rcEapPortEntry 28 }
rcEapPortAllowedMacTable OBJECT-TYPE
SYNTAX SEQUENCE OF RcEapPortAllowedMacEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "EAP properietery table for allowed mac addresses of non
EAP clients"
::= { rcEap 3 }
rcEapPortAllowedMacEntry OBJECT-TYPE
SYNTAX RcEapPortAllowedMacEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "Entry containing MAC addresses for Non EAP hosts allowed
on the port"
INDEX { rcEapPortAllowedMacPort, rcEapPortAllowedMacAddr }
::= { rcEapPortAllowedMacTable 1 }
RcEapPortAllowedMacEntry ::= SEQUENCE {
rcEapPortAllowedMacPort InterfaceIndex,
rcEapPortAllowedMacAddr MacAddress,
rcEapPortAllowedMacRowStatus RowStatus
}
rcEapPortAllowedMacPort OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "An index value that uniquely identifies a port.
This value is similar to ifIndex in MIB2."
::= { rcEapPortAllowedMacEntry 1 }
rcEapPortAllowedMacAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "MAC address of a non EAP host that is granted access
on the port."
::= { rcEapPortAllowedMacEntry 2 }
rcEapPortAllowedMacRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Used to create/delete entries in rcEapPortAllowedMacTable."
::= { rcEapPortAllowedMacEntry 3 }
rcEapMultiHostStatusTable OBJECT-TYPE
SYNTAX SEQUENCE OF RcEapMultiHostStatusEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "This table is used to control the EAP multihost configuration
for each port in the system."
::= { rcEap 4 }
rcEapMultiHostStatusEntry OBJECT-TYPE
SYNTAX RcEapMultiHostStatusEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "The EAP multihost configuration for a port."
INDEX { rcEapMultiHostStatusPortNumber,
rcEapMultiHostStatusClientMACAddr }
::= { rcEapMultiHostStatusTable 1 }
RcEapMultiHostStatusEntry ::= SEQUENCE {
rcEapMultiHostStatusPortNumber InterfaceIndex,
rcEapMultiHostStatusClientMACAddr MacAddress,
rcEapMultiHostStatusPaeState INTEGER,
rcEapMultiHostStatusBackendAuthState INTEGER,
rcEapMultiHostStatusVlanId Integer32,
rcEapMultihostStatusPriority Integer32,
rcEapMultihostStatusSwUniBindings OCTET STRING,
rcEapMultiHostStatusIsidSource INTEGER
}
rcEapMultiHostStatusPortNumber OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "The Port number associated with this client."
::= { rcEapMultiHostStatusEntry 1 }
rcEapMultiHostStatusClientMACAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "The MAC address of the client."
::= { rcEapMultiHostStatusEntry 2 }
rcEapMultiHostStatusPaeState OBJECT-TYPE
SYNTAX INTEGER {
initialize(1),
disconnected(2),
connecting(3),
authenticating(4),
authenticated(5),
aborting(6),
held(7),
forceAuth(8),
forceUnauth(9),
unauthenticated(10)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The current value of the Authenticator PAE state machine."
::= { rcEapMultiHostStatusEntry 3 }
rcEapMultiHostStatusBackendAuthState OBJECT-TYPE
SYNTAX INTEGER {
request(1),
response(2),
success(3),
fail(4),
timeout(5),
idle(6),
initialize(7)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The current state of the Backend Authentication state
machine."
::= { rcEapMultiHostStatusEntry 4 }
rcEapMultiHostStatusVlanId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The Vlan-Id associated with this client MAC. This Vlan
could be port-based Vlan or Radius assigned Vlan."
::= { rcEapMultiHostStatusEntry 5 }
rcEapMultihostStatusPriority OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The priority associated with this client MAC. This
priority could be the Radius assigned Priority or
the Port QOS level."
::= { rcEapMultiHostStatusEntry 6 }
rcEapMultihostStatusSwUniBindings OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..564))
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The EAP vlan:isid bindings. Vlan is represented on
2 bytes. Isid is represented on 4 bytes. The output
OctetString would be a continuous hexadecimal
representation of VLAN followed by corresponding ISID.
Example:
Length(bytes): |--2--|--4--|--2--|--4--|--2--|--4--|---2--|---4--|
OctetString: VLAN0 ISID0 VLAN1 ISID1 ... ... VLAN94 ISID94 .
There are no spaces between VLANx and ISIDx."
::= { rcEapMultiHostStatusEntry 7 }
rcEapMultiHostSessionStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF RcEapMultiHostSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "A table that contains the session statistics objects for the
Authenticator PAE associated with each EAP client on each
Port.An entry appears in this table for each client MAC address
on each port that may authenticate access to itself."
::= { rcEap 5 }
rcEapMultiHostSessionStatsEntry OBJECT-TYPE
SYNTAX RcEapMultiHostSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "The session statistics information for an Authenticator
PAE. This shows the current values being collected for
each session that is still in progress, or the final
values for the last valid session for each client where
there is no session currently active."
INDEX { rcEapMultiHostSessionStatsPortNumber,
rcEapMultiHostSessionStatsClientMACAddr }
::= { rcEapMultiHostSessionStatsTable 1 }
RcEapMultiHostSessionStatsEntry ::= SEQUENCE {
rcEapMultiHostSessionStatsPortNumber InterfaceIndex,
rcEapMultiHostSessionStatsClientMACAddr MacAddress,
rcEapMultiHostSessionId SnmpAdminString,
rcEapMultiHostSessionAuthenticMethod INTEGER,
rcEapMultiHostSessionTime TimeTicks,
rcEapMultiHostSessionTerminateCause INTEGER,
rcEapMultiHostSessionUserName SnmpAdminString,
rcEapMultiHostStatusAclId Integer32,
rcEapMultiHostStatusAceIdList OCTET STRING
}
rcEapMultiHostSessionStatsPortNumber OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "The Port number associated with this client."
::= { rcEapMultiHostSessionStatsEntry 1 }
rcEapMultiHostSessionStatsClientMACAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "The MAC address of this client."
::= { rcEapMultiHostSessionStatsEntry 2 }
rcEapMultiHostSessionId OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION "A unique identifier for the session, in the
form of a printable ASCII string of at least
three characters."
::= { rcEapMultiHostSessionStatsEntry 3 }
rcEapMultiHostSessionAuthenticMethod OBJECT-TYPE
SYNTAX INTEGER {
remoteAuthServer(1),
localAuthServer(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The authentication method used to establish the session."
::= { rcEapMultiHostSessionStatsEntry 4 }
rcEapMultiHostSessionTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The duration of the session in seconds."
::= { rcEapMultiHostSessionStatsEntry 5 }
rcEapMultiHostSessionTerminateCause OBJECT-TYPE
SYNTAX INTEGER {
supplicantLogoff(1),
portFailure(2),
supplicantRestart(3),
reauthFailed(4),
authControlForceUnauth(5),
portReInit(6),
portAdminDisabled(7),
notTerminatedYet(999)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The reason for the session termination."
::= { rcEapMultiHostSessionStatsEntry 6 }
rcEapMultiHostSessionUserName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The User-Name representing the identity of the Supplicant
PAE."
::= { rcEapMultiHostSessionStatsEntry 7 }
rcEapMultiHostStatusIsidSource OBJECT-TYPE
SYNTAX INTEGER {
radius(1),
autoconfig(2),
config(3),
notAvailable(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION "It indicates how the I-SID value is generated:
radius(1) means I-SID is learned from the radius server;
autoconfig(2) means I-SID is calculated using the auto-isid-offset configured by the user;
config(3) means I-SID is statically configured;
notAvaliable(4) is for the case where EAP with FlexUNI is not used, hence there is no I-SID to use."
::= { rcEapMultiHostStatusEntry 8 }
rcEapMultiHostStatusAclId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "It indicates the dynamic ACL on this port"
::= { rcEapMultiHostSessionStatsEntry 9 }
rcEapMultiHostStatusAceIdList OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..8192))
MAX-ACCESS read-only
STATUS current
DESCRIPTION "It indicates the list of dynamic ACEs on this port"
::= { rcEapMultiHostSessionStatsEntry 10 }
rcEapPortRadiusMacTable OBJECT-TYPE
SYNTAX SEQUENCE OF RcEapPortRadiusMacEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "EAP proprietary table for non-EAP hosts
authenticated using radius server."
::= { rcEap 6 }
rcEapPortRadiusMacEntry OBJECT-TYPE
SYNTAX RcEapPortRadiusMacEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "Entry containing MAC addresses for Non EAP hosts
authenticated using radius server."
INDEX { rcEapPortRadiusMacPort, rcEapPortRadiusMacAddr }
::= { rcEapPortRadiusMacTable 1 }
RcEapPortRadiusMacEntry ::= SEQUENCE {
rcEapPortRadiusMacPort InterfaceIndex,
rcEapPortRadiusMacAddr MacAddress,
rcEapPortRadiusMacStatus INTEGER,
rcEapPortRadiusVlanId Integer32,
rcEapPortRadiusMacClear TruthValue,
rcEapPortRadiusMacPriority Integer32,
rcEapPortRadiusSwUniBindings OCTET STRING,
rcEapPortRadiusIsidSource INTEGER,
rcEapPortRadiusNonEapAuthType INTEGER,
rcEapPortRadiusAclId Integer32,
rcEapPortRadiusAceIdList OCTET STRING
}
rcEapPortRadiusMacPort OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "An index value that uniquely identifies a port."
::= { rcEapPortRadiusMacEntry 1 }
rcEapPortRadiusMacAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "MAC address of a non EAP host that is authenticated
using radius server."
::= { rcEapPortRadiusMacEntry 2 }
rcEapPortRadiusMacStatus OBJECT-TYPE
SYNTAX INTEGER {
authenticated(1),
rejected(2),
pending(3),
radius-request-dropped(4),
radius-server-not-reachable(5),
held(6),
authenticating(7)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Authentication status of the non EAP host that is
authenticated using radius server."
::= {rcEapPortRadiusMacEntry 3 }
rcEapPortRadiusVlanId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The Vlan-Id associated with this Non-EAP client MAC.
This Vlan could be port-based Vlan or Radius assigned vlan."
::= { rcEapPortRadiusMacEntry 4 }
rcEapPortRadiusMacClear OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Clears the Non-EAP MAC entry associated with this Index.
The value should be set to true to clear the Non-EAP MAC entry.
This MIB always return false."
DEFVAL { false }
::= { rcEapPortRadiusMacEntry 5 }
rcEapPortRadiusMacPriority OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The Priority associated with this Non-EAP client MAC.
This Priority could be the Radius assigned Priority
or the Port QOS level."
::= { rcEapPortRadiusMacEntry 6 }
rcEapPortRadiusSwUniBindings OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..564))
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The NEAP vlan:isid bindings. Vlan is represented on 2
bytes. Isid is represented on 4 bytes. The output
OctetString would be a continuous hexadecimal representation
of VLAN followed by corresponding ISID.
Example:
Length(bytes): |--2--|--4--|--2--|--4--|--2--|--4--|---2--|---4--|
OctetString: VLAN0 ISID0 VLAN1 ISID1 ... ... VLAN94 ISID94 .
There are no spaces between VLANx and ISIDx."
::= { rcEapPortRadiusMacEntry 7 }
rcEapPortRadiusIsidSource OBJECT-TYPE
SYNTAX INTEGER {
radius(1),
autoconfig(2),
config(3),
notAvailable(4)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION "It indicates how the I-SID value is generated:
radius(1) means I-SID is learned from the radius server;
autoconfig(2) means I-SID is calculated using the auto-isid-offset configured by the user;
config(3) means I-SID is statically configured;
notAvaliable(4) is for the case where EAP with FlexUNI is not used, hence there is no I-SID to use."
::= { rcEapPortRadiusMacEntry 8 }
rcEapPortRadiusNonEapAuthType OBJECT-TYPE
SYNTAX INTEGER {
radius(1),
lldp(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION "It indicates the client neap authentication type:
radius(1) means it's via radius server;
lldp(2) means it's via LLDP"
::= { rcEapPortRadiusMacEntry 9 }
rcEapPortRadiusAclId OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "It indicates the dynamic ACL on this port"
::= { rcEapPortRadiusMacEntry 10 }
rcEapPortRadiusAceIdList OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..8192))
MAX-ACCESS read-only
STATUS current
DESCRIPTION "It indicates the list of dynamic ACEs on this port"
::= { rcEapPortRadiusMacEntry 11 }
-- Radius Serv Host Table
rcRadiusServHostTable OBJECT-TYPE
SYNTAX SEQUENCE OF RcRadiusServHostEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "The RADIUS Server Host table (0 to 10 entries). This
table lists the information of the RADIUS server."
::= { rcRadius 5 }
rcRadiusServHostEntry OBJECT-TYPE
SYNTAX RcRadiusServHostEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "A RADIUS server table entry."
INDEX { rcRadiusServHostAddressType, rcRadiusServHostAddress, rcRadiusServHostUsedBy }
::= { rcRadiusServHostTable 1 }
RcRadiusServHostEntry ::=
SEQUENCE {
rcRadiusServHostAddressType InetAddressType,
rcRadiusServHostAddress InetAddress,
rcRadiusServHostUsedBy INTEGER,
rcRadiusServHostPriority Integer32,
rcRadiusServHostTimeOut Integer32,
rcRadiusServHostEnable TruthValue,
rcRadiusServHostMaxRetries Integer32,
rcRadiusServHostUdpPort Integer32,
rcRadiusServHostSecretKey DisplayString,
rcRadiusServHostAccessRequests Counter32,
rcRadiusServHostAccessAccepts Counter32,
rcRadiusServHostAccessRejects Counter32,
rcRadiusServHostBadResponses Counter32,
rcRadiusServHostPendingRequests Counter32,
rcRadiusServHostClientRetries Counter32,
rcRadiusServHostRowStatus RowStatus,
rcRadiusServHostAcctEnable TruthValue,
rcRadiusServHostAcctUdpPort Integer32,
rcRadiusServHostAcctOnRequests Counter32,
rcRadiusServHostAcctOffRequests Counter32,
rcRadiusServHostAcctStartRequests Counter32,
rcRadiusServHostAcctStopRequests Counter32,
rcRadiusServHostAcctInterimRequests Counter32,
rcRadiusServHostAcctBadResponses Counter32,
rcRadiusServHostAcctPendingRequests Counter32,
rcRadiusServHostAcctClientRetries Counter32,
rcRadiusServHostNasIpAddress InetAddress,
rcRadiusServHostRoundTripTime DisplayString,
rcRadiusServHostAccessChallanges Counter32,
rcRadiusServHostSourceIpAddr InetAddress,
rcRadiusServHostSecureEnable TruthValue,
rcRadiusServHostSecureMode INTEGER,
rcRadiusServHostSecureProfile DisplayString,
rcRadiusServHostSecureLogLevel INTEGER
}
rcRadiusServHostAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "Inet Address Type of radius server host address."
::= { rcRadiusServHostEntry 1 }
rcRadiusServHostAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "Server IP address of the RADIUS authentication server
referred to in this table entry."
::= { rcRadiusServHostEntry 2 }
rcRadiusServHostUsedBy OBJECT-TYPE
SYNTAX INTEGER {
cli(1),
igap(2),
snmp(3),
eap(4),
web(5),
endpointTracking(6)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION "cli(1): for cli login, igap(2): for igap,snmp(3):
for snmp login, eap(4) for EAP PAE Authenticator
web(5) for web-server(http/https) login,
endpointTracking(6) for Endpoint Tracking feature."
::= { rcRadiusServHostEntry 3 }
rcRadiusServHostPriority OBJECT-TYPE
SYNTAX Integer32 (1..10)
MAX-ACCESS read-create
STATUS current
DESCRIPTION "Server priority, used to control which server to choose
first to send authentication."
DEFVAL { 10 }
::= { rcRadiusServHostEntry 4 }
rcRadiusServHostTimeOut OBJECT-TYPE
SYNTAX Integer32 (1..180)
MAX-ACCESS read-create
STATUS current
DESCRIPTION "The time interval in seconds before the client
retransmit the packet."
DEFVAL { 3 }
::= { rcRadiusServHostEntry 5 }
rcRadiusServHostEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION "Enable or disable this server."
DEFVAL { true }
::= { rcRadiusServHostEntry 6 }
rcRadiusServHostMaxRetries OBJECT-TYPE
SYNTAX Integer32 (0..6)
MAX-ACCESS read-create
STATUS current
DESCRIPTION "Maximum number of retransmissions."
DEFVAL { 1 }
::= { rcRadiusServHostEntry 7 }
rcRadiusServHostUdpPort OBJECT-TYPE
SYNTAX Integer32 (1..65536)
MAX-ACCESS read-create
STATUS current
DESCRIPTION "The UDP port the client is using to send requests
to this server."
DEFVAL { 1812 }
::= { rcRadiusServHostEntry 8 }
rcRadiusServHostSecretKey OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION "The identifier of the RADIUS authentication client."
::= { rcRadiusServHostEntry 9 }
rcRadiusServHostAccessRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS access-response packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServHostEntry 10 }
rcRadiusServHostAccessAccepts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS access-accept packets (valid or
invalid) received from this server."
::= { rcRadiusServHostEntry 11 }
rcRadiusServHostAccessRejects OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS access-reject packets (valid or
invalid) received from this server."
::= { rcRadiusServHostEntry 12 }
rcRadiusServHostBadResponses OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS invalid access-response packets
received from this server."
::= { rcRadiusServHostEntry 13 }
rcRadiusServHostPendingRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS access-request packets destined
for this server that have not yet timed out or
received a response. This variable is incremented
when an access-request is sent and decremented due
to receipt of an access-accept, access-reject, a
timeout or retransmission."
::= { rcRadiusServHostEntry 14 }
rcRadiusServHostClientRetries OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of authentication retransmission to
this server."
::= { rcRadiusServHostEntry 15 }
rcRadiusServHostRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION "Used to create/delete entries."
::= { rcRadiusServHostEntry 16 }
rcRadiusServHostAcctEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION "Enable or disable Radius Accounting on this server."
DEFVAL { true }
::= { rcRadiusServHostEntry 17 }
rcRadiusServHostAcctUdpPort OBJECT-TYPE
SYNTAX Integer32 (1..65536)
MAX-ACCESS read-create
STATUS current
DESCRIPTION "The UDP port the client used to send accounting
requests to this server."
DEFVAL { 1813 }
::= { rcRadiusServHostEntry 18 }
rcRadiusServHostAcctOnRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS accounting-on packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServHostEntry 19 }
rcRadiusServHostAcctOffRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS accounting-off packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServHostEntry 20 }
rcRadiusServHostAcctStartRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS accounting-start packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServHostEntry 21 }
rcRadiusServHostAcctStopRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS accounting-stop packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServHostEntry 22 }
rcRadiusServHostAcctInterimRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS accounting-interim packets sent to
this server. This does not include retransmissions."
::= { rcRadiusServHostEntry 23 }
rcRadiusServHostAcctBadResponses OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of Invalid responses received from this
server."
::= { rcRadiusServHostEntry 24 }
rcRadiusServHostAcctPendingRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS accounting packets that are waiting
be sent to this server. This variable is incremented
whenever any accounting-request is sent to this server and
decremented when an acknowledgement is received or timeout
occurs."
::= { rcRadiusServHostEntry 25 }
rcRadiusServHostAcctClientRetries OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS accounting packets retransmitted
to this server."
::= { rcRadiusServHostEntry 26 }
rcRadiusServHostNasIpAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION "RADIUS Client NAS Identifier for this server."
::= { rcRadiusServHostEntry 27 }
rcRadiusServHostRoundTripTime OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..20))
MAX-ACCESS read-only
STATUS current
DESCRIPTION "Time different between the instance when
a RADIUS request is sent and the
corresponding response is received."
::= { rcRadiusServHostEntry 28 }
rcRadiusServHostAccessChallanges OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION "The number of RADIUS access-challanges packets
sent to this server. This does not include
retransmission."
::= { rcRadiusServHostEntry 29 }
rcRadiusServHostSourceIpAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION "source IP address RADIUS packets."
::= { rcRadiusServHostEntry 30 }
rcRadiusServHostSecureEnable OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION "Enable or disable Radius Secure for this server."
DEFVAL { false }
::= { rcRadiusServHostEntry 31 }
rcRadiusServHostSecureMode OBJECT-TYPE
SYNTAX INTEGER {
tls(1),
dtls(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION "tls(1) : secure TLS connection with RADIUS server,
dtls(2): secure DTLS connection with RADIUS server"
DEFVAL { tls }
::= { rcRadiusServHostEntry 32 }
rcRadiusServHostSecureProfile OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..16))
MAX-ACCESS read-create
STATUS current
DESCRIPTION "Profile name."
DEFVAL { "default" }
::= { rcRadiusServHostEntry 33 }
rcRadiusServHostSecureLogLevel OBJECT-TYPE
SYNTAX INTEGER {
critical(1),
error(2),
warning(3),
info(4),
debug(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION "Specifies the debug level on RADIUS secure server.
It must be set to 1, 2, 3, 4 or 5, where critical(1)
logs only serious errors and debug(5) logs everything."
DEFVAL { error }
::= { rcRadiusServHostEntry 34 }
-- RADIUS COA Clients configuration table
rcRadiusDynAuthClientTable OBJECT-TYPE
SYNTAX SEQUENCE OF RcRadiusDynAuthClientEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table is used to configure RADIUS Dynamic Authorization
Clients. RADIUS Dynamic Authorization Clients are entities
which can send Disconnect and Change Of Authorization
requests to a RADIUS Dynamic Authorization Server."
::= { rcRadius 6 }
rcRadiusDynAuthClientEntry OBJECT-TYPE
SYNTAX RcRadiusDynAuthClientEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing objects defining RADIUS Dynamic Authorization
Clients which can connect to this RADIUS Dynamic Authorization
Server."
INDEX { rcRadiusDynAuthClientAddressType,
rcRadiusDynAuthClientAddress }
::= { rcRadiusDynAuthClientTable 1 }
RcRadiusDynAuthClientEntry ::=
SEQUENCE {
rcRadiusDynAuthClientAddressType InetAddressType,
rcRadiusDynAuthClientAddress InetAddress,
rcRadiusDynAuthClientUdpPort InetPortNumber,
rcRadiusDynAuthClientSecret OCTET STRING,
rcRadiusDynAuthClientEnabled TruthValue,
rcRadiusDynAuthClientRowStatus RowStatus,
rcRadiusDynAuthClientReplayProtection TruthValue
}
rcRadiusDynAuthClientAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The type of address contained in the corresponding instance
of rcRadiusDynAuthClientAddress."
::= { rcRadiusDynAuthClientEntry 1 }
rcRadiusDynAuthClientAddress OBJECT-TYPE
SYNTAX InetAddress (SIZE(0..113))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The internet address of a RADIUS Dynamic Authorization
Client configured in this entry."
::= { rcRadiusDynAuthClientEntry 2 }
rcRadiusDynAuthClientUdpPort OBJECT-TYPE
SYNTAX InetPortNumber
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The UDP port number the server/NAS listens on for requests from the
RADIUS Dynamic Authorization Client configured in this entry."
DEFVAL { 3799 }
::= { rcRadiusDynAuthClientEntry 3 }
rcRadiusDynAuthClientSecret OBJECT-TYPE
SYNTAX OCTET STRING (SIZE(0..16))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The secret shared between RADIUS Dynamic Authorization
Client and Server. Note that when this object is retrieved, its
value will always by a zero-length octet string."
DEFVAL { ''H }
::= { rcRadiusDynAuthClientEntry 4 }
rcRadiusDynAuthClientEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Enable or disable packet receive from this RADIUS Dynamic
Authorization Client. The NAS will not listen for requests
from the client unless this object is true(1)."
DEFVAL { false }
::= { rcRadiusDynAuthClientEntry 5 }
rcRadiusDynAuthClientRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Controls row creation/deletion in this table."
::= { rcRadiusDynAuthClientEntry 6 }
rcRadiusDynAuthClientReplayProtection OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Enable or disable RADIUS replay protection."
::= { rcRadiusDynAuthClientEntry 7 }
-- RADIUS COA Clients - Stats
rcRadiusDynAuthClientStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF RcRadiusDynAuthStatsClientEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The (conceptual) table listing the RADIUS Dynamic
Authorization Clients with which the server shares a
secret. This is an extension of radiusDynAuthClientEntry."
::= { rcRadius 7 }
rcRadiusDynAuthStatsClientEntry OBJECT-TYPE
SYNTAX RcRadiusDynAuthStatsClientEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry (conceptual row) representing one Dynamic
Authorization Client with which the server shares a
secret."
AUGMENTS { radiusDynAuthClientEntry }
::= { rcRadiusDynAuthClientStatsTable 1 }
RcRadiusDynAuthStatsClientEntry ::= SEQUENCE {
rcRadiusDynAuthServerRcRequests Counter32,
rcRadiusDynAuthServerRcAuthOnlyRequests Counter32,
rcRadiusDynAuthServerRcDupRequests Counter32,
rcRadiusDynAuthServerRcAcks Counter32,
rcRadiusDynAuthServerRcNacks Counter32,
rcRadiusDynAuthServerRcNacksAuthOnlyRequests Counter32,
rcRadiusDynAuthServerRcNacksNoSess Counter32,
rcRadiusDynAuthServerRcSessReauthenticated Counter32,
rcRadiusDynAuthServerRcMalformed Counter32,
rcRadiusDynAuthServerRcDropped Counter32,
rcRadiusDynAuthServerRcBadAuths Counter32
}
rcRadiusDynAuthServerRcRequests OBJECT-TYPE
SYNTAX Counter32
UNITS "requests"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of RADIUS Reauthentication-requests received
from this Dynamic Authorization Client. This also includes
the Reauthentication requests that have a Service-Type
attribute with value 'Authorize Only'. This counter may
experience a discontinuity when the DAS module (re)starts,
as indicated by the value of radiusDynAuthServerCounterDiscontinuity."
REFERENCE
"Reauthentication extension for RFC3576 ."
::= { rcRadiusDynAuthStatsClientEntry 1 }
rcRadiusDynAuthServerRcAuthOnlyRequests OBJECT-TYPE
SYNTAX Counter32
UNITS "requests"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of RADIUS Reauthentication-requests that include a
Service-Type attribute with value 'Authorize Only'
received from this Dynamic Authorization Client. This
counter may experience a discontinuity when the DAS
module (re)starts, as indicated by the value of
radiusDynAuthServerCounterDiscontinuity."
REFERENCE
"Reauthentication extension for RFC3576 ."
::= { rcRadiusDynAuthStatsClientEntry 2 }
rcRadiusDynAuthServerRcDupRequests OBJECT-TYPE
SYNTAX Counter32
UNITS "requests"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of duplicate RADIUS Reauthentication-Request packets
received from this Dynamic Authorization Client. This
counter may experience a discontinuity when the DAS
module (re)starts, as indicated by the value of
radiusDynAuthServerCounterDiscontinuity."
REFERENCE
"Reauthentication extension for RFC3576 ."
::= { rcRadiusDynAuthStatsClientEntry 3 }
rcRadiusDynAuthServerRcAcks OBJECT-TYPE
SYNTAX Counter32
UNITS "requests"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of incoming Reauthentication packets from this
Dynamic Authorization Client silently discarded
by the server application for some reason other than
malformed, bad authenticators, or unknown types. This
counter may experience a discontinuity when the DAS
module (re)starts, as indicated by the value of
radiusDynAuthServerCounterDiscontinuity."
REFERENCE
"Reauthentication extension for RFC3576 ."
::= { rcRadiusDynAuthStatsClientEntry 4 }
rcRadiusDynAuthServerRcNacks OBJECT-TYPE
SYNTAX Counter32
UNITS "requests"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of RADIUS Reauthentication-NAK packets sent to
this Dynamic Authorization Client. This includes
the RADIUS Reauthentication-NAK packets sent with a Service-Type
attribute with value 'Authorize Only' and the RADIUS
Reauthentication-NAK packets sent because no session context was
found. This counter may experience a discontinuity
when the DAS module (re)starts, as indicated by the
value of radiusDynAuthServerCounterDiscontinuity."
REFERENCE
"Reauthentication extension for RFC3576 ."
::= { rcRadiusDynAuthStatsClientEntry 5 }
rcRadiusDynAuthServerRcNacksAuthOnlyRequests OBJECT-TYPE
SYNTAX Counter32
UNITS "requests"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of RADIUS Reauthentication-NAK packets that include a
Service-Type attribute with value 'Authorize Only'
sent to this Dynamic Authorization Client. This counter
may experience a discontinuity when the DAS module
(re)starts, as indicated by the value of
radiusDynAuthServerCounterDiscontinuity."
REFERENCE
"Reauthentication extension for RFC3576 ."
::= { rcRadiusDynAuthStatsClientEntry 6 }
rcRadiusDynAuthServerRcNacksNoSess OBJECT-TYPE
SYNTAX Counter32
UNITS "requests"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of RADIUS Reauthentication-NAK packets sent to this
Dynamic Authorization Client because no session context
was found. This counter may experience a discontinuity
when the DAS module (re)starts, as indicated by the
value of radiusDynAuthServerCounterDiscontinuity."
REFERENCE
"Reauthentication extension for RFC3576 ."
::= { rcRadiusDynAuthStatsClientEntry 7 }
rcRadiusDynAuthServerRcSessReauthenticated OBJECT-TYPE
SYNTAX Counter32
UNITS "requests"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of user sessions reauthenticated
for the Reauthentication-Requests received from this
Dynamic Authorization Client. Depending on site-
specific policies, a single Reauthentication request can change
multiple user sessions' authorization. In cases where
this Dynamic Authorization Server has no knowledge of
the number of user sessions that are affected by a
single request, each such CoA-Request will
count as a single affected user session only. This
counter may experience a discontinuity when the DAS
module (re)starts, as indicated by the value of
radiusDynAuthServerCounterDiscontinuity."
REFERENCE
"Reauthentication extension for RFC3576 ."
::= { rcRadiusDynAuthStatsClientEntry 8 }
rcRadiusDynAuthServerRcMalformed OBJECT-TYPE
SYNTAX Counter32
UNITS "requests"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of malformed RADIUS Reauthentication-Request
packets received from this Dynamic Authorization Client.
Bad authenticators and unknown types are not included
as malformed Reauthentication-Requests. This counter
may experience a discontinuity when the DAS module
(re)starts, as indicated by the value of
radiusDynAuthServerCounterDiscontinuity."
REFERENCE
"Reauthentication extension for RFC3576 ."
::= { rcRadiusDynAuthStatsClientEntry 9 }
rcRadiusDynAuthServerRcDropped OBJECT-TYPE
SYNTAX Counter32
UNITS "requests"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of incoming Reauthentication packets from this
Dynamic Authorization Client silently discarded
by the server application for some reason other than
malformed, bad authenticators, or unknown types. This
counter may experience a discontinuity when the DAS
module (re)starts, as indicated by the value of
radiusDynAuthServerCounterDiscontinuity."
REFERENCE
"Reauthentication extension for RFC3576 ."
::= { rcRadiusDynAuthStatsClientEntry 10 }
rcRadiusDynAuthServerRcBadAuths OBJECT-TYPE
SYNTAX Counter32
UNITS "requests"
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of RADIUS Reauthentication-Request packets that
contained an invalid Authenticator field received
from this Dynamic Authorization Client. This counter
may experience a discontinuity when the DAS module
(re)starts, as indicated by the value of
radiusDynAuthServerCounterDiscontinuity."
REFERENCE
"Reauthentication extension for RFC3576 ."
::= { rcRadiusDynAuthStatsClientEntry 11 }
-- Notifications objects
rcRadiusNotifications OBJECT IDENTIFIER ::= { rcRadius 8 }
rcRadiusNotificationObjects OBJECT IDENTIFIER ::= { rcRadiusNotifications 1 }
rcRadiusEapRAVErrorMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The MAC address that was authorized on a port which could not be
moved to the Radius-Assigned VLAN."
::= { rcRadiusNotificationObjects 1 }
rcRadiusEapRAVErrorPort OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION
"The ifIndex of the port that could not be moved to the Radius-Assigned
VLAN."
::= { rcRadiusNotificationObjects 2 }
rcRadiusEapServAddressType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION "Address type of a EAP Radius server. To be used with rcRadiusEapServAddress."
::= { rcRadiusNotificationObjects 3 }
rcRadiusEapServAddress OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS accessible-for-notify
STATUS current
DESCRIPTION "Address of a EAP Radius server. To be used with rcRadiusEapServAddressType."
::= { rcRadiusNotificationObjects 4 }
-- ------------------------------------------------------
-- Secure RADIUS Certificate Profile configuration table
-- ------------------------------------------------------
rcRadiusSecureProfileTable OBJECT-TYPE
SYNTAX SEQUENCE OF RcRadiusSecureProfileEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table is used to configure certificate profiles
for Secure RADIUS use."
::= { rcRadius 9 }
rcRadiusSecureProfileEntry OBJECT-TYPE
SYNTAX RcRadiusSecureProfileEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Entry defining a Secure RADIUS certificate profile."
INDEX { rcRadiusSecureProfileName }
::= { rcRadiusSecureProfileTable 1 }
RcRadiusSecureProfileEntry ::=
SEQUENCE {
rcRadiusSecureProfileName DisplayString,
rcRadiusSecureProfileRootCert DisplayString,
rcRadiusSecureProfileCert DisplayString,
rcRadiusSecureProfileKey DisplayString,
rcRadiusSecureProfilePassword DisplayString,
rcRadiusSecureProfileRowStatus RowStatus,
rcRadiusSecureProfileRootCertDestFile DisplayString,
rcRadiusSecureProfileCertDestFile DisplayString,
rcRadiusSecureProfileKeyDestFile DisplayString
}
rcRadiusSecureProfileName OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..16))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Profile name."
::= { rcRadiusSecureProfileEntry 1 }
rcRadiusSecureProfileRootCert OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Full path for profile root certificate."
DEFVAL { "n/a" }
::= { rcRadiusSecureProfileEntry 2 }
rcRadiusSecureProfileCert OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Full path for profile certificate."
DEFVAL { "n/a" }
::= { rcRadiusSecureProfileEntry 3 }
rcRadiusSecureProfileKey OBJECT-TYPE
SYNTAX DisplayString (SIZE(1..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Full path for profile private key."
DEFVAL { "n/a" }
::= { rcRadiusSecureProfileEntry 4 }
rcRadiusSecureProfilePassword OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..255))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Password to decrypt profile private key."
DEFVAL { "" }
::= { rcRadiusSecureProfileEntry 5 }
rcRadiusSecureProfileRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION "Used to create/delete entries."
::= { rcRadiusSecureProfileEntry 6 }
rcRadiusSecureProfileRootCertDestFile OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION "File name to use when installing root certificate."
DEFVAL { "" }
::= { rcRadiusSecureProfileEntry 7 }
rcRadiusSecureProfileCertDestFile OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION "File name to use when installing certificate."
DEFVAL { "" }
::= { rcRadiusSecureProfileEntry 8 }
rcRadiusSecureProfileKeyDestFile OBJECT-TYPE
SYNTAX DisplayString (SIZE(0..128))
MAX-ACCESS read-create
STATUS current
DESCRIPTION "File name to use when installing key."
DEFVAL { "" }
::= { rcRadiusSecureProfileEntry 9 }
END
View Git Blame Copy Permalink