530 lines
16 KiB
Plaintext
530 lines
16 KiB
Plaintext
-- *******************************************************************
|
|
-- FS-WLAN-SECURITY-MIB.mib : FS WLAN DHCP MIB
|
|
--
|
|
-- Oct 2009, luolc
|
|
--
|
|
-- Copyright (c) 2009 by FS.COM Inc..
|
|
-- All rights reserved.
|
|
-- *******************************************************************
|
|
FS-WLAN-SECURITY-MIB DEFINITIONS ::= BEGIN
|
|
IMPORTS
|
|
MODULE-IDENTITY,
|
|
OBJECT-TYPE,
|
|
Integer32,
|
|
Unsigned32
|
|
FROM SNMPv2-SMI
|
|
TruthValue,
|
|
DisplayString,
|
|
MacAddress,
|
|
RowStatus
|
|
FROM SNMPv2-TC
|
|
MODULE-COMPLIANCE,
|
|
NOTIFICATION-GROUP,
|
|
OBJECT-GROUP
|
|
FROM SNMPv2-CONF
|
|
fsApgWlanId
|
|
FROM FS-AC-MGMT-MIB
|
|
fsMgmt
|
|
FROM FS-SMI;
|
|
|
|
|
|
-- **********************************************
|
|
-- * MODULE IDENTITY
|
|
-- **********************************************
|
|
fsWLANsecurityMIB MODULE-IDENTITY
|
|
LAST-UPDATED "200910280000Z"
|
|
ORGANIZATION
|
|
"FS.COM Inc.."
|
|
CONTACT-INFO
|
|
"Tel: 400-865-2852
|
|
E-mail: https://www.fs.com/live_chat_service_mail.html "
|
|
|
|
DESCRIPTION
|
|
"
|
|
Wlan security software private MIB for FS SNC.
|
|
This is AC device manage MIB.
|
|
"
|
|
REVISION "200910280000Z"
|
|
DESCRIPTION
|
|
"Initial version of this MIB module."
|
|
|
|
::= { fsMgmt 61 }
|
|
|
|
|
|
-- ***************************************************************************
|
|
-- * Major sections
|
|
-- ***************************************************************************
|
|
fsWLANsecurityMIBObjects OBJECT IDENTIFIER ::= { fsWLANsecurityMIB 1 }
|
|
|
|
|
|
--***************************************************************************
|
|
--* AP agent MIB object
|
|
--***************************************************************************
|
|
|
|
fsAPworkmode OBJECT-TYPE
|
|
SYNTAX INTEGER { fitap(1), fatap(2) }
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This Attribute present AP device work mode ,
|
|
Value 1 means Fit AP , Value 2 means Fat AP."
|
|
DEFVAL { 1 }
|
|
::= { fsWLANsecurityMIBObjects 1}
|
|
|
|
--***************************************************************************
|
|
--* fsWLANsecurityConfig Table
|
|
--***************************************************************************
|
|
|
|
fsWLANsecurityConfigTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF FSWLANsecurityConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"FS Private WLAN security MIB"
|
|
::={ fsWLANsecurityMIBObjects 2 }
|
|
|
|
|
|
fsWLANsecurityConfigEntry OBJECT-TYPE
|
|
SYNTAX FSWLANsecurityConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An agent MAY process one or more WLAN security , which is identifed by fsApgWlanId.
|
|
In other words, wlan ID is the index of this MIB table."
|
|
INDEX { fsApgWlanId }
|
|
::={ fsWLANsecurityConfigTable 1 }
|
|
|
|
|
|
FSWLANsecurityConfigEntry ::=
|
|
SEQUENCE {
|
|
fsWLANsecrymode INTEGER,
|
|
fsstaticweplength INTEGER,
|
|
fs8021xweplength INTEGER,
|
|
fsWPAenabled TruthValue,
|
|
fsWPAPairwisecipher INTEGER,
|
|
fsWPAakmmode INTEGER,
|
|
fsWPApskPassPhrase DisplayString,
|
|
fsWLANsecry80211i TruthValue,
|
|
fsWAPIasuIpaddress Unsigned32,
|
|
fsWAPIcertificateformat INTEGER,
|
|
fsWAPImsrekeyClientoff TruthValue,
|
|
fsWAPIimportcertificate INTEGER,
|
|
fsWAPIcacertificatename DisplayString,
|
|
fsWAPIlocalcertificatename DisplayString,
|
|
fsWAPIascertificatename DisplayString,
|
|
fsRSNenabled TruthValue,
|
|
fsRSNPairwisecipher INTEGER,
|
|
fsRSNakmmode INTEGER,
|
|
fsRSNpskPassPhrase DisplayString,
|
|
fsWEPAuthenAlgorithm INTEGER,
|
|
fsWLANsecurityStatus RowStatus,
|
|
fsACauthenMethodsupport INTEGER,
|
|
fsWLANEAPAuthenSupport INTEGER
|
|
}
|
|
|
|
fsWLANsecrymode OBJECT-TYPE
|
|
SYNTAX INTEGER {open(1),staticwep(2), wep8021x(3),wpanone(4),wpapsk(5),wpa8021x(6),tsn(7) }
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This attribute present wlan security mode. Value 1 means open,
|
|
Value 2 means static-wep,Value 3 means 802.1x-wep,Value 4 means WPA-PSK,
|
|
Value 5 means WPA-802.1x,Value 6 means TSN(Hybrid)"
|
|
::= { fsWLANsecurityConfigEntry 1}
|
|
|
|
fsstaticweplength OBJECT-TYPE
|
|
SYNTAX INTEGER { wep40(1),wep104(2),wep128(3)}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Static WEP key length,1 means WEP-40,
|
|
2 means WEP-104, 3 means WEP-128,default is 2."
|
|
DEFVAL { 2 }
|
|
::= { fsWLANsecurityConfigEntry 2}
|
|
|
|
|
|
fs8021xweplength OBJECT-TYPE
|
|
SYNTAX INTEGER { wep40(1),wep104(2),wep128(3)}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IEEE802.1x WEP key length,1 means WEP-40,
|
|
2 means WEP-104, 3 means WEP-128,default is 2."
|
|
DEFVAL { 2 }
|
|
::= { fsWLANsecurityConfigEntry 3}
|
|
|
|
fsWPAenabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Does this WLAN open WPA1 (it is not RSNA) support. "
|
|
DEFVAL { false }
|
|
::= { fsWLANsecurityConfigEntry 4}
|
|
|
|
|
|
fsWPAPairwisecipher OBJECT-TYPE
|
|
SYNTAX INTEGER { tkip(1),aes(2), tkiporaes(3) }
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"WPA1 cipher mode default is TKIP(1)."
|
|
DEFVAL { 1 }
|
|
::= { fsWLANsecurityConfigEntry 5}
|
|
|
|
|
|
fsWPAakmmode OBJECT-TYPE
|
|
SYNTAX INTEGER { ieee8021x(1), psk(2), pskor8021x(3) }
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"WPA1 AKM mode ,default is 802.1x."
|
|
DEFVAL { 1 }
|
|
::= { fsWLANsecurityConfigEntry 6}
|
|
|
|
|
|
fsWPApskPassPhrase OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"WPA1 PSK password ,it is write-only.
|
|
Any try to read it return FAIL."
|
|
::= { fsWLANsecurityConfigEntry 7 }
|
|
|
|
|
|
fsWLANsecry80211i OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"IEEE802.11i or WAPI security mode.
|
|
true means IEEE802.11i, false means WAPI."
|
|
DEFVAL { true}
|
|
::= { fsWLANsecurityConfigEntry 8 }
|
|
|
|
|
|
fsWAPIasuIpaddress OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..4294967295)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"WAPI ASU IP address."
|
|
::= { fsWLANsecurityConfigEntry 9 }
|
|
|
|
|
|
fsWAPIcertificateformat OBJECT-TYPE
|
|
SYNTAX INTEGER { x509v3(1), wapigbw(2) }
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"WAPI certificate format ,1 means x509v3,
|
|
2 means WAPI-GBW. Now we only support x509v3."
|
|
DEFVAL { 1 }
|
|
::= { fsWLANsecurityConfigEntry 10 }
|
|
|
|
|
|
fsWAPImsrekeyClientoff OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When one user off line, deos the WAPI sure update group keys,
|
|
default is false."
|
|
DEFVAL { false }
|
|
::= { fsWLANsecurityConfigEntry 11 }
|
|
|
|
|
|
fsWAPIimportcertificate OBJECT-TYPE
|
|
SYNTAX INTEGER { ca(1),local(2),as(3) }
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Import WAPI certificate,this is write-only."
|
|
::= { fsWLANsecurityConfigEntry 12 }
|
|
|
|
|
|
fsWAPIcacertificatename OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"WAPI CA certificate file name, default is wapi_ca.cer."
|
|
::= { fsWLANsecurityConfigEntry 13 }
|
|
|
|
fsWAPIlocalcertificatename OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"WAPI Local certificate file name, default is wapi_local.cer."
|
|
::= { fsWLANsecurityConfigEntry 14 }
|
|
|
|
fsWAPIascertificatename OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"WAPI ASU certificate file name, default is wapi_as.cer."
|
|
::= { fsWLANsecurityConfigEntry 15 }
|
|
|
|
fsRSNenabled OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"RSNA (WPA2) enable or disable"
|
|
::= { fsWLANsecurityConfigEntry 16 }
|
|
|
|
fsRSNPairwisecipher OBJECT-TYPE
|
|
SYNTAX INTEGER { tkip(1), aes(2), tkiporaes(3) }
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"WPA2 cipher mode."
|
|
DEFVAL { 2 }
|
|
::= { fsWLANsecurityConfigEntry 17 }
|
|
|
|
fsRSNakmmode OBJECT-TYPE
|
|
SYNTAX INTEGER { ieee8021x(1), psk(2), pskor8021x(3) }
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"WPA2 authen key manage mode."
|
|
DEFVAL { 1 }
|
|
::= { fsWLANsecurityConfigEntry 18 }
|
|
|
|
fsRSNpskPassPhrase OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"WPA2 PSK password ,it is write-only.
|
|
Any try to read it return FAIL."
|
|
::= { fsWLANsecurityConfigEntry 19 }
|
|
|
|
fsWEPAuthenAlgorithm OBJECT-TYPE
|
|
SYNTAX INTEGER { openSystem(1), sharedKey(2) }
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"authentication algorithms supported by the Authencator.
|
|
The following are the values and the associated algorithm.
|
|
Value = 1: Open System
|
|
Value = 2: Shared Key"
|
|
::= { fsWLANsecurityConfigEntry 20 }
|
|
|
|
fsWLANsecurityStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The status column used for creating and
|
|
deleting instances of the columnar objects in the
|
|
default WEP key Table."
|
|
::= { fsWLANsecurityConfigEntry 21 }
|
|
|
|
fsACauthenMethodsupport OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"authentication method supported by the AC, including the
|
|
EAP-SIM authentication, WEP authentication, EAP-MD5
|
|
authentication."
|
|
::= { fsWLANsecurityConfigEntry 22 }
|
|
|
|
fsWLANEAPAuthenSupport OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
enableEAPAuthentication(0),
|
|
disableEAPAuthentication(1),
|
|
notSupportingEAPAuthentication(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Whether the current ap or ac enables or diables the EAP authentication."
|
|
::= { fsWLANsecurityConfigEntry 23 }
|
|
--********************************************************************
|
|
-- * dot11WEPDefaultKeys TABLE
|
|
--********************************************************************
|
|
|
|
fsWEPDefaultKeysTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF FSWEPDefaultKeysEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Conceptual table for WEP default keys. "
|
|
REFERENCE
|
|
"IEEE Std 802.11-2007, 8.3.2"
|
|
::= { fsWLANsecurityMIBObjects 3 }
|
|
|
|
fsWEPDefaultKeysEntry OBJECT-TYPE
|
|
SYNTAX FSWEPDefaultKeysEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An Entry (conceptual row) in the WEP Default Keys Table."
|
|
INDEX { fsApgWlanId,
|
|
fsWEPDefaultKeyIndex }
|
|
::= { fsWEPDefaultKeysTable 1 }
|
|
|
|
FSWEPDefaultKeysEntry ::=
|
|
SEQUENCE {
|
|
fsWEPDefaultKeyIndex INTEGER,
|
|
fsWEPDefaultKeyValue OCTET STRING,
|
|
fsWEPDefaultKeyLength INTEGER
|
|
}
|
|
|
|
fsWEPDefaultKeyIndex OBJECT-TYPE
|
|
SYNTAX INTEGER (1..4)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The auxiliary variable used to identify instances
|
|
of the columnar objects in the WEP Default Keys Table.
|
|
The value of this variable is equal to the
|
|
WEPDefaultKeyID + 1"
|
|
::= { fsWEPDefaultKeysEntry 1 }
|
|
|
|
fsWEPDefaultKeyValue OBJECT-TYPE
|
|
SYNTAX OCTET STRING
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A WEP default secret key value."
|
|
::= { fsWEPDefaultKeysEntry 2 }
|
|
|
|
fsWEPDefaultKeyLength OBJECT-TYPE
|
|
SYNTAX INTEGER { wep40(1),wep104(2),wep128(3) }
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A WEP default secret key length."
|
|
::= { fsWEPDefaultKeysEntry 3 }
|
|
|
|
--********************************************************************
|
|
-- * End of dot11WEPDefaultKeys TABLE
|
|
--********************************************************************
|
|
|
|
--********************************************************************
|
|
--* Compliance statements
|
|
--********************************************************************
|
|
fsWlansecurityMIBConform OBJECT IDENTIFIER ::= { fsWLANsecurityMIB 2 }
|
|
|
|
fsWlansecurityMIBCompliances OBJECT IDENTIFIER ::= { fsWlansecurityMIBConform 1 }
|
|
|
|
fsWlansecurityMIBGroups OBJECT IDENTIFIER ::= { fsWlansecurityMIBConform 2 }
|
|
|
|
fsWlansecurityMIBCompliance MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for entities which implement
|
|
the wlan security module of FS Ac device Manager"
|
|
MODULE
|
|
MANDATORY-GROUPS {
|
|
fsWlansecuritycofigGroup,
|
|
fsWEPDefaultKeysGroup,
|
|
fsWlansecurityTrapGroup
|
|
}
|
|
::= { fsWlansecurityMIBCompliances 1 }
|
|
|
|
--********************************************************************
|
|
--* Units of conformance
|
|
--********************************************************************
|
|
|
|
fsWlansecuritycofigGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
fsAPworkmode,
|
|
fsWLANsecrymode ,
|
|
fsstaticweplength,
|
|
fs8021xweplength,
|
|
fsWPAenabled,
|
|
fsWPAPairwisecipher,
|
|
fsWPAakmmode,
|
|
fsWPApskPassPhrase,
|
|
fsWLANsecry80211i,
|
|
fsWAPIasuIpaddress,
|
|
fsWAPIcertificateformat,
|
|
fsWAPImsrekeyClientoff,
|
|
fsWAPIimportcertificate,
|
|
fsWAPIcacertificatename,
|
|
fsWAPIlocalcertificatename,
|
|
fsWAPIascertificatename,
|
|
fsRSNenabled,
|
|
fsRSNPairwisecipher,
|
|
fsRSNakmmode,
|
|
fsRSNpskPassPhrase,
|
|
fsWEPAuthenAlgorithm,
|
|
fsWLANsecurityStatus,
|
|
fsACauthenMethodsupport,
|
|
fsWLANEAPAuthenSupport,
|
|
fsWlansecurityWepDecrytEnableTrapVar,
|
|
fsWlansecurityDeviceMAC
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This collection of objects represents the
|
|
WLAN security private MIB "
|
|
::= { fsWlansecurityMIBGroups 1 }
|
|
|
|
fsWEPDefaultKeysGroup OBJECT-GROUP
|
|
OBJECTS {
|
|
fsWEPDefaultKeyValue,
|
|
fsWEPDefaultKeyLength
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This collection of objects represents the
|
|
WLAN WEP default keys."
|
|
::= { fsWlansecurityMIBGroups 2 }
|
|
|
|
fsWlansecurityTrapGroup NOTIFICATION-GROUP
|
|
NOTIFICATIONS {
|
|
fsWlansecurityWepDecrytErr
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This collection of objects represents the
|
|
wlan wep traps private MIB "
|
|
::= { fsWlansecurityMIBGroups 3 }
|
|
|
|
--***********************************************************
|
|
--* variable of trap
|
|
--***********************************************************
|
|
fsWlansecurityTrapvar OBJECT IDENTIFIER ::= { fsWLANsecurityMIB 3 }
|
|
|
|
fsWlansecurityWepDecrytEnableTrapVar OBJECT-TYPE
|
|
SYNTAX Integer32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Tell the host whether need to send the trap."
|
|
::= { fsWlansecurityTrapvar 1 }
|
|
|
|
fsWlansecurityDeviceMAC OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"MAC address of the device."
|
|
::= { fsWlansecurityTrapvar 2 }
|
|
--***********************************************************
|
|
--* wep decryt error trap
|
|
--***********************************************************
|
|
fsWLANsecurityTraps OBJECT IDENTIFIER ::= { fsWLANsecurityMIB 0 }
|
|
|
|
fsWlansecurityWepDecrytErr NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
fsApgWlanId,
|
|
fsWlansecurityDeviceMAC
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The information of an event of a wep decrytion error."
|
|
::= { fsWLANsecurityTraps 1 }
|
|
|
|
|
|
END
|