WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/bintec/BIANCA-BRICK-TACACSP-MIB

339 lines
9.2 KiB
Plaintext
Raw Blame History

-- This file is corresponding to Release 9.1.10.101 from 2014/08/11 00:00:00
-- (C)opyright 2004-2014 bintec elmeg GmbH, All Rights Reserved
-- $RCSfile: mibtacacsp,v $
-- $Revision: 1.7 $
BIANCA-BRICK-TACACSP-MIB DEFINITIONS ::= BEGIN
IMPORTS
Counter, IpAddress, enterprises
FROM RFC1155-SMI
DisplayString
FROM RFC1158-MIB
OBJECT-TYPE
FROM RFC-1212;
bintec OBJECT IDENTIFIER ::= { enterprises 272 }
bintecsec OBJECT IDENTIFIER ::= { bintec 254 }
tacacsp OBJECT IDENTIFIER
::= { bintecsec 13 }
tacacspServerTable OBJECT-TYPE
SYNTAX SEQUENCE OF TacacspServerEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
""
::= { tacacsp 1 }
tacacspServerEntry OBJECT-TYPE
SYNTAX TacacspServerEntry
ACCESS not-accessible
STATUS mandatory
DESCRIPTION
""
INDEX { tacacspSrvPriority }
::= { tacacspServerTable 1 }
TacacspServerEntry ::=
SEQUENCE {
tacacspSrvPriority INTEGER,
tacacspSrvAddress IpAddress,
tacacspSrvTcpPort INTEGER,
tacacspSrvSecret DisplayString,
tacacspSrvTimeout INTEGER,
-- tacacspSrvRetries INTEGER,
tacacspSrvAdminStatus INTEGER,
tacacspSrvOperStatus INTEGER,
tacacspSrvPolicy INTEGER,
tacacspSrvEncrMode INTEGER,
tacacspSrvMultiSession INTEGER,
-- tacacspSrvKeepalive INTEGER,
tacacspSrvPppAuth INTEGER,
tacacspSrvLoginAuth INTEGER,
tacacspSrvAccounting INTEGER,
tacacspSrvBlockTimeout INTEGER,
tacacspSrvAuthentNoResp INTEGER,
tacacspSrvAuthentNegResp INTEGER,
tacacspSrvPrivLvlOnLogin INTEGER
}
tacacspSrvPriority OBJECT-TYPE
SYNTAX INTEGER (0..9)
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The TACACS+ server with the lowest priority is the first
used for an TACACS+ AAA request. If there is no response
or the access was denied (in the non-authoritave case only,
see also tacacspSrvPolicy) the TACACS+ server with the next
lowest priority will be used. The default value is 0."
DEFVAL { 0 }
::= { tacacspServerEntry 1 }
tacacspSrvAddress OBJECT-TYPE
SYNTAX IpAddress
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The TACACS+ server IP address."
::= { tacacspServerEntry 2 }
tacacspSrvTcpPort OBJECT-TYPE
SYNTAX INTEGER
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The Login Host Protocol (TACACS) TCP port assigned
by the IANA."
DEFVAL { 49 }
::= { tacacspServerEntry 3 }
tacacspSrvSecret OBJECT-TYPE
SYNTAX DisplayString
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The shared secret between the TACACS+ server and the NAS
(encryption key in the TACACS+ server's configuration file)."
DEFVAL { "" }
::= { tacacspServerEntry 4 }
tacacspSrvTimeout OBJECT-TYPE
SYNTAX INTEGER (1..60)
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The amount of seconds waiting for an outstanding TACACS+
response. Default is three seconds."
DEFVAL { 3 }
::= { tacacspServerEntry 5 }
-- tacacspSrvRetries OBJECT-TYPE
-- SYNTAX INTEGER (0..10)
-- ACCESS read-write
-- STATUS mandatory
--
-- DESCRIPTION
-- "The number of retries sent for each request."
-- DEFVAL { 1 }
-- ::= { tacacspServerEntry 6 }
tacacspSrvAdminStatus OBJECT-TYPE
SYNTAX INTEGER {
up(1),
down(2),
delete(3)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"The administrative status of this TACACS+ server entry,
if set to up(1) the associated server will be used
for authentication, authorization and accounting according
the priority (see tacacspSrvPriority) and the current
operational status (see tacacspSrvOperStatus). Otherwise
this entry will not be considered for TACACS+ AAA requests."
DEFVAL { up }
::= { tacacspServerEntry 7 }
tacacspSrvOperStatus OBJECT-TYPE
SYNTAX INTEGER {
up(1),
blocked(2),
down(3)
}
ACCESS read-only
STATUS mandatory
DESCRIPTION
"The operational status of this TACACS+ server entry, the
status blocked will be set after a failed TACACS+ request.
If set to blocked(2) or down(3) this entry will not be
considered for TACACS+ AAA requests."
DEFVAL { up }
::= { tacacspServerEntry 8 }
tacacspSrvPolicy OBJECT-TYPE
SYNTAX INTEGER {
authoritative(1),
non-authoritative(2)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"If set to authoritative(1), a negative answer to a
request will be accepted. This is not necessarily
true when set to non-authoritative(2), where the
next TACACS+ server will be asked until there is
finally an authoritative(1) server configured."
DEFVAL { non-authoritative }
::= { tacacspServerEntry 9 }
tacacspSrvEncrMode OBJECT-TYPE
SYNTAX INTEGER {
encrypt(1),
cleartext(2)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"If set to encrypt(1) the TACACS+ packet will be MD5
encrypted. Otherwise - if set to cleartext(2) - the packet
and therefore all related information will be send
unencrypted. This mode is intended for testing but not
recommended for normal use."
DEFVAL { encrypt }
::= { tacacspServerEntry 10 }
tacacspSrvMultiSession OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"If enabled(1) multiple TACACS+ sessions (subsequent TACACS+
requests) may be supported simultaneously over a single TCP
connection. If multiple sessions are not being multiplexed
over a single TCP connection, a new connection will be opened
for each TACACS+ session and closed at the end of that
session."
DEFVAL { disabled }
::= { tacacspServerEntry 11 }
-- tacacspSrvKeepalive OBJECT-TYPE
-- SYNTAX INTEGER {
-- enabled(1),
-- disabled(2)
-- }
-- ACCESS read-write
-- STATUS mandatory
--
-- DESCRIPTION
-- "Enables the periodicaly keep alive check of established
-- (see tacacspSrvOperStatus) TACACS+ server."
-- DEFVAL { disabled }
-- ::= { tacacspServerEntry 12 }
tacacspSrvPppAuth OBJECT-TYPE
SYNTAX INTEGER {
disabled(1),
enabled(2)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"Enables the PPP authentication for the associated TACACS+
server."
DEFVAL { disabled }
::= { tacacspServerEntry 13 }
tacacspSrvLoginAuth OBJECT-TYPE
SYNTAX INTEGER {
disabled(1),
enabled(2)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"Enables the login authentication (shell) for the associated
TACACS+ server."
DEFVAL { enabled }
::= { tacacspServerEntry 14 }
tacacspSrvAccounting OBJECT-TYPE
SYNTAX INTEGER {
disabled(1),
enabled(2)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"Enables the TACACS+ accounting for the associated TACACS+
server."
DEFVAL { disabled }
::= { tacacspServerEntry 15 }
tacacspSrvBlockTimeout OBJECT-TYPE
SYNTAX INTEGER (0..3600)
ACCESS read-write
STATUS mandatory
DESCRIPTION
"Timeout in seconds for the blocked status (see also
tacacspSrvOperStatus), if expired, the operational status
is set to up(1) or down(3) according the the current
tacacspSrvAdminStatus. When set to zero, the operational
status is never set to blocked."
DEFVAL { 60 }
::= { tacacspServerEntry 16 }
tacacspSrvAuthentNoResp OBJECT-TYPE
SYNTAX INTEGER {
connection-bydefault(1),
connection-bylocalloginpwd(2),
connection-forbidden(3)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"Possible actions for the client when no response from servers :
- allowing the connection to the router by local login pwd (2)
- or stop the negociation (3)."
DEFVAL { 1 }
::= { tacacspServerEntry 17 }
tacacspSrvAuthentNegResp OBJECT-TYPE
SYNTAX INTEGER {
connection-bydefault(1),
connection-bylocalloginpwd(2),
connection-forbidden(3)
}
ACCESS read-write
STATUS mandatory
DESCRIPTION
"Possible actions for the client when negative response :
from servers.
- allowing the connection to the router by local login pwd (2)
- or stop the negociation (3)."
DEFVAL { 1 }
::= { tacacspServerEntry 18 }
tacacspSrvPrivLvlOnLogin OBJECT-TYPE
SYNTAX INTEGER (-1..15)
ACCESS read-write
STATUS mandatory
DESCRIPTION
"Configurable TACACS+ privilege level assigned after
successful authentication procedure. This user-specific
privilege level is needed for the subsequent command
authorization request(s). Note that the user is free to
change that initial privilege level via the 'enab<n>'
command, provided that it's enabled on the TACACS+ server.
If set to -1, this parameter will be ignored."
DEFVAL { 1 }
::= { tacacspServerEntry 19 }
END
View Git Blame Copy Permalink