WebApps/Observium_CE
1
0
Fork 0
Code Pull Requests Activity
Observium_CE/mibs/d-link/AUTH-MIB

2957 lines
90 KiB
Plaintext
Raw Blame History

-- -----------------------------------------------------------------------------
-- MIB NAME : Security Common mib
-- FILE NAME: Auth.mib
-- DATE : 2011/10/20
-- VERSION : 2.18
-- PURPOSE : To construct the MIB structure of security functions management
-- for proprietary enterprise
-- -----------------------------------------------------------------------------
-- MODIFICTION HISTORY:
-- -----------------------------------------------------------------------------
-- Version, Date, Author
-- Description:
-- [New Object]
-- [Modification]
-- Notes: (Requested by who and which project)
--
-- Version 2.18, 2011/10/20, Shawn
-- [Modification]
-- 1. Add value list "macJwac(7)" in swCompoundAuthPortMethod.
-- For support MAC+JWAC compound authentication method.
-- Request by Shawn for project DGS3120
--
-- Version 2.17, 2011/09/30, Shawn
-- [New Object]
-- Add "swRadiusVrfName" in "swRadiusCtrl" to support VRF function.
--
-- Version 2.16, 2011/09/29, Shone
-- [Modification]
-- 1. Modify description in swAuthSessionTime and swDot1xAuthSessionTime.
-- Request by Shone for project DES32XX.
--
-- Version 2.15, 2010/08/13, Shawn Chen
-- [New Object]
-- Add swAuthMACFormatCase, swAuthMACFormatDelimiter
-- and swAuthMACFormatDelimiterNumber to support the configurable MAC address format.
-- Request by Shawn Chen for project DES35XX.
--
-- Version 2.14, 2010/07/13, Tina He
-- [New Object]
-- Add swDot1xAuthStateTable, swDot1xAuthStatsTable, swDot1xAuthDiagTable,
-- and swDot1xAuthSessionStatsTable to support 802.1X per VLAN authentication.
-- Request by Tina He for project DES35XX.
--
-- Version 2.13, 2009/08/20, Shawn
-- [Modification]
-- 1. Rename swAuthorizationNetwork to swAuthorizationAttributes.
-- For support different attributes assignment.
-- 2. Delete value list "vlanbased(3)" in swCompoundAuthPortAuthMode.
-- 3. Modify description in swCompoundAuthPortAuthVLANs.
-- For support per VLAN authentication in host based mode.
-- Request by Shawn for project DES35XX.
--
-- Version 2.12, 2009/07/22, Shawn
-- [New Object]
-- 1. Add swCompoundAuthPortAuthVLANs in swCompoundAuthPortTable.
-- For support VLAN based mode.
-- 2. Add swAuthServerFailoverState in swCompoundAuthMgmt.
-- For support fail over enhancement function.
-- [Modification]
-- 1. Change "Multiple Authentication" to "Compound Authentication".
-- 2. Add value list "vlanbased(3)" in swCompoundAuthPortAuthMode.
-- For support VLAN based mode.
-- 3. Align the MIB file.
-- Request by Shawn for project DES35XX
--
-- Version 2.11, 2009/06/17, cherry
--[New Object]
-- 1. Add swMacBasedPaeTable for MAC base pae.
-- 2. Add swAuthenticatorPAEState, swAuthBKdAuthState to swAuthStateEntry for
-- display the Authenticator PAE state and the back Authentication state.
-- 3. According IEEE 802.1X, Rename "swAuthState" to "swAuthAuthControlledStatus".
-- Modify value lists "authenticated(2)" to "authenticated(2)", "blocked(3)"
-- to "unauthorized(3)".
-- Request by cherry for project DGS32XX.
--
-- Version 2.10, 2009/05/18, Shawn
-- [Modification]
-- 1. Add value list "macImpb(6)" in swMultiAuthPortMethod.
-- 2. Change value list terminology to "Impb" from "Imp" in swMultiAuthPortMethod.
-- Request by Shawn for project DES35XX
--
-- Version 2.09, 2009/01/21, steven
--[New Object]
-- 1. Add swAuthStateTable
--[Modification]
-- 1. Modify swMacAuthStateTable status to obsolete.
-- For the new function design of auth state(port-base and mac-base display together).
-- Request by steven for project DGS34XX, DES35XX
--
-- Version 2.08, 2008/12/17, Shawn
--[New Object]
-- 1. Add swAuthorizationNetwork,
-- System authorization for network
--[Modification]
-- 1. Modify value list in swMultiAuthPortMethod and swMultiAuthPortAuthMode,
-- the beginning index should be 1.
-- 2. Add impb_wac to swMultiAuthPortMethod,
-- WAC support Multiple Authentication.
-- 3. Modify swGuestVlanId access state into read-only.
-- Request by Shawn for project DGS34XX, DGS32XX, DES35XX
--
-- Version 2.07, 2008/11/14, Lina
--[New Object]
-- 1. add swAuthFailOver
-- Request by Lina for project DES35XXR2
--
-- Version 2.06, 2008/08/08, Shawn
--[New Object]
-- 1. add swMultiAuthMgmt
-- for Multiple Authentication CLI command.
-- Request by Shawn for project DGS3200
--
-- Version 2.05, 2008/05/30, Klevin
--[New Object]
-- 1. add swPaeAuthSysFwdPdu,swPaeAuthSysMaxUser and swPaeAuthConfigTable
-- for new 802.1x CLI command.
-- Request by Kelvin for project DGS3700
--
-- Version 2.04, 2008/03/06, Bonnie
--[New Object]
-- 1. add node swAuthorizationState
-- Request by Bonnie for project DHS3628R2.1
--
-- Version 2.03, 2007/11/1, Kelvin
--[Modification]
-- 1. change status of swRadiusServerIpAddr from current to obsolete.
--[New Object]
-- 1. add node swRadiusServerAddrType and swRadiusServerAddr in
-- swRadiusServerTable.
-- Request by Kelvin for project DGS3200
--
-- Version 2.02, 2007/06/21, Nic
--[New Object]
-- 1. add node swRadiusServerTimeout and swRadiusServerRetransmit in
-- swRadiusServerTable.
-- Request by Nic for project DES30XXR4.1
--
-- Version 2.01, 2007/05/10, Jenny
--[New Object]
-- 1. add swMacBasedPaePortTable table for MAC-based initialization control
-- or reauthentication control.
-- Request by Jenny for project DES3400
--
-- Version 2.00, 2007/03/27, Yedda
-- This is the first formal version for universal MIB definition.
-- -----------------------------------------------------------------------------
AUTH-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE,
Integer32, Unsigned32, Counter32,
Counter64, TimeTicks FROM SNMPv2-SMI
TruthValue, RowStatus, MacAddress FROM SNMPv2-TC
SnmpAdminString FROM SNMP-FRAMEWORK-MIB
IpAddress FROM RFC1155-SMI
DisplayString FROM RFC1213-MIB
InterfaceIndex FROM IF-MIB
PaeControlledPortStatus, dot1xPaePortNumber FROM IEEE8021-PAE-MIB
dlink-common-mgmt FROM DLINK-ID-REC-MIB
InetAddressType, InetAddress FROM INET-ADDRESS-MIB;
swAuthCtrl MODULE-IDENTITY
LAST-UPDATED "201110200000Z"
ORGANIZATION "D-Link Corp."
CONTACT-INFO
"http://support.dlink.com"
DESCRIPTION
"The Structure of Common Management Information for the
security functions of the devices."
::= { dlink-common-mgmt 3 }
-- -------------------------------------------------------------
-- Textual Conventions
-- -------------------------------------------------------------
PortList ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"Each octet within this value specifies a set of eight
ports, with the first octet specifying ports 1 through
8, the second octet specifying ports 9 through 16, etc.
Within each octet, the most significant bit represents
the lowest numbered port, and the least significant bit
represents the highest numbered port. Thus, each port
of the bridge is represented by a single bit within the
value of this object. If that bit has a value of '1'
then that port is included in the set of ports; the port
is not included if its bit has a value of '0'."
SYNTAX OCTET STRING
VlanId ::= TEXTUAL-CONVENTION
STATUS current
DESCRIPTION
"A 12-bit VLAN ID used in the VLAN Tag header."
SYNTAX INTEGER (1..4094)
-- -------------------------------------------------------------
-- groups in the Auth MIB
-- -------------------------------------------------------------
swAuthenCtrl OBJECT IDENTIFIER ::= { swAuthCtrl 1 }
swRadiusCtrl OBJECT IDENTIFIER ::= { swAuthCtrl 2 }
swRadiusAuthInfo OBJECT IDENTIFIER ::= { swAuthCtrl 3 }
swRadiusAccountingCtrl OBJECT IDENTIFIER ::= { swAuthCtrl 4 }
swRadiusAccountingInfo OBJECT IDENTIFIER ::= { swAuthCtrl 5 }
swMacAuthBaseStatsInfo OBJECT IDENTIFIER ::= { swAuthCtrl 6 }
swRadiusCommand OBJECT IDENTIFIER ::= { swAuthCtrl 7 }
swAuthenticatedPortInfo OBJECT IDENTIFIER ::= { swAuthCtrl 8 }
swMacBasedPaePortInfo OBJECT IDENTIFIER ::= { swAuthCtrl 9 }
swPaeAuthenticator OBJECT IDENTIFIER ::= { swAuthCtrl 10 }
swCompoundAuthMgmt OBJECT IDENTIFIER ::= { swAuthCtrl 11 }
-- -----------------------------------------------------------------------------
-- swAuthenCtrl
-- -----------------------------------------------------------------------------
authProtocol OBJECT-TYPE
SYNTAX INTEGER {
authProtocolNone(1),
authProtocolLocal(2),
authProtocolRadius(3),
authProtocolRadiusEap(4),
authProtocolRadiusChap(5),
authProtocolTacacs(6)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The authentication method used to authenticate users."
DEFVAL { authProtocolRadiusEap }
::= { swAuthenCtrl 1 }
swAuthMode OBJECT-TYPE
SYNTAX INTEGER {
portBase(1),
macBase(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the authentication mode of the device."
::= { swAuthenCtrl 2 }
swAuthorizationState OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the authorization status."
::= { swAuthenCtrl 3 }
swAuthFailOver OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the fail over status."
::= { swAuthenCtrl 4}
-- -----------------------------------------------------------------------------
-- swRadiusConfig
-- -----------------------------------------------------------------------------
swRadiusDeadTime OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the number of minutes when a RADIUS server
that is not responding to authentication requests,
is considered unavailable and will no longer accept
further requests for RADIUS authentication."
DEFVAL { 1 }
::= { swRadiusCtrl 1}
swRadiusTimeout OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the number of seconds the NAS
will wait for a reply to a RADIUS request
before retransmitting the request."
DEFVAL { 10 }
::= { swRadiusCtrl 2 }
swRadiusRetransmitAttempts OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the number of times the NAS
transmits each RADIUS request to the
server before giving up."
DEFVAL { 2 }
::= { swRadiusCtrl 3 }
swRadiusServerTable OBJECT-TYPE
SYNTAX SEQUENCE OF RadiusServerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" The RADIUS server table "
::= { swRadiusCtrl 4 }
swRadiusServerEntry OBJECT-TYPE
SYNTAX RadiusServerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" The entries of the RADIUS server table"
INDEX { swRadiusServerIndex }
::= { swRadiusServerTable 1 }
RadiusServerEntry ::=
SEQUENCE {
swRadiusServerIndex INTEGER,
swRadiusServerIpAddr IpAddress,
swRadiusServerKey OCTET STRING,
swRadiusAuthPortNumber Unsigned32,
swRadiusAcctPortNumber Unsigned32,
swRadiusServerStatus RowStatus,
swRadiusServerTimeout Unsigned32,
swRadiusServerRetransmit Unsigned32,
swRadiusServerAddrType InetAddressType,
swRadiusServerAddr InetAddress
}
swRadiusServerIndex OBJECT-TYPE
SYNTAX INTEGER {
swRadiusServerIndex-first(1),
swRadiusServerIndex-second(2),
swRadiusServerIndex-third(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The index of the RADIUS server"
::= { swRadiusServerEntry 1 }
swRadiusServerIpAddr OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The IP address of the RADIUS server"
::= { swRadiusServerEntry 2 }
swRadiusServerKey OBJECT-TYPE
SYNTAX OCTET STRING( SIZE(1..32))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The key of the RADIUS server"
::= { swRadiusServerEntry 3 }
swRadiusAuthPortNumber OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The UDP destination port number used
for authentication requests to this
server."
DEFVAL { 1812 }
::= { swRadiusServerEntry 4 }
swRadiusAcctPortNumber OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The UDP destination port number used
for accounting requests to this
server"
DEFVAL { 1813 }
::= { swRadiusServerEntry 5 }
swRadiusServerStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The status of the RADIUS server"
::= { swRadiusServerEntry 6 }
swRadiusServerTimeout OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies the number of seconds the NAS
will wait for a reply to a RADIUS request
before retransmitting the request."
DEFVAL { 5 }
::= { swRadiusServerEntry 7 }
swRadiusServerRetransmit OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Specifies the number of times the NAS
transmits RADIUS requests to the
server before giving up."
DEFVAL { 2 }
::= { swRadiusServerEntry 8 }
swRadiusServerAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The type of RADIUS Server address as specified by
object 'swRadiusServerAddr'."
DEFVAL { ipv4 }
::= { swRadiusServerEntry 9 }
swRadiusServerAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The address of the RADIUS Server."
::= { swRadiusServerEntry 10 }
swRadiusVrfName OBJECT-TYPE
SYNTAX DisplayString(SIZE(0..12))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used to add or remove the VRF for 802.1X RADIUS"
::= { swRadiusCtrl 5 }
-- -----------------------------------------------------------------------------
-- swRadiusAuth
-- -----------------------------------------------------------------------------
swRadiusAuthClientIdentifier OBJECT-TYPE
SYNTAX OCTET STRING(SIZE (0..40))
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"NAS Identifier. It was made obsolete by RFC 2618 and RFC 2620."
::= { swRadiusAuthInfo 1 }
swRadiusAuthClientInvalidServerAddresses OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"Statistics infomation - The number of RADIUS
Access-Response packets received from unknown
addresses. It was made obsolete by RFC 2618 and RFC 2620."
::= { swRadiusAuthInfo 2 }
swRadiusAuthServerTable OBJECT-TYPE
SYNTAX SEQUENCE OF RadiusAuthServerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The authenticate table for the RADIUS server."
::= { swRadiusAuthInfo 3 }
swRadiusAuthServerEntry OBJECT-TYPE
SYNTAX RadiusAuthServerEntry
MAX-ACCESS not-accessible
STATUS obsolete
DESCRIPTION
"A list of RADIUS authentication servers. It was made obsolete by RFC 2618 and RFC 2620."
INDEX { swRadiusAuthServerIndex }
::= { swRadiusAuthServerTable 1 }
RadiusAuthServerEntry ::=
SEQUENCE {
swRadiusAuthServerIndex Integer32,
swRadiusAuthServerAddress IpAddress,
swRadiusAuthClientServerPortNumber Unsigned32,
swRadiusAuthClientRoundTripTime Counter32,
swRadiusAuthClientAccessRequests Counter32,
swRadiusAuthClientAccessRetransmissions Counter32,
swRadiusAuthClientAccessAccepts Counter32,
swRadiusAuthClientAccessRejects Counter32,
swRadiusAuthClientAccessChallenges Counter32,
swRadiusAuthClientMalformedAccessResponses Counter32,
swRadiusAuthClientBadAuthenticators Counter32,
swRadiusAuthClientPendingRequests Counter32,
swRadiusAuthClientTimeouts Counter32,
swRadiusAuthClientUnknownTypes Counter32,
swRadiusAuthClientPacketsDropped Counter32
}
swRadiusAuthServerIndex OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The RADIUS Server Index. It was made obsolete by RFC 2618 and RFC 2620."
::= { swRadiusAuthServerEntry 1 }
swRadiusAuthServerAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The RADIUS authentication server address. It was made obsolete by RFC 2618 and RFC 2620."
::= { swRadiusAuthServerEntry 2 }
swRadiusAuthClientServerPortNumber OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The UDP socket port numbers. It was made obsolete by RFC 2618 and RFC 2620."
DEFVAL { 1812 }
::= { swRadiusAuthServerEntry 3 }
swRadiusAuthClientRoundTripTime OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The round trip time counter from the RADIUS Authentication Client. It was made
obsolete by RFC 2618 and RFC 2620."
::= { swRadiusAuthServerEntry 4 }
swRadiusAuthClientAccessRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
" The number of access requests from a RADIUS Authentication Client. It
was made obsolete by RFC 2618 and RFC 2620."
::= { swRadiusAuthServerEntry 5 }
swRadiusAuthClientAccessRetransmissions OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
" The number of retransmissions sent from the RADIUS Authentication Client. It
was made obsolete by RFC 2618 and RFC 2620."
::= { swRadiusAuthServerEntry 6 }
swRadiusAuthClientAccessAccepts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The number of authentication access attempts from the RADIUS Authentication Client.
It was made obsolete by RFC 2618 and RFC 2620."
::= { swRadiusAuthServerEntry 7 }
swRadiusAuthClientAccessRejects OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The counter stating the Client Access Authentication rejections. It was made obsolete
by RFC 2618 and RFC 2620."
::= { swRadiusAuthServerEntry 8 }
swRadiusAuthClientAccessChallenges OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The counter stating the number of Access challenges from RADIUS authentication attempts.
It was made obsolete by RFC 2618 and RFC 2620."
::= { swRadiusAuthServerEntry 9 }
swRadiusAuthClientMalformedAccessResponses OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The counter for malformed access responses from RADIUS Authentication Clients.
It was made obsolete by RFC 2618 and RFC 2620."
::= { swRadiusAuthServerEntry 10 }
swRadiusAuthClientBadAuthenticators OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The counter of bad authenticators from the RADIUS Authentication Client.
It was made obsolete by RFC 2618 and RFC 2620."
::= { swRadiusAuthServerEntry 11 }
swRadiusAuthClientPendingRequests OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The counter of pending requests from the RADIUS Authentication Client.
It was made obsolete by RFC 2618 and RFC 2620."
::= { swRadiusAuthServerEntry 12 }
swRadiusAuthClientTimeouts OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The counter of timeouts from a RADIUS Authentication Client. It was
made obsolete by RFC 2618 and RFC 2620."
::= { swRadiusAuthServerEntry 13 }
swRadiusAuthClientUnknownTypes OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The counter for unknown types from a RADIUS Authentication Client. It
was made obsolete by RFC 2618 and RFC 2620."
::= { swRadiusAuthServerEntry 14 }
swRadiusAuthClientPacketsDropped OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The counter of dropped packets from a RADIUS Authentication Client.
It was made obsolete by RFC 2618 and RFC 2620. "
::= { swRadiusAuthServerEntry 15 }
-- -----------------------------------------------------------------------------
-- accountingConfig
-- -----------------------------------------------------------------------------
swRadiusAcctUpdateInterval OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Time interval after which this RADIUS record
should be updated and sent to an
accounting server."
::= { swRadiusAccountingCtrl 1 }
swRadiusAcctSuppressNullUserName OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates whether or not accounting records will be generated for users with null names."
::= { swRadiusAccountingCtrl 2 }
swRadiusAcctServiceTable OBJECT-TYPE
SYNTAX SEQUENCE OF AcctServiceEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"RADIUS accounting Table"
::= { swRadiusAccountingCtrl 3 }
swRadiusAcctServiceEntry OBJECT-TYPE
SYNTAX AcctServiceEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The list of accounting services."
INDEX { swRadiusAcctServiceIndex }
::= { swRadiusAcctServiceTable 1 }
AcctServiceEntry ::=
SEQUENCE {
swRadiusAcctServiceIndex
INTEGER,
swRadiusAcctServiceMethod
INTEGER,
swRadiusAcctServiceMode
INTEGER
}
swRadiusAcctServiceIndex OBJECT-TYPE
SYNTAX INTEGER {
acctServiceIndex-network(1),
acctServiceIndex-exec(2),
acctServiceIndex-system(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The Accounting table index"
::= { swRadiusAcctServiceEntry 1}
swRadiusAcctServiceMethod OBJECT-TYPE
SYNTAX INTEGER {
swRadiusAcctServiceMethodNone(1),
swRadiusAcctServiceMethodRadius(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The accounting service method"
DEFVAL { 2 }
::= { swRadiusAcctServiceEntry 2 }
swRadiusAcctServiceMode OBJECT-TYPE
SYNTAX INTEGER {
radiusAcctServiceModeNone(1),
radiusAcctServiceModeStartStop(2),
radiusAcctServiceModeStopOnly(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The accounting service mode"
DEFVAL { 2 }
::= { swRadiusAcctServiceEntry 3 }
-- -----------------------------------------------------------------------------
-- swRadiusAccounting is support in rfc2620.mib , remove from this mib file
-- -----------------------------------------------------------------------------
-- -----------------------------------------------------------------------------
-- The Mac-base Authenticator State Table
-- -----------------------------------------------------------------------------
swMacAuthStateTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwMacAuthStateEntry
MAX-ACCESS not-accessible
STATUS obsolete
DESCRIPTION
"A table that contains the status objects for the
Authenticator PAE associated with each virtual port (MAC address).
An entry appears in this table for each virtual port that may
authenticate access to itself."
::= { swMacAuthBaseStatsInfo 1 }
swMacAuthStateEntry OBJECT-TYPE
SYNTAX SwMacAuthStateEntry
MAX-ACCESS not-accessible
STATUS obsolete
DESCRIPTION
"The information for an Authenticator
PAE."
INDEX {swPaeMacAddr ,swPaePortNumber}
::= { swMacAuthStateTable 1 }
SwMacAuthStateEntry ::=
SEQUENCE {
swPaeMacAddr
MacAddress,
swPaePortNumber
InterfaceIndex,
swAuthPaeState
INTEGER,
swAuthBackendAuthState
INTEGER,
swAuthAuthControlledPortStatus
PaeControlledPortStatus
}
swPaeMacAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS obsolete
DESCRIPTION
"The address associated with this MAC address."
::= { swMacAuthStateEntry 1 }
swPaePortNumber OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS not-accessible
STATUS obsolete
DESCRIPTION
"The PAE Port number associated with this Port."
::= { swMacAuthStateEntry 2 }
swAuthPaeState OBJECT-TYPE
SYNTAX INTEGER {
initialize(1),
disconnected(2),
connecting(3),
authenticating(4),
authenticated(5),
aborting(6),
held(7),
forceAuth(8),
forceUnauth(9)
}
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The current value of the Authenticator PAE state
machine."
::= { swMacAuthStateEntry 3 }
swAuthBackendAuthState OBJECT-TYPE
SYNTAX INTEGER {
request(1),
response(2),
success(3),
fail(4),
timeout(5),
idle(6),
initialize(7)
}
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The current state of the Backend Authentication
state machine."
::= { swMacAuthStateEntry 4 }
swAuthAuthControlledPortStatus OBJECT-TYPE
SYNTAX PaeControlledPortStatus
MAX-ACCESS read-only
STATUS obsolete
DESCRIPTION
"The current value of the controlled Port
status parameter for the Port."
::= { swMacAuthStateEntry 5 }
-- -----------------------------------------------------------------------------
-- The Authenticator Statistics Table
-- -----------------------------------------------------------------------------
swMacAuthStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwMacAuthStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains the statistics objects for the
Authenticator PAE associated with each MAC address.
An entry appears in this table for each MAC address that may
authenticate access to itself."
::= { swMacAuthBaseStatsInfo 2 }
swMacAuthStatsEntry OBJECT-TYPE
SYNTAX SwMacAuthStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The statistics information for an Authenticator PAE."
INDEX { swPaeMacAddr ,swPaePortNumber}
::= { swMacAuthStatsTable 1 }
SwMacAuthStatsEntry ::=
SEQUENCE {
swAuthEapolFramesRx
Counter32,
swAuthEapolFramesTx
Counter32,
swAuthEapolStartFramesRx
Counter32,
swAuthEapolLogoffFramesRx
Counter32,
swAuthEapolRespIdFramesRx
Counter32,
swAuthEapolRespFramesRx
Counter32,
swAuthEapolReqIdFramesTx
Counter32,
swAuthEapolReqFramesTx
Counter32,
swAuthInvalidEapolFramesRx
Counter32,
swAuthEapLengthErrorFramesRx
Counter32,
swAuthLastEapolFrameVersion
Unsigned32,
swAuthLastEapolFrameSource
MacAddress
}
swAuthEapolFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of valid EAPOL frames of any type
that have been received by this Authenticator."
REFERENCE
"9.4.2, EAPOL frames received"
::= { swMacAuthStatsEntry 1 }
swAuthEapolFramesTx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAPOL frames of any type
that have been transmitted by this Authenticator."
REFERENCE
"9.4.2, EAPOL frames transmitted"
::= { swMacAuthStatsEntry 2 }
swAuthEapolStartFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAPOL Start frames that have
been received by this Authenticator."
REFERENCE
"9.4.2, EAPOL Start frames received"
::= { swMacAuthStatsEntry 3 }
swAuthEapolLogoffFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAPOL logoff frames that have
been received by this Authenticator."
REFERENCE
"9.4.2, EAPOL Logoff frames received"
::= { swMacAuthStatsEntry 4 }
swAuthEapolRespIdFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAP Resp/Id frames that have
been received by this Authenticator."
REFERENCE
"9.4.2, EAPOL Resp/Id frames received"
::= { swMacAuthStatsEntry 5 }
swAuthEapolRespFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of valid EAP Response frames,
other than Resp/Id frames, that have been
received by this Authenticator."
REFERENCE
"9.4.2, EAPOL Response frames received"
::= { swMacAuthStatsEntry 6 }
swAuthEapolReqIdFramesTx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAP Req/Id frames that have been
transmitted by this Authenticator."
REFERENCE
"9.4.2, EAPOL Req/Id frames transmitted"
::= { swMacAuthStatsEntry 7 }
swAuthEapolReqFramesTx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAP Request frames,
other than Rq/Id frames, that have been
transmitted by this Authenticator."
REFERENCE
"9.4.2, EAPOL Request frames transmitted"
::= { swMacAuthStatsEntry 8 }
swAuthInvalidEapolFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAPOL frames that have been
received by this Authenticator for which the
frame type is not recognized."
REFERENCE
"9.4.2, Invalid EAPOL frames received"
::= { swMacAuthStatsEntry 9 }
swAuthEapLengthErrorFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAPOL frames that have been received
by this Authenticator for which the Packet Body
Length field is invalid."
REFERENCE
"9.4.2, EAP length error frames received"
::= { swMacAuthStatsEntry 10 }
swAuthLastEapolFrameVersion OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The protocol version number carried in the
most recently received EAPOL frame."
REFERENCE
"9.4.2, Last EAPOL frame version"
::= { swMacAuthStatsEntry 11 }
swAuthLastEapolFrameSource OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The source MAC address carried in the
most recently received EAPOL frame."
REFERENCE
"9.4.2, Last EAPOL frame source"
::= { swMacAuthStatsEntry 12 }
-- -----------------------------------------------------------------------------
-- The Authenticator Diagnostics Table
-- -----------------------------------------------------------------------------
swMacAuthDiagTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwMacAuthDiagEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains the diagnostics objects for the
Authenticator PAE associated with each MAC address.
An entry appears in this table for each MAC address that may
authenticate access to itself."
::= { swMacAuthBaseStatsInfo 3 }
swMacAuthDiagEntry OBJECT-TYPE
SYNTAX SwMacAuthDiagEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The diagnostics information for an Authenticator PAE."
INDEX { swPaeMacAddr ,swPaePortNumber }
::= { swMacAuthDiagTable 1 }
SwMacAuthDiagEntry ::=
SEQUENCE {
swAuthEntersConnecting
Counter32,
swAuthEapLogoffsWhileConnecting
Counter32,
swAuthEntersAuthenticating
Counter32,
swAuthAuthSuccessWhileAuthenticating
Counter32,
swAuthAuthTimeoutsWhileAuthenticating
Counter32,
swAuthAuthFailWhileAuthenticating
Counter32,
swAuthAuthReauthsWhileAuthenticating
Counter32,
swAuthAuthEapStartsWhileAuthenticating
Counter32,
swAuthAuthEapLogoffWhileAuthenticating
Counter32,
swAuthAuthReauthsWhileAuthenticated
Counter32,
swAuthAuthEapStartsWhileAuthenticated
Counter32,
swAuthAuthEapLogoffWhileAuthenticated
Counter32,
swAuthBackendResponses
Counter32,
swAuthBackendAccessChallenges
Counter32,
swAuthBackendOtherRequestsToSupplicant
Counter32,
swAuthBackendNonNakResponsesFromSupplicant
Counter32,
swAuthBackendAuthSuccesses
Counter32,
swAuthBackendAuthFails
Counter32
}
swAuthEntersConnecting OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions to a CONNECTING state from any other
state."
REFERENCE
"9.4.2, 8.5.4.2.1"
::= { swMacAuthDiagEntry 1 }
swAuthEapLogoffsWhileConnecting OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from CONNECTING to DISCONNECTED as a result
of receiving an EAPOL-Logoff message."
REFERENCE
"9.4.2, 8.5.4.2.2"
::= { swMacAuthDiagEntry 2 }
swAuthEntersAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from CONNECTING to AUTHENTICATING, as a
result of an EAP-Response/Identity message being
received from the Supplicant."
REFERENCE
"9.4.2, 8.5.4.2.3"
::= { swMacAuthDiagEntry 3 }
swAuthAuthSuccessWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to AUTHENTICATED, as a
result of the Backend Authentication state machine,
indicating successful authentication of the Supplicant
(authSuccess = TRUE)."
REFERENCE
"9.4.2, 8.5.4.2.4"
::= { swMacAuthDiagEntry 4 }
swAuthAuthTimeoutsWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to ABORTING, as a result
of the Backend Authentication state machine indicating
authentication timeout (authTimeout = TRUE)."
REFERENCE
"9.4.2, 8.5.4.2.5"
::= { swMacAuthDiagEntry 5 }
swAuthAuthFailWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to HELD, as a result
of the Backend Authentication state machine indicating
authentication failure (authFail = TRUE)."
REFERENCE
"9.4.2, 8.5.4.2.6"
::= { swMacAuthDiagEntry 6 }
swAuthAuthReauthsWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to ABORTING, as a result
of a reauthentication request (reAuthenticate = TRUE)."
REFERENCE
"9.4.2, 8.5.4.2.7"
::= { swMacAuthDiagEntry 7 }
swAuthAuthEapStartsWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to ABORTING, as a result
of an EAPOL-Start message being received
from the Supplicant."
REFERENCE
"9.4.2, 8.5.4.2.8"
::= { swMacAuthDiagEntry 8 }
swAuthAuthEapLogoffWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to ABORTING, as a result
of an EAPOL-Logoff message being received
from the Supplicant."
REFERENCE
"9.4.2, 8.5.4.2.9"
::= { swMacAuthDiagEntry 9 }
swAuthAuthReauthsWhileAuthenticated OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATED to CONNECTING, as a
result of a reauthentication request
(reAuthenticate = TRUE)."
REFERENCE
"9.4.2, 8.5.4.2.10"
::= { swMacAuthDiagEntry 10 }
swAuthAuthEapStartsWhileAuthenticated OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATED to CONNECTING, as a
result of an EAPOL-Start message received from the
Supplicant."
REFERENCE
"9.4.2, 8.5.4.2.11"
::= { swMacAuthDiagEntry 11 }
swAuthAuthEapLogoffWhileAuthenticated OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATED to DISCONNECTED, as a
result of an EAPOL-Logoff message received from
the Supplicant."
REFERENCE
"9.4.2, 8.5.4.2.12"
::= { swMacAuthDiagEntry 12 }
swAuthBackendResponses OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine sends
an initial Access-Request packet to the Authentication
server (i.e., executes sendRespToServer on entry to the
RESPONSE state). Indicates that the Authenticator
attempted communication with the Authentication Server."
REFERENCE
"9.4.2, 8.5.6.2.1"
::= { swMacAuthDiagEntry 13 }
swAuthBackendAccessChallenges OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
receives an initial Access-Challenge packet from the
Authentication server (i.e., aReq becomes TRUE,
causing exit from the RESPONSE state). Indicates that
the Authentication Server has communication with
the Authenticator."
REFERENCE
"9.4.2, 8.5.6.2.2"
::= { swMacAuthDiagEntry 14 }
swAuthBackendOtherRequestsToSupplicant OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
sends an EAP-Request packet (other than an Identity,
Notification, Failure or Success message) to the
Supplicant (i.e., executes txReq on entry to the
REQUEST state). Indicates that the Authenticator chose
an EAP-method."
REFERENCE
"9.4.2, 8.5.6.2.3"
::= { swMacAuthDiagEntry 15 }
swAuthBackendNonNakResponsesFromSupplicant OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
receives a response from the Supplicant to an initial
EAP-Request, and the response is something other than
EAP-NAK (i.e., rxResp becomes TRUE, causing the state
machine to transition from REQUEST to RESPONSE,
and the response is not an EAP-NAK). Indicates that
the Supplicant can respond to the Authenticator's
chosen EAP-method."
REFERENCE
"9.4.2, 8.5.6.2.4"
::= { swMacAuthDiagEntry 16 }
swAuthBackendAuthSuccesses OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
receives an EAP-Success message from the Authentication
Server (i.e., a Success becomes TRUE, causing a
transition from RESPONSE to SUCCESS). Indicates that
the Supplicant has successfully authenticated to
the Authentication Server."
REFERENCE
"9.4.2, 8.5.6.2.5"
::= { swMacAuthDiagEntry 17 }
swAuthBackendAuthFails OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
receives an EAP-Failure message from the Authentication
Server (i.e., a Fail becomes TRUE, causing a transition
from RESPONSE to FAIL). Indicates that the Supplicant
has not authenticated to the Authentication Server."
REFERENCE
"9.4.2, 8.5.6.2.6"
::= { swMacAuthDiagEntry 18 }
-- -----------------------------------------------------------------------------
-- The Authenticator Session Statistics Table
-- -----------------------------------------------------------------------------
swMacAuthSessionStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwMacAuthSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains the session statistics objects
for the Authenticator PAE associated with each MAC address.
An entry appears in this table for each MAC address that may
authenticate access to itself."
::= { swMacAuthBaseStatsInfo 4 }
swMacAuthSessionStatsEntry OBJECT-TYPE
SYNTAX SwMacAuthSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The session statistics information for an Authenticator
PAE. This shows the current values being collected for
each session that is still in progress, or the final
values for the last valid session on each MAC address where
there is no session currently active."
INDEX { swPaeMacAddr ,swPaePortNumber }
::= { swMacAuthSessionStatsTable 1 }
SwMacAuthSessionStatsEntry ::=
SEQUENCE {
swAuthSessionOctetsRx
Counter64,
swAuthSessionOctetsTx
Counter64,
swAuthSessionFramesRx
Counter32,
swAuthSessionFramesTx
Counter32,
swAuthSessionId
SnmpAdminString,
swAuthSessionAuthenticMethod
INTEGER,
swAuthSessionTime
TimeTicks,
swAuthSessionTerminateCause
INTEGER,
swAuthSessionUserName
SnmpAdminString
}
swAuthSessionOctetsRx OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of octets received in user data
frames from this MAC address during the session."
REFERENCE
"9.4.4, Session Octets Received"
::= { swMacAuthSessionStatsEntry 1 }
swAuthSessionOctetsTx OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of octets transmitted in user data
frames to this MAC address during the session."
::= { swMacAuthSessionStatsEntry 2 }
swAuthSessionFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of user data frames received
from this MAC address during the session."
::= { swMacAuthSessionStatsEntry 3 }
swAuthSessionFramesTx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of user data frames transmitted
to this MAC address during the session."
REFERENCE
"9.4.4, Session Frames Transmitted"
::= { swMacAuthSessionStatsEntry 4 }
swAuthSessionId OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique identifier for the session, in the
form of a printable ASCII string of at least
three characters."
REFERENCE
"9.4.4, Session Identifier"
::= { swMacAuthSessionStatsEntry 5 }
swAuthSessionAuthenticMethod OBJECT-TYPE
SYNTAX INTEGER {
remoteAuthServer(1),
localAuthServer(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The authentication method used to establish the
session."
REFERENCE
"9.4.4, Session Authentication Method"
::= { swMacAuthSessionStatsEntry 6 }
swAuthSessionTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The duration of the session in units of hundredth of a second."
REFERENCE
"9.4.4, Session Time"
::= { swMacAuthSessionStatsEntry 7 }
swAuthSessionTerminateCause OBJECT-TYPE
SYNTAX INTEGER {
supplicantLogoff(1),
portFailure(2),
supplicantRestart(3),
reauthFailed(4),
authControlForceUnauth(5),
portReInit(6),
portAdminDisabled(7),
notTerminatedYet(999)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The reason for the session termination."
REFERENCE
"9.4.4, Session Terminate Cause"
::= { swMacAuthSessionStatsEntry 8 }
swAuthSessionUserName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The User-Name representing the identity of the
Supplicant PAE."
REFERENCE
"9.4.4, Session User Name"
::= { swMacAuthSessionStatsEntry 9 }
-- -----------------------------------------------------------------------------
-- The Dot1x Authenticator State Table
-- -----------------------------------------------------------------------------
swDot1xAuthStateTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwDot1xAuthStateEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains the status objects for the
Authenticator PAE associated with each host. An
entry appears in this table for each host that may
authenticate access to itself."
::= { swMacAuthBaseStatsInfo 5 }
swDot1xAuthStateEntry OBJECT-TYPE
SYNTAX SwDot1xAuthStateEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The information for an Authenticator PAE."
INDEX {swDot1xAuthPortNumber ,swDot1xAuthVID ,swDot1xAuthMACAddress}
::= { swDot1xAuthStateTable 1 }
SwDot1xAuthStateEntry ::=
SEQUENCE {
swDot1xAuthPortNumber
InterfaceIndex,
swDot1xAuthVID
INTEGER,
swDot1xAuthMACAddress
MacAddress,
swDot1xAuthenticatorPAEState
INTEGER,
swDot1xAuthBackendAuthState
INTEGER,
swDot1xAuthAuthControlledStatus
INTEGER,
swDot1xAuthAssignVID
INTEGER,
swDot1xAuthAssignPriority
INTEGER
}
swDot1xAuthPortNumber OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The Port number associated with this host."
::= { swDot1xAuthStateEntry 1 }
swDot1xAuthVID OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The Original VID associated with this host."
::= { swDot1xAuthStateEntry 2 }
swDot1xAuthMACAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The MAC address associated with this host."
::= { swDot1xAuthStateEntry 3 }
swDot1xAuthenticatorPAEState OBJECT-TYPE
SYNTAX INTEGER {
initialize(1),
disconnected(2),
connecting(3),
authenticating(4),
authenticated(5),
aborting(6),
held(7),
forceAuth(8),
forceUnauth(9)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current value of the Authenticator PAE state
machine."
::= { swDot1xAuthStateEntry 4 }
swDot1xAuthBackendAuthState OBJECT-TYPE
SYNTAX INTEGER {
request(1),
response(2),
success(3),
fail(4),
timeout(5),
idle(6),
initialize(7)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current state of the Backend Authentication
state machine."
::= { swDot1xAuthStateEntry 5 }
swDot1xAuthAuthControlledStatus OBJECT-TYPE
SYNTAX INTEGER {
authenticating(1),
authorized(2),
unauthorized(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The authenticate state of the host."
::= { swDot1xAuthStateEntry 6}
swDot1xAuthAssignVID OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The VID assigned by the RADIUS server."
::= { swDot1xAuthStateEntry 7 }
swDot1xAuthAssignPriority OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The priority assigned by the RADIUS server."
::= { swDot1xAuthStateEntry 8 }
-- -----------------------------------------------------------------------------
-- The Dot1x Authenticator Statistics Table
-- -----------------------------------------------------------------------------
swDot1xAuthStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwDot1xAuthStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains the statistics objects for the
Authenticator PAE associated with each host. An entry
appears in this table for each host that may
authenticate access to itself."
::= { swMacAuthBaseStatsInfo 6 }
swDot1xAuthStatsEntry OBJECT-TYPE
SYNTAX SwDot1xAuthStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The statistics information for an Authenticator PAE."
INDEX {swDot1xAuthPortNumber ,swDot1xAuthVID ,swDot1xAuthMACAddress}
::= { swDot1xAuthStatsTable 1 }
SwDot1xAuthStatsEntry ::=
SEQUENCE {
swDot1xAuthEapolFramesRx
Counter32,
swDot1xAuthEapolFramesTx
Counter32,
swDot1xAuthEapolStartFramesRx
Counter32,
swDot1xAuthEapolLogoffFramesRx
Counter32,
swDot1xAuthEapolRespIdFramesRx
Counter32,
swDot1xAuthEapolRespFramesRx
Counter32,
swDot1xAuthEapolReqIdFramesTx
Counter32,
swDot1xAuthEapolReqFramesTx
Counter32,
swDot1xAuthInvalidEapolFramesRx
Counter32,
swDot1xAuthEapLengthErrorFramesRx
Counter32,
swDot1xAuthLastEapolFrameVersion
Unsigned32,
swDot1xAuthLastEapolFrameSource
MacAddress
}
swDot1xAuthEapolFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of valid EAPOL frames of any type
that have been received by this Authenticator."
REFERENCE
"9.4.2, EAPOL frames received"
::= { swDot1xAuthStatsEntry 1 }
swDot1xAuthEapolFramesTx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAPOL frames of any type
that have been transmitted by this Authenticator."
REFERENCE
"9.4.2, EAPOL frames transmitted"
::= { swDot1xAuthStatsEntry 2 }
swDot1xAuthEapolStartFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAPOL Start frames that have
been received by this Authenticator."
REFERENCE
"9.4.2, EAPOL Start frames received"
::= { swDot1xAuthStatsEntry 3 }
swDot1xAuthEapolLogoffFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAPOL Logoff frames that have
been received by this Authenticator."
REFERENCE
"9.4.2, EAPOL Logoff frames received"
::= { swDot1xAuthStatsEntry 4 }
swDot1xAuthEapolRespIdFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAP Resp/Id frames that have
been received by this Authenticator."
REFERENCE
"9.4.2, EAPOL Resp/Id frames received"
::= { swDot1xAuthStatsEntry 5 }
swDot1xAuthEapolRespFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of valid EAP Response frames
(other than Resp/Id frames) that have been
received by this Authenticator."
REFERENCE
"9.4.2, EAPOL Response frames received"
::= { swDot1xAuthStatsEntry 6 }
swDot1xAuthEapolReqIdFramesTx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAP Req/Id frames that have been
transmitted by this Authenticator."
REFERENCE
"9.4.2, EAPOL Req/Id frames transmitted"
::= { swDot1xAuthStatsEntry 7 }
swDot1xAuthEapolReqFramesTx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAP Request frames
(other than Rq/Id frames) that have been
transmitted by this Authenticator."
REFERENCE
"9.4.2, EAPOL Request frames transmitted"
::= { swDot1xAuthStatsEntry 8 }
swDot1xAuthInvalidEapolFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAPOL frames that have been
received by this Authenticator for which the
frame type is not recognized."
REFERENCE
"9.4.2, Invalid EAPOL frames received"
::= { swDot1xAuthStatsEntry 9 }
swDot1xAuthEapLengthErrorFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAPOL frames that have been received
by this Authenticator for which the Packet Body
Length field is invalid."
REFERENCE
"9.4.2, EAP length error frames received"
::= { swDot1xAuthStatsEntry 10 }
swDot1xAuthLastEapolFrameVersion OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The protocol version number carried in the
most recently received EAPOL frame."
REFERENCE
"9.4.2, Last EAPOL frame version"
::= { swDot1xAuthStatsEntry 11 }
swDot1xAuthLastEapolFrameSource OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The source MAC address carried in the
most recently received EAPOL frame."
REFERENCE
"9.4.2, Last EAPOL frame source"
::= { swDot1xAuthStatsEntry 12 }
-- -----------------------------------------------------------------------------
-- The Dot1x Authenticator Diagnostics Table
-- -----------------------------------------------------------------------------
swDot1xAuthDiagTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwDot1xAuthDiagEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains the diagnostics objects for the
Authenticator PAE associated with each host. An entry
appears in this table for each MAC address that may
authenticate access to itself."
::= { swMacAuthBaseStatsInfo 7 }
swDot1xAuthDiagEntry OBJECT-TYPE
SYNTAX SwDot1xAuthDiagEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The diagnostics information for an Authenticator PAE."
INDEX {swDot1xAuthPortNumber ,swDot1xAuthVID ,swDot1xAuthMACAddress}
::= { swDot1xAuthDiagTable 1 }
SwDot1xAuthDiagEntry ::=
SEQUENCE {
swDot1xAuthEntersConnecting
Counter32,
swDot1xAuthEapLogoffsWhileConnecting
Counter32,
swDot1xAuthEntersAuthenticating
Counter32,
swDot1xAuthAuthSuccessWhileAuthenticating
Counter32,
swDot1xAuthAuthTimeoutsWhileAuthenticating
Counter32,
swDot1xAuthAuthFailWhileAuthenticating
Counter32,
swDot1xAuthAuthReauthsWhileAuthenticating
Counter32,
swDot1xAuthAuthEapStartsWhileAuthenticating
Counter32,
swDot1xAuthAuthEapLogoffWhileAuthenticating
Counter32,
swDot1xAuthAuthReauthsWhileAuthenticated
Counter32,
swDot1xAuthAuthEapStartsWhileAuthenticated
Counter32,
swDot1xAuthAuthEapLogoffWhileAuthenticated
Counter32,
swDot1xAuthBackendResponses
Counter32,
swDot1xAuthBackendAccessChallenges
Counter32,
swDot1xAuthBackendOtherRequestsToSupplicant
Counter32,
swDot1xAuthBackendNonNakResponsesFromSupplicant
Counter32,
swDot1xAuthBackendAuthSuccesses
Counter32,
swDot1xAuthBackendAuthFails
Counter32
}
swDot1xAuthEntersConnecting OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions to a CONNECTING state from any other
state."
REFERENCE
"9.4.2, 8.5.4.2.1"
::= { swDot1xAuthDiagEntry 1 }
swDot1xAuthEapLogoffsWhileConnecting OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from CONNECTING to DISCONNECTED as a result
of receiving an EAPOL-Logoff message."
REFERENCE
"9.4.2, 8.5.4.2.2"
::= { swDot1xAuthDiagEntry 2 }
swDot1xAuthEntersAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from CONNECTING to AUTHENTICATING, as a
result of an EAP-Response/Identity message being
received from the Supplicant."
REFERENCE
"9.4.2, 8.5.4.2.3"
::= { swDot1xAuthDiagEntry 3 }
swDot1xAuthAuthSuccessWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to AUTHENTICATED, as a
result of the Backend Authentication state machine,
indicating successful authentication of the Supplicant
(authSuccess = TRUE)."
REFERENCE
"9.4.2, 8.5.4.2.4"
::= { swDot1xAuthDiagEntry 4 }
swDot1xAuthAuthTimeoutsWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to ABORTING, as a result
of the Backend Authentication state machine indicating
an authentication timeout (authTimeout = TRUE)."
REFERENCE
"9.4.2, 8.5.4.2.5"
::= { swDot1xAuthDiagEntry 5 }
swDot1xAuthAuthFailWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to HELD, as a result
of the Backend Authentication state machine indicating
an authentication failure (authFail = TRUE)."
REFERENCE
"9.4.2, 8.5.4.2.6"
::= { swDot1xAuthDiagEntry 6 }
swDot1xAuthAuthReauthsWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to ABORTING, as a result
of a reauthentication request (reAuthenticate = TRUE)."
REFERENCE
"9.4.2, 8.5.4.2.7"
::= { swDot1xAuthDiagEntry 7 }
swDot1xAuthAuthEapStartsWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to ABORTING, as a result
of an EAPOL-Start message being received
from the Supplicant."
REFERENCE
"9.4.2, 8.5.4.2.8"
::= { swDot1xAuthDiagEntry 8 }
swDot1xAuthAuthEapLogoffWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to ABORTING, as a result
of an EAPOL-Logoff message being received
from the Supplicant."
REFERENCE
"9.4.2, 8.5.4.2.9"
::= { swDot1xAuthDiagEntry 9 }
swDot1xAuthAuthReauthsWhileAuthenticated OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATED to CONNECTING, as a
result of a reauthentication request
(reAuthenticate = TRUE)."
REFERENCE
"9.4.2, 8.5.4.2.10"
::= { swDot1xAuthDiagEntry 10 }
swDot1xAuthAuthEapStartsWhileAuthenticated OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATED to CONNECTING, as a
result of an EAPOL-Start message being received from the
Supplicant."
REFERENCE
"9.4.2, 8.5.4.2.11"
::= { swDot1xAuthDiagEntry 11 }
swDot1xAuthAuthEapLogoffWhileAuthenticated OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATED to DISCONNECTED, as a
result of an EAPOL-Logoff message being received from
the Supplicant."
REFERENCE
"9.4.2, 8.5.4.2.12"
::= { swDot1xAuthDiagEntry 12 }
swDot1xAuthBackendResponses OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine sends
an initial Access-Request packet to the Authentication
server (i.e., executes sendRespToServer on entry to the
RESPONSE state). Indicates that the Authenticator
attempted communication with the Authentication Server."
REFERENCE
"9.4.2, 8.5.6.2.1"
::= { swDot1xAuthDiagEntry 13 }
swDot1xAuthBackendAccessChallenges OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
receives an initial Access-Challenge packet from the
Authentication server (i.e., aReq becomes TRUE,
causing exit from the RESPONSE state). Indicates that
the Authentication Server has communication with
the Authenticator."
REFERENCE
"9.4.2, 8.5.6.2.2"
::= { swDot1xAuthDiagEntry 14 }
swDot1xAuthBackendOtherRequestsToSupplicant OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
sends an EAP-Request packet (other than an Identity,
Notification, Failure or Success message) to the
Supplicant (i.e., executes txReq on entry to the
REQUEST state). Indicates that the Authenticator chose
an EAP-method."
REFERENCE
"9.4.2, 8.5.6.2.3"
::= { swDot1xAuthDiagEntry 15 }
swDot1xAuthBackendNonNakResponsesFromSupplicant OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
receives a response from the Supplicant to an initial
EAP-Request, and the response is something other than
EAP-NAK (i.e., rxResp becomes TRUE, causing the state
machine to transition from REQUEST to RESPONSE,
and the response is not an EAP-NAK). Indicates that
the Supplicant can respond to the Authenticator's
chosen EAP-method."
REFERENCE
"9.4.2, 8.5.6.2.4"
::= { swDot1xAuthDiagEntry 16 }
swDot1xAuthBackendAuthSuccesses OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
receives an EAP-Success message from the Authentication
Server (i.e., a Success becomes TRUE, causing a
transition from RESPONSE to SUCCESS). Indicates that
the Supplicant has successfully authenticated to
the Authentication Server."
REFERENCE
"9.4.2, 8.5.6.2.5"
::= { swDot1xAuthDiagEntry 17 }
swDot1xAuthBackendAuthFails OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
receives an EAP-Failure message from the Authentication
Server (i.e., a Fail becomes TRUE, causing a transition
from RESPONSE to FAIL). Indicates that the Supplicant
has not authenticated to the Authentication Server."
REFERENCE
"9.4.2, 8.5.6.2.6"
::= { swDot1xAuthDiagEntry 18 }
-- -----------------------------------------------------------------------------
-- The Dot1x Authenticator Session Statistics Table
-- -----------------------------------------------------------------------------
swDot1xAuthSessionStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwDot1xAuthSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains the session statistics objects
for the Authenticator PAE associated with each host.
An entry appears in this table for each host that may
authenticate access to itself."
::= { swMacAuthBaseStatsInfo 8 }
swDot1xAuthSessionStatsEntry OBJECT-TYPE
SYNTAX SwDot1xAuthSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The session statistics information for an Authenticator
PAE. This shows the current values being collected for
each session that is still in progress, or the final
values for the last valid session on each host where
there is no session currently active."
INDEX {swDot1xAuthPortNumber ,swDot1xAuthVID ,swDot1xAuthMACAddress}
::= { swDot1xAuthSessionStatsTable 1 }
SwDot1xAuthSessionStatsEntry ::=
SEQUENCE {
swDot1xAuthSessionOctetsRx
Counter64,
swDot1xAuthSessionOctetsTx
Counter64,
swDot1xAuthSessionFramesRx
Counter32,
swDot1xAuthSessionFramesTx
Counter32,
swDot1xAuthSessionId
SnmpAdminString,
swDot1xAuthSessionAuthenticMethod
INTEGER,
swDot1xAuthSessionTime
TimeTicks,
swDot1xAuthSessionTerminateCause
INTEGER,
swDot1xAuthSessionUserName
SnmpAdminString
}
swDot1xAuthSessionOctetsRx OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of octets received in user data
frames from this host during the session."
REFERENCE
"9.4.4, Session Octets Received"
::= { swDot1xAuthSessionStatsEntry 1 }
swDot1xAuthSessionOctetsTx OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of octets transmitted in user data
frames to this host during the session."
::= { swDot1xAuthSessionStatsEntry 2 }
swDot1xAuthSessionFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of user data frames received
from this host during the session."
::= { swDot1xAuthSessionStatsEntry 3 }
swDot1xAuthSessionFramesTx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of user data frames transmitted
to this host during the session."
REFERENCE
"9.4.4, Session Frames Transmitted"
::= { swDot1xAuthSessionStatsEntry 4 }
swDot1xAuthSessionId OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique identifier for the session, in the
form of a printable ASCII string of at least
three characters."
REFERENCE
"9.4.4, Session Identifier"
::= { swDot1xAuthSessionStatsEntry 5 }
swDot1xAuthSessionAuthenticMethod OBJECT-TYPE
SYNTAX INTEGER {
remoteAuthServer(1),
localAuthServer(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The authentication method used to establish the
session."
REFERENCE
"9.4.4, Session Authentication Method"
::= { swDot1xAuthSessionStatsEntry 6 }
swDot1xAuthSessionTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The duration of the session in units of hundredth of a second."
REFERENCE
"9.4.4, Session Time"
::= { swDot1xAuthSessionStatsEntry 7 }
swDot1xAuthSessionTerminateCause OBJECT-TYPE
SYNTAX INTEGER {
supplicantLogoff(1),
portFailure(2),
supplicantRestart(3),
reauthFailed(4),
authControlForceUnauth(5),
portReInit(6),
portAdminDisabled(7),
notTerminatedYet(999)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The reason for the session termination."
REFERENCE
"9.4.4, Session Terminate Cause"
::= { swDot1xAuthSessionStatsEntry 8 }
swDot1xAuthSessionUserName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The User-Name representing the identity of the
Supplicant PAE."
REFERENCE
"9.4.4, Session User Name"
::= { swDot1xAuthSessionStatsEntry 9 }
-- -----------------------------------------------------------------------------
-- The swRadiusCommand
-- -----------------------------------------------------------------------------
swRadiusForceDownPortNumber OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The port number on which the RADIUS server is forced to terminate the network
service."
::= { swRadiusCommand 1}
swRadiusForceDownMacAddr OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The user's MAC address on which the RADIUS server is forced to terminate
the network service."
::= { swRadiusCommand 2 }
-- -----------------------------------------------------------------------------
-- The Authenticator Port Table
-- -----------------------------------------------------------------------------
swAuthenticatedPortCtrlTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwAuthenticatedPortCtrlEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table used to configure the port's 802.1x capability."
::= { swAuthenticatedPortInfo 1 }
swAuthenticatedPortCtrlEntry OBJECT-TYPE
SYNTAX SwAuthenticatedPortCtrlEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The Port number and authenticator control for a Port."
INDEX { swAuthenticatedPortNumber }
::= { swAuthenticatedPortCtrlTable 1 }
SwAuthenticatedPortCtrlEntry ::=
SEQUENCE {
swAuthenticatedPortNumber
INTEGER,
swAuthenticatedPortCapabilities
INTEGER
}
swAuthenticatedPortNumber OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The Authenticated Port number associated with this Port."
::= { swAuthenticatedPortCtrlEntry 1 }
swAuthenticatedPortCapabilities OBJECT-TYPE
SYNTAX INTEGER {
none(1),
authenticator(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicates the PAE functionality that this Port
supports and that it may be managed through this MIB."
::= { swAuthenticatedPortCtrlEntry 2 }
-- -----------------------------------------------------------------------------
-- The Mac Based Pae Port Table
-- -----------------------------------------------------------------------------
swMacBasedPaePortTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwMacBasedPaePortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table of system level information for each port
supported by the MAC-based Port Access Entity. An entry appears
in this table for each port of this system."
::= { swMacBasedPaePortInfo 1 }
swMacBasedPaePortEntry OBJECT-TYPE
SYNTAX SwMacBasedPaePortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The port number, protocol version and
initialization control for a Port by MAC based mode."
INDEX { swMacBasedPaePortNumber }
::= { swMacBasedPaePortTable 1 }
SwMacBasedPaePortEntry ::=
SEQUENCE {
swMacBasedPaePortNumber
InterfaceIndex,
swMacBasedPaeMacAddress
MacAddress,
swMacBasedPaePortInitializeOrReauthStatus
INTEGER
}
swMacBasedPaePortNumber OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The port number associated with this Port."
::= { swMacBasedPaePortEntry 1 }
swMacBasedPaeMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the MAC address used to initialize the 802.1X authentication
state machine of some or all ports or used to reauthenticate the
device connected to the port."
::= { swMacBasedPaePortEntry 2 }
swMacBasedPaePortInitializeOrReauthStatus OBJECT-TYPE
SYNTAX INTEGER {
other(1),
initialize(2),
reauthenticate(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This is used to execute MAC-Based Port initialization or reauthentication,
so it is necessary to set swMacBasedPaeMacAddress before this action can
be initialized.
Choosing 'initialize' causes the port to be initialized in MAC-based mode.
Choosing 'reauthenticate' causes the port to be reauthenticated in
MAC-based mode.
The attribute value reverts to 'other' once the initialization or
reauthentication has been done."
::= { swMacBasedPaePortEntry 3 }
-- -----------------------------------------------------------------------------
swMacBasedPaeTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwMacBasedPaeEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table used to reauthenticate or initialize a host."
::= { swMacBasedPaePortInfo 2 }
swMacBasedPaeEntry OBJECT-TYPE
SYNTAX SwMacBasedPaeEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The port number, MAC address and
initialization or reauthentication control for a host by MAC based mode."
INDEX { swMacBasedPaePort, swMacBasedPaeMac }
::= { swMacBasedPaeTable 1 }
SwMacBasedPaeEntry ::=
SEQUENCE {
swMacBasedPaePort
InterfaceIndex,
swMacBasedPaeMac
MacAddress,
swMacBasedPaeInitOrReauthStatus
INTEGER
}
swMacBasedPaePort OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The port number associated with this Port."
::= { swMacBasedPaeEntry 1 }
swMacBasedPaeMac OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Specifies the MAC address used to initialize the 802.1X authentication
state machine of the host or used to reauthenticate the
host on the port."
::= { swMacBasedPaeEntry 2 }
swMacBasedPaeInitOrReauthStatus OBJECT-TYPE
SYNTAX INTEGER {
other(1),
initialize(2),
reauthenticate(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This is used to execute MAC-based Port initialization or reauthentication.
Choosing 'initialize' causes the host to be initialized in MAC-based mode.
Choosing 'reauthenticate' causes the host to be reauthenticated in
MAC-based mode.
The attribute value reverts to 'other' once the initialization or
reauthentication has been done."
::= { swMacBasedPaeEntry 3 }
-- -----------------------------------------------------------------------------
-- swPaeAuthenticator
-- -----------------------------------------------------------------------------
swPaeAuthSysFwdPdu OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the global setting to control the
forwarding of the EAPOL PDU."
::= { swPaeAuthenticator 1 }
swPaeAuthSysMaxUser OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the global limitation on the maximum
number of users that can be learned via 802.1X authentication.
The maximum entry range is (0..N), the value N means the maximum number. It is determined by the project itself.
Value 0 means no-limit."
::= { swPaeAuthenticator 2 }
swPaeAuthConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwPaeAuthConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains the configuration objects for the
Authenticator PAE associated with each port.
An entry appears in this table for each port that may
authenticate access to itself."
::= { swPaeAuthenticator 3 }
-- -----------------------------------------------------------------------------
-- The Authenticator State Table
-- -----------------------------------------------------------------------------
swAuthStateTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwAuthStateEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains the status objects for the
Authenticator PAE associated with each host. An
entry appears in this table for each host that may
authenticate access to itself."
::= { swPaeAuthenticator 4 }
swAuthStateEntry OBJECT-TYPE
SYNTAX SwAuthStateEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The information for an Authenticator PAE."
INDEX {swAuthPortNumber ,swAuthMacAddress}
::= { swAuthStateTable 1 }
SwAuthStateEntry ::=
SEQUENCE {
swAuthPortNumber
InterfaceIndex,
swAuthMacAddress
MacAddress,
swAuthAuthControlledStatus
INTEGER,
swAuthAssignVid
INTEGER,
swAuthAssignPriority
INTEGER,
swAuthenticatorPAEState
INTEGER,
swAuthBKdAuthState
INTEGER
}
swAuthPortNumber OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The PAE Port number associated with this Port."
::= { swAuthStateEntry 1 }
swAuthMacAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The address associated with this MAC address."
::= { swAuthStateEntry 2 }
swAuthAuthControlledStatus OBJECT-TYPE
SYNTAX INTEGER {
authenticating(1),
authorized(2),
unauthorized(3)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The authenticate state of the host."
::= { swAuthStateEntry 3}
swAuthAssignVid OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The VID assigned by the RADIUS server."
::= { swAuthStateEntry 4 }
swAuthAssignPriority OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The priority assigned by the RADIUS server."
::= { swAuthStateEntry 5 }
swAuthenticatorPAEState OBJECT-TYPE
SYNTAX INTEGER {
initialize(1),
disconnected(2),
connecting(3),
authenticating(4),
authenticated(5),
aborting(6),
held(7),
forceAuth(8),
forceUnauth(9)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current value of the Authenticator PAE state
machine."
::= { swAuthStateEntry 6 }
swAuthBKdAuthState OBJECT-TYPE
SYNTAX INTEGER {
request(1),
response(2),
success(3),
fail(4),
timeout(5),
idle(6),
initialize(7)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current state of the Backend Authentication
state machine."
::= { swAuthStateEntry 7 }
-- -----------------------------------------------------------------------------
-- The Authenticator Config Entry
-- -----------------------------------------------------------------------------
swPaeAuthConfigEntry OBJECT-TYPE
SYNTAX SwPaeAuthConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The configuration information for an Authenticator PAE."
INDEX { dot1xPaePortNumber }
::= { swPaeAuthConfigTable 1 }
SwPaeAuthConfigEntry ::=
SEQUENCE {
swPaeAuthFwdPdu
INTEGER,
swPaeAuthMaxUser
INTEGER
}
swPaeAuthFwdPdu OBJECT-TYPE
SYNTAX INTEGER{
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the per port setting to control the
forwarding of EAPOL PDU."
::= { swPaeAuthConfigEntry 1 }
swPaeAuthMaxUser OBJECT-TYPE
SYNTAX INTEGER
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the limitation on the maximum number
of users by port.
The max entry range is (0..N), the value N means the max number. It is determined by project itself.
Value 0 means no-limit."
::= { swPaeAuthConfigEntry 2 }
-- -----------------------------------------------------------------------------
-- swCompoundAuthMgmt OBJECT IDENTIFIER ::= { swAuthCtrl 11 }
-- -----------------------------------------------------------------------------
-- -------------------------------------------------------------
-- The Compound authentication configure
-- -------------------------------------------------------------
swCompoundAuthPortTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwCompoundAuthPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains compound authentication information for each port."
::= { swCompoundAuthMgmt 1 }
swCompoundAuthPortEntry OBJECT-TYPE
SYNTAX SwCompoundAuthPortEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The compound authentication configuration information for a port."
INDEX { swCompoundAuthPortIndex }
::= { swCompoundAuthPortTable 1 }
SwCompoundAuthPortEntry ::=
SEQUENCE {
swCompoundAuthPortIndex
INTEGER,
swCompoundAuthPortAuthMode
INTEGER,
swCompoundAuthPortMethod
INTEGER,
swCompoundAuthPortAuthVLANs
DisplayString
}
swCompoundAuthPortIndex OBJECT-TYPE
SYNTAX INTEGER(1..65535)
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The compound authentication port number associated with this port."
::= { swCompoundAuthPortEntry 1 }
swCompoundAuthPortAuthMode OBJECT-TYPE
SYNTAX INTEGER{
hostbased(1),
portbased(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object sets the authorization mode.
Port-based:
If one of the attached hosts passes the authentication,
all the hosts on the same port will be granted access to the network.
If the user fails the authorization, this port will keep
trying the next authentication.
Host-based:
Every user can be authenticated individually.
The client can start authentication on specific authentication VLAN(s)."
DEFVAL {portbased}
::= { swCompoundAuthPortEntry 2 }
swCompoundAuthPortMethod OBJECT-TYPE
SYNTAX INTEGER {
none(1),
any(2),
dot1xImpb(3),
impbJwac(4),
impbWac(5),
macImpb(6),
macJwac(7)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object sets the method for compound authentication settings.
None:
The system level setting of individual authentication still takes effect.
Thus suppose that the compound authentication method of a port is set to any
but MAC-AC is disabled, JWAC and 802.1x enabled, then the user must pass either the JWAC or 802.1x method.
The following is the relation of the compound authentication method
and the configuration of the individual authentication method.
(1) If compound authentication methods is not set to none:
The port's authentication method will depend on the compound authentication method.
An individual authentication method's setting is ignored.
(2) If compound authentication methods is set to none:
This port is in single-auth mode. The port's authentication method
will depend on the individual authentication method's setting.
Any:
If any one of the authentication methods (802.1x, MAC-AC, WAC and JWAC)
passes, then pass.
dot1xImpb:
Dot1x will be verified first, and then IMPB will be verified.
Both authentication methods need to be passed to make the authentication successful.
impbJwac:
IMPB will be verified first, and then JWAC will be verified.
Both authentication methods need to be passed to make the authentication successful.
impbWac:
IMPB will be verified first, and then WAC will be verified.
Both authentication methods need to be passed to make the authentication successful.
macImpb:
MAC-AC will be verified first, and then IMPB will be verified.
Both authentication methods need to be passed to make the authentication successful.
macJwac:
MAC-AC will be verified first. If client passed MAC authentication, JWAC will be verified.
Both authentication methods need to be passed to make the authentication successful."
DEFVAL {none}
::= { swCompoundAuthPortEntry 3 }
swCompoundAuthPortAuthVLANs OBJECT-TYPE
SYNTAX DisplayString
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object sets the Authentication VLAN(s).
If the authentication VLAN is not specified,
It means to not care which VLAN the client comes from,
the client will be authenticated if the client's MAC (not care the VLAN) is not authenticated.
After the client is authenticated, the client will not be reauthenticated when received from other VLANs.
When the port's authorization mode is changed to port based, previously authentication VLAN(s) on this port will be cleared.
Note:
For the compound VLAN specification, the value should be separated by ',' or '-'.
Such as: 1,4,7 or 1,4,7-9 ."
::= { swCompoundAuthPortEntry 4 }
-- -------------------------------------------------------------
-- The Guest VLAN Database
-- -------------------------------------------------------------
swGuestVlanTable OBJECT-TYPE
SYNTAX SEQUENCE OF SwGuestVlanEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table containing configuration information for
guest VLANs configured into the device by local or
network management. All entries are permanent and will
be restored after the device reset."
::= { swCompoundAuthMgmt 2 }
swGuestVlanEntry OBJECT-TYPE
SYNTAX SwGuestVlanEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Information for a guest VLAN configured into the
device by local or network management."
INDEX { swGuestVlanId }
::= { swGuestVlanTable 1 }
SwGuestVlanEntry ::=
SEQUENCE {
swGuestVlanId
VlanId,
swGuestVlanPorts
PortList,
swGuestVlanRowStatus
RowStatus
}
swGuestVlanId OBJECT-TYPE
SYNTAX VlanId
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The VLAN ID referring to this guest VLAN."
::= { swGuestVlanEntry 1 }
swGuestVlanPorts OBJECT-TYPE
SYNTAX PortList
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The set of ports which are permanently assigned to the
guest VLAN member for this guest VLAN by management.
Note:
For on-going projects which need to support old-style commands as well,
the rules for guest VLAN setting are:
(1) Compound authentication mode is not none: You need to specify the guest VLAN by this command
or individual authentication method's guest VLAN setting will be ignored.
(2) Compound authentication mode is none: This port is in single authentication mode.
Individual authentications use their guest VLAN settings configured
by their individual guest VLAN commands. The setting of config guest_vlan will be ignored"
::= { swGuestVlanEntry 2 }
swGuestVlanRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the status of this entry."
::= { swGuestVlanEntry 3 }
-- -------------------------------------------------------------
-- System Authorization Attributes
-- -------------------------------------------------------------
swAuthorizationAttributes OBJECT-TYPE
SYNTAX INTEGER {
enabled(1),
disabled(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the authorization status.
When the authorization for attributes is enabled,
whether the authorized attributes (for example VLAN, 802.1p default priority, and ACL)
assigned by the RADIUS server or local database will be accepted or not
will depend on the individual module setting. "
::= { swCompoundAuthMgmt 3 }
-- -------------------------------------------------------------
-- Authentication Server Failover
-- -------------------------------------------------------------
swAuthServerFailoverState OBJECT-TYPE
SYNTAX INTEGER {
block(1),
local(2),
permit(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the authentication server failover state.
block: Block the client.
local: Use the local DB to authenticate the client.
permit: The client is always regarded as authenticated."
DEFVAL {block}
::= { swCompoundAuthMgmt 4 }
-- -------------------------------------------------------------
-- Authentication MAC format
-- -------------------------------------------------------------
swAuthMACFormatCase OBJECT-TYPE
SYNTAX INTEGER {
uppercase(1),
lowercase(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the case format of the authentication MAC address for RADIUS authentication.
uppercase: Using uppercase format, the formatted is: AA-BB-CC-DD-EE-FF.
lowercase: Using lowercase format, the formatted is: aa-bb-cc-dd-ee-ff."
DEFVAL {uppercase}
::= { swCompoundAuthMgmt 5 }
swAuthMACFormatDelimiter OBJECT-TYPE
SYNTAX INTEGER {
none(1),
hyphen(2),
colon(3),
dot(4)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the delimiter format of authentication MAC address for RADIUS authentication.
none: Not using any delimiter, the format is: AABBCCDDEEFF
hyphen: Using '-' as delimiter, the format is: AA-BB-CC-DD-EE-FF
colon: Using ':' as delimiter, the format is: AA:BB:CC:DD:EE:FF
dot: Using '.' as delimiter, the format is: AA.BB.CC.DD.EE.FF"
DEFVAL {none}
::= { swCompoundAuthMgmt 6 }
swAuthMACFormatDelimiterNumber OBJECT-TYPE
SYNTAX INTEGER {
delimiter-number-1(1),
delimiter-number-2(2),
delimiter-number-5(3)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object indicates the delimiter number of authentication MAC address for RADIUS authentication.
delimiter-number-1: single delimiter, the format is: AABBCC.DDEEFF
delimiter-number-2: double delimiter, the format is: AABB.CCDD.EEFF
delimiter-number-5: multiple delimiter, the format is: AA.BB.CC.DD.EE.FF
Note: while swAuthMACFormatDelimiter is none(1), the delimiter number will not take effect."
::= { swCompoundAuthMgmt 7 }
END
View Git Blame Copy Permalink