mirror of
https://github.com/librenms/librenms.git
synced 2024-09-21 10:28:13 +00:00
133cf294b4
* Add NAC support for Powerconnect * Fix code style issues * Fix more code style issues * Rename mibs
1327 lines
57 KiB
Plaintext
1327 lines
57 KiB
Plaintext
DNOS-AUTHENTICATION-MANAGER-MIB DEFINITIONS ::= BEGIN
|
|
|
|
-- Broadcom FastPath Authentication Manager MIB
|
|
-- Copyright 2016-2020 Broadcom.
|
|
-- This SNMP Management Information Specification
|
|
-- embodies Broadcom's confidential and proprietary
|
|
-- intellectual property. Broadcom retains all title
|
|
-- and ownership in the Specification including any revisions.
|
|
|
|
-- This Specification is supplied "AS IS", Broadcom
|
|
-- makes no warranty, either expressed or implied,
|
|
-- as to the use, operation, condition, or performance of the
|
|
-- Specification.
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
|
|
TimeTicks, Unsigned32
|
|
FROM SNMPv2-SMI
|
|
MacAddress, TEXTUAL-CONVENTION, DateAndTime, RowStatus, TruthValue
|
|
FROM SNMPv2-TC
|
|
DisplayString FROM RFC1213-MIB
|
|
ifIndex FROM IF-MIB
|
|
InterfaceIndex FROM IF-MIB
|
|
dnOS FROM DELL-REF-MIB;
|
|
|
|
fastPathAuthMgr MODULE-IDENTITY
|
|
|
|
LAST-UPDATED "202010080000Z" -- 08 October 2020 12:00:00 GMT
|
|
ORGANIZATION "Dell EMC"
|
|
CONTACT-INFO ""
|
|
DESCRIPTION
|
|
"The Dell Networking Private MIB for Authentication Manager"
|
|
|
|
-- Revision history.
|
|
REVISION
|
|
"202010080000Z" -- 08 October 2020 12:00:00 GMT
|
|
DESCRIPTION
|
|
"Added new objects agentAuthMgrClientLinkSecPolicy and agentAuthMgrPortLinkSecPolicy.
|
|
Added new object agentAuthMgrClientSessionTimeLeft in the agentAuthMgrClientStatusTable."
|
|
REVISION
|
|
"202008250000Z" -- 25 August 2020 12:00:00 GMT
|
|
DESCRIPTION
|
|
"Added new object agentAuthMgrPortAuthControlDirection in
|
|
agentAuthMgrInterfaceConfigAuthenticationTable."
|
|
|
|
REVISION
|
|
"201812260000Z" -- 26 December 2018 12:00:00 GMT
|
|
DESCRIPTION
|
|
"Added new object agentAuthMgrPortAuthenticationOpen and enum value open-success.
|
|
Added new objects agentAuthMgrClientRedirectACL and agentAuthMgrClientRedirectURL."
|
|
REVISION
|
|
"201809240000Z" -- 24 September 2018 12:00:00 GMT
|
|
DESCRIPTION
|
|
"Added new object agentAuthMgrPortUnauthDHCPAllow."
|
|
REVISION
|
|
"201805150000Z" -- 15 May 2018 12:00:00 GMT
|
|
DESCRIPTION
|
|
"Added new objects. Most have relocated here from dot1xAdvanced MIB due to
|
|
Dot1x/AuthManager code re-architecture."
|
|
REVISION
|
|
"201709050000Z" -- 05 September 2017 12:00:00 GMT
|
|
DESCRIPTION
|
|
"Corrected the SYNTAX for agentAuthMgrAuthHistoryResultAuthMethod."
|
|
REVISION
|
|
"201212280000Z" -- 28 December 2012 12:00:00 GMT
|
|
DESCRIPTION
|
|
"Initial version."
|
|
|
|
::= { dnOS 61 }
|
|
|
|
|
|
AuthMgrPortControlMode ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The control values of the Authenticator PAE controlled
|
|
Port."
|
|
SYNTAX INTEGER {
|
|
forceUnauthorized(1),
|
|
auto(2),
|
|
forceAuthorized(3)
|
|
}
|
|
|
|
AuthMgrPortHostMode ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The host mode values of the Authenticator PAE controlled
|
|
Port."
|
|
SYNTAX INTEGER {
|
|
singleHost(1),
|
|
multiHost(2),
|
|
multiAuth(3),
|
|
multiDomain(4),
|
|
multiDomainMultiHost(5)
|
|
}
|
|
|
|
AuthMgrSessionTerminationAction ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action to be taken on session termination ."
|
|
SYNTAX INTEGER {
|
|
default(1),
|
|
reauthenticate(2)
|
|
}
|
|
|
|
--**************************************************************************************
|
|
-- agentAuthMgrGlobalConfigGroup
|
|
--**************************************************************************************
|
|
|
|
agentAuthMgrGlobalConfigGroup OBJECT IDENTIFIER ::= { fastPathAuthMgr 1 }
|
|
|
|
agentAuthMgrAdminMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable or disable the authentication manager feature on the system."
|
|
::= { agentAuthMgrGlobalConfigGroup 1 }
|
|
|
|
agentAuthMgrRadiusVlanAssignment OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable/Disable authentication manager VLAN assignment support on the switch."
|
|
::= { agentAuthMgrGlobalConfigGroup 2 }
|
|
|
|
agentAuthMgrDynamicVlanCreationMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable/Disable authentication manager dynamic VLAN creation Support on the switch."
|
|
::= { agentAuthMgrGlobalConfigGroup 3 }
|
|
|
|
agentAuthMgrCriticalRecoveryMaxReauth OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the maximum number of client reauthentications that can be triggered
|
|
per second when the the Dead or Alive server actions are configured to
|
|
'reinitialze' and a RADIUS server state change happens, i.e. all servers are
|
|
marked dead or one server comes back alive after all were marked dead."
|
|
::= { agentAuthMgrGlobalConfigGroup 4}
|
|
|
|
|
|
--**************************************************************************************
|
|
-- agentAuthMgrInterfaceConfigGroup
|
|
--**************************************************************************************
|
|
|
|
agentAuthMgrInterfaceConfigGroup OBJECT IDENTIFIER ::= { fastPathAuthMgr 2 }
|
|
|
|
agentAuthMgrInterfaceConfigMethodTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AgentAuthMgrInterfaceConfigMethodEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interface configuration for authentication manager"
|
|
::= { agentAuthMgrInterfaceConfigGroup 1 }
|
|
|
|
agentAuthMgrInterfaceConfigMethodEntry OBJECT-TYPE
|
|
SYNTAX AgentAuthMgrInterfaceConfigMethodEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authentication manager interface config entry."
|
|
INDEX { agentAuthMgrIfIndex, methodIndex}
|
|
::= { agentAuthMgrInterfaceConfigMethodTable 1 }
|
|
|
|
AgentAuthMgrInterfaceConfigMethodEntry ::= SEQUENCE {
|
|
agentAuthMgrIfIndex
|
|
InterfaceIndex,
|
|
methodIndex
|
|
Unsigned32,
|
|
agentAuthMgrMethodOrder
|
|
INTEGER,
|
|
agentAuthMgrMethodPriority
|
|
INTEGER
|
|
}
|
|
|
|
agentAuthMgrIfIndex OBJECT-TYPE
|
|
SYNTAX InterfaceIndex
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interface index for which the authentication manager config is required."
|
|
::= { agentAuthMgrInterfaceConfigMethodEntry 1 }
|
|
|
|
methodIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of the configuration method."
|
|
|
|
::= { agentAuthMgrInterfaceConfigMethodEntry 2 }
|
|
|
|
agentAuthMgrMethodOrder OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
undefined(0),
|
|
dot1x(1),
|
|
mab(2)
|
|
,captivePortal(3)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authentication methods allowed for order configuration."
|
|
DEFVAL { undefined }
|
|
|
|
::= { agentAuthMgrInterfaceConfigMethodEntry 3 }
|
|
|
|
agentAuthMgrMethodPriority OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
undefined(0),
|
|
dot1x(1),
|
|
mab(2)
|
|
,captivePortal(3)
|
|
}
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authentication methods allowed for priority configuration."
|
|
DEFVAL { undefined }
|
|
|
|
::= { agentAuthMgrInterfaceConfigMethodEntry 4 }
|
|
|
|
|
|
agentAuthMgrInterfaceConfigTimerTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AgentAuthMgrInterfaceConfigTimerEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interface configuration for authentication manager"
|
|
::= { agentAuthMgrInterfaceConfigGroup 2 }
|
|
|
|
|
|
agentAuthMgrInterfaceConfigTimerEntry OBJECT-TYPE
|
|
SYNTAX AgentAuthMgrInterfaceConfigTimerEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Authentication Manager Interface config entry."
|
|
INDEX { agentAuthMgrTimerIfIndex}
|
|
::= { agentAuthMgrInterfaceConfigTimerTable 1 }
|
|
|
|
AgentAuthMgrInterfaceConfigTimerEntry ::= SEQUENCE {
|
|
agentAuthMgrTimerIfIndex
|
|
InterfaceIndex,
|
|
agentAuthMgrRestart
|
|
Unsigned32
|
|
}
|
|
agentAuthMgrTimerIfIndex OBJECT-TYPE
|
|
SYNTAX InterfaceIndex
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interface ifIndex for which the authentication manager config is required."
|
|
::= { agentAuthMgrInterfaceConfigTimerEntry 1 }
|
|
|
|
agentAuthMgrRestart OBJECT-TYPE
|
|
SYNTAX Unsigned32 (10..65535)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authentication restart timer value."
|
|
DEFVAL { 30 }
|
|
::= { agentAuthMgrInterfaceConfigTimerEntry 2 }
|
|
|
|
agentAuthMgrInterfaceConfigAuthenticationTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AgentAuthMgrInterfaceConfigAuthenticationEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interface authentication configuration for authentication manager"
|
|
::= { agentAuthMgrInterfaceConfigGroup 3 }
|
|
|
|
agentAuthMgrInterfaceConfigAuthenticationEntry OBJECT-TYPE
|
|
SYNTAX AgentAuthMgrInterfaceConfigAuthenticationEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authentication manager interface authentication config entry."
|
|
INDEX { agentAuthMgrIfIndex}
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationTable 1 }
|
|
|
|
AgentAuthMgrInterfaceConfigAuthenticationEntry ::= SEQUENCE {
|
|
agentAuthMgrPortControlMode
|
|
AuthMgrPortControlMode,
|
|
agentAuthMgrPortHostMode
|
|
AuthMgrPortHostMode,
|
|
agentAuthMgrPortNoResponseVlanId
|
|
Unsigned32,
|
|
agentAuthMgrPortAuthFailVlanId
|
|
Unsigned32,
|
|
agentAuthMgrPortMaxUsers
|
|
Unsigned32,
|
|
agentAuthMgrPortAuthViolationMode
|
|
INTEGER,
|
|
agentAuthMgrPortCriticalVlanId
|
|
Unsigned32,
|
|
agentAuthMgrPortAuthServerDeadAction
|
|
INTEGER,
|
|
agentAuthMgrPortAuthServerAliveAction
|
|
INTEGER
|
|
,agentAuthMgrPortAuthServerDeadVoiceAction
|
|
INTEGER
|
|
,agentAuthMgrPortInitialize
|
|
TruthValue
|
|
,agentAuthMgrPortUnauthDHCPAllow
|
|
INTEGER
|
|
,agentAuthMgrPortAuthenticationOpen
|
|
INTEGER
|
|
,agentAuthMgrPortAuthControlDirection
|
|
INTEGER
|
|
,agentAuthMgrPortLinkSecPolicy
|
|
INTEGER
|
|
}
|
|
|
|
agentAuthMgrPortControlMode OBJECT-TYPE
|
|
SYNTAX AuthMgrPortControlMode
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Port Control mode of this port.
|
|
The port control mode for this interface can take the following values:
|
|
forceUnauthorized(1) - the port is in unauthorized mode,
|
|
auto(2) - Authentication is enforced on the port. If a client authenticates
|
|
successfully, then the interface is authorized. Otherwise, the port is
|
|
in unauthorized mode.
|
|
forceAuthorized(3) - The port is placed in authorized mode"
|
|
DEFVAL {auto}
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationEntry 1}
|
|
|
|
agentAuthMgrPortHostMode OBJECT-TYPE
|
|
SYNTAX AuthMgrPortHostMode
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Port Host mode of this port.
|
|
The port Host mode for this interface can take the following values:
|
|
singleHost(1) - only one client can be authenticated on this port.
|
|
multiHost(2) - only on client authenticates on this port. Once authenticated,
|
|
the port is authorized for all clients on this port.
|
|
multiAuth(3) - multiple clients can be authenticated on this port.
|
|
multiDomain(4)- only one data and one voice client can be authenticated on this port.
|
|
multiDomainMultiHost(5) - only one data and one voice client can be authenticated on
|
|
this port. Once a data client is authenticated, the port is
|
|
authorized for all data clients on this port."
|
|
DEFVAL {multiHost}
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationEntry 2}
|
|
|
|
|
|
agentAuthMgrPortNoResponseVlanId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the no response VLAN of the port.
|
|
|
|
For multiHost and multiDomainMultiHost the port will
|
|
be moved to this VLAN if no client sucessfully
|
|
authenticates on that port for the no-response period.
|
|
|
|
no-response period is the time period in which the client does
|
|
not respond to 802.1X EAP Request Identity frames for a configured
|
|
number of times.
|
|
|
|
For the rest of the host modes, 802.1x un-aware clients will
|
|
be moved to this VLAN if they fail authentication.
|
|
|
|
A value of zero indicates no response VLAN is configured
|
|
for the interface."
|
|
DEFVAL {0}
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationEntry 3}
|
|
|
|
agentAuthMgrPortAuthFailVlanId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the authentication failure VLAN of the port. A port will
|
|
be moved to this VLAN if a 802.1x client authenticates unsucessfully
|
|
on that port.
|
|
A value of zero indicates authentication failure VLAN is not configured for the port."
|
|
DEFVAL {0}
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationEntry 4}
|
|
|
|
agentAuthMgrPortMaxUsers OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the maximum users or clients that can authenticate on this port
|
|
when the port control mode is in multi-auth host mode. "
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationEntry 5}
|
|
|
|
agentAuthMgrPortAuthViolationMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
protect(1),
|
|
restrict(2),
|
|
shutdown(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Sets the authentication violation mode that occur when
|
|
a new device connects to a port after the maximum number
|
|
of devices are connected to that port."
|
|
DEFVAL {restrict}
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationEntry 6}
|
|
|
|
agentAuthMgrPortCriticalVlanId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the critical VLAN of the port. A port will be moved to its critical
|
|
VLAN if all RADIUS authentication servers are found to be Dead. A value of
|
|
zero indicates no critical VLAN is configured for the port and the port pvid
|
|
is used as the critical VLAN."
|
|
DEFVAL {0}
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationEntry 7}
|
|
|
|
agentAuthMgrPortAuthServerDeadAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
reinitialize(1),
|
|
authorize(2),
|
|
none(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the action to take on authenticating supplicants when all RADIUS
|
|
servers are found dead."
|
|
DEFVAL {none}
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationEntry 8}
|
|
|
|
agentAuthMgrPortAuthServerAliveAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
reinitialize(1),
|
|
none(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the action to take on authenticating supplicants when one RADIUS
|
|
server comes back Alive after all of them were found dead earlier."
|
|
DEFVAL {none}
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationEntry 9}
|
|
|
|
agentAuthMgrPortAuthServerDeadVoiceAction OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
authorize(1),
|
|
none(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the action to take on authenticating VoIP supplicants when all
|
|
RADIUS servers are found dead."
|
|
DEFVAL {none}
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationEntry 10}
|
|
|
|
agentAuthMgrPortInitialize OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The initialization control for this Port. Setting this object 'true' causes
|
|
the Port to be reinitialized, terminating (and potentially restarting) authentication
|
|
exchanges. The object value reverts to 'false' once initialization has completed."
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationEntry 11}
|
|
|
|
agentAuthMgrPortUnauthDHCPAllow OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies whether to allow DHCP packets on the port even if it is unauthorized."
|
|
DEFVAL {none}
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationEntry 12}
|
|
|
|
agentAuthMgrPortAuthenticationOpen OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies whether Open Authentication is enabled on the port."
|
|
DEFVAL {none}
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationEntry 13}
|
|
|
|
agentAuthMgrPortAuthControlDirection OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
both(1),
|
|
in(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Sets the authentication control direction for the
|
|
traffic flow of the interface."
|
|
DEFVAL {both}
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationEntry 14}
|
|
|
|
|
|
agentAuthMgrPortLinkSecPolicy OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
shouldSecure(1),
|
|
mustSecure(2),
|
|
mustNotSecure(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies LinkSec policy on the port."
|
|
DEFVAL {shouldSecure}
|
|
::= { agentAuthMgrInterfaceConfigAuthenticationEntry 15}
|
|
|
|
--**************************************************************************************
|
|
-- agentAuthMgrInterfaceStatusGroup
|
|
--**************************************************************************************
|
|
|
|
agentAuthMgrInterfaceStatusGroup OBJECT IDENTIFIER ::= { fastPathAuthMgr 3 }
|
|
|
|
agentAuthMgrInterfaceStatusTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AgentAuthMgrInterfaceStatusMethodEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The interface configuration for authentication manager"
|
|
::= { agentAuthMgrInterfaceStatusGroup 1 }
|
|
|
|
agentAuthMgrInterfaceStatusEntry OBJECT-TYPE
|
|
SYNTAX AgentAuthMgrInterfaceStatusMethodEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authentication manager interface config entry."
|
|
INDEX { agentAuthMgrIfIndex, methodIndex}
|
|
::= { agentAuthMgrInterfaceStatusTable 1 }
|
|
|
|
AgentAuthMgrInterfaceStatusMethodEntry ::= SEQUENCE {
|
|
agentAuthMgrStatusMethodOrder
|
|
INTEGER,
|
|
agentAuthMgrStatusMethodPriority
|
|
INTEGER
|
|
}
|
|
|
|
agentAuthMgrStatusMethodOrder OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
undefined(0),
|
|
dot1x(1),
|
|
mab(2)
|
|
,captivePortal(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authentication methods allowed for order configuration."
|
|
DEFVAL { undefined }
|
|
|
|
::= { agentAuthMgrInterfaceStatusEntry 1 }
|
|
|
|
agentAuthMgrStatusMethodPriority OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
undefined(0),
|
|
dot1x(1),
|
|
mab(2)
|
|
,captivePortal(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authentication methods allowed for priority configuration."
|
|
DEFVAL { undefined }
|
|
|
|
::= { agentAuthMgrInterfaceStatusEntry 2 }
|
|
|
|
|
|
--**************************************************************************************
|
|
-- agentAuthMgrClientStatusGroup -> Contains MIB objects displaying Authentication
|
|
-- Manager Client details and associated Functionality
|
|
--
|
|
--**************************************************************************************
|
|
|
|
agentAuthMgrClientStatusGroup OBJECT IDENTIFIER ::= { fastPathAuthMgr 4 }
|
|
|
|
agentAuthMgrClientStatusTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AgentAuthMgrClientStatusEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "A table for auth mgr client details and associated functionality."
|
|
::= { agentAuthMgrClientStatusGroup 1 }
|
|
|
|
|
|
agentAuthMgrClientStatusEntry OBJECT-TYPE
|
|
SYNTAX AgentAuthMgrClientStatusEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Represents entry for port config table."
|
|
INDEX { agentAuthMgrClientMacAddress}
|
|
::= {agentAuthMgrClientStatusTable 1 }
|
|
|
|
AgentAuthMgrClientStatusEntry ::= SEQUENCE {
|
|
agentAuthMgrClientMacAddress
|
|
MacAddress,
|
|
agentAuthMgrLogicalPort
|
|
Unsigned32,
|
|
agentAuthMgrInterface
|
|
Unsigned32,
|
|
agentAuthMgrClientAuthstatus
|
|
INTEGER,
|
|
agentAuthMgrClientAuthMethod
|
|
INTEGER,
|
|
agentAuthMgrClientAuthState
|
|
INTEGER,
|
|
agentAuthMgrClientUserName
|
|
DisplayString,
|
|
agentAuthMgrClientVlanAssigned
|
|
Unsigned32,
|
|
agentAuthMgrClientAuthVlanAssignedReason
|
|
INTEGER,
|
|
agentAuthMgrClientSessionTime
|
|
Unsigned32,
|
|
agentAuthMgrClientFilterID
|
|
DisplayString,
|
|
agentAuthMgrClientDACL
|
|
DisplayString,
|
|
agentAuthMgrClientSessionTimeout
|
|
Unsigned32,
|
|
agentAuthMgrClientTerminationAction
|
|
AuthMgrSessionTerminationAction,
|
|
agentAuthMgrClientAcctSessionId
|
|
DisplayString,
|
|
agentAuthMgrClientRedirectACL
|
|
DisplayString,
|
|
agentAuthMgrClientRedirectURL
|
|
DisplayString
|
|
,agentAuthMgrClientLinkSecPolicy
|
|
INTEGER
|
|
,agentAuthMgrClientSessionTimeLeft
|
|
Unsigned32
|
|
}
|
|
|
|
|
|
agentAuthMgrClientMacAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the MAC address of the client."
|
|
::= { agentAuthMgrClientStatusEntry 1}
|
|
|
|
agentAuthMgrLogicalPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the logical port number of the client connection."
|
|
::= { agentAuthMgrClientStatusEntry 2}
|
|
|
|
agentAuthMgrInterface OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the physical interface to which the client is attached."
|
|
::= { agentAuthMgrClientStatusEntry 3}
|
|
|
|
agentAuthMgrClientAuthstatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
authorized(1),
|
|
unauthorized(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authentication status of the client."
|
|
::={ agentAuthMgrClientStatusEntry 4}
|
|
|
|
|
|
agentAuthMgrClientAuthMethod OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
undefined(0),
|
|
dot1x(1),
|
|
mab(2)
|
|
,captivePortal(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The method using which the client is authenticated."
|
|
::={ agentAuthMgrClientStatusEntry 5}
|
|
|
|
agentAuthMgrClientAuthState OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
success(1),
|
|
failed(2),
|
|
running(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The authentication state of the client."
|
|
::={ agentAuthMgrClientStatusEntry 6}
|
|
|
|
agentAuthMgrClientUserName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the username with which the client is authenticated
|
|
to the Radius server. This value is only valid when the client
|
|
is in authenticated state. "
|
|
::= { agentAuthMgrClientStatusEntry 7}
|
|
|
|
agentAuthMgrClientVlanAssigned OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the VLAN the client is associated with by Auth Mgr.
|
|
This value is only valid when the client is in authenticated
|
|
state."
|
|
::= { agentAuthMgrClientStatusEntry 8}
|
|
|
|
agentAuthMgrClientAuthVlanAssignedReason OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
radius(1),
|
|
authFailVlan(2),
|
|
noResponseVlan(3),
|
|
voiceVlan(4),
|
|
monitorVlan(5),
|
|
criticalVlan(6),
|
|
none(7)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The VLAN assigned reason for the authenticated client."
|
|
::={ agentAuthMgrClientStatusEntry 9}
|
|
|
|
agentAuthMgrClientSessionTime OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the time elapsed in seconds since the client was
|
|
authenticated in this session.This value is only valid when
|
|
the client is in authenticated state. "
|
|
::= { agentAuthMgrClientStatusEntry 10}
|
|
|
|
agentAuthMgrClientFilterID OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the Filter ID or Diffserv Policy name to be applied
|
|
to the session. This value is populated only if it has been
|
|
assigned by the RADIUS server. This value is only valid when
|
|
the client is in authenticated state."
|
|
::= { agentAuthMgrClientStatusEntry 11}
|
|
|
|
agentAuthMgrClientDACL OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the Downloadble ACL to be applied to the session.
|
|
This value is populated only if it has been assigned by the
|
|
RADIUS server. This value is only valid when the client is in
|
|
authenticated state."
|
|
::= { agentAuthMgrClientStatusEntry 12}
|
|
|
|
agentAuthMgrClientSessionTimeout OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the session time out value if assigned
|
|
by the Radius server. A value of 0 indicates that no session
|
|
timeout was assigned by the RADIUS server. This value is only
|
|
valid when the client is in authenticated state. "
|
|
::= { agentAuthMgrClientStatusEntry 13}
|
|
|
|
agentAuthMgrClientTerminationAction OBJECT-TYPE
|
|
SYNTAX AuthMgrSessionTerminationAction
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the session termination action assigned by the Radius
|
|
Server.This is the action taken when the session times out.
|
|
This value is only valid when the client is in authenticated
|
|
state. "
|
|
::= { agentAuthMgrClientStatusEntry 14}
|
|
|
|
agentAuthMgrClientAcctSessionId OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the Accounting Session Id used by the session."
|
|
::= { agentAuthMgrClientStatusEntry 15}
|
|
|
|
agentAuthMgrClientRedirectACL OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the Redirect ACL to be applied to the session.
|
|
This value is populated only if it has been assigned by the
|
|
RADIUS server. This value is only valid when the client is in
|
|
authenticated state."
|
|
::= { agentAuthMgrClientStatusEntry 16}
|
|
|
|
agentAuthMgrClientRedirectURL OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the Redirect URL applicable to the session.
|
|
This value is populated only if it has been assigned by the
|
|
RADIUS server. This value is only valid when the client is in
|
|
authenticated state."
|
|
::= { agentAuthMgrClientStatusEntry 17}
|
|
|
|
agentAuthMgrClientLinkSecPolicy OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
shouldSecure(1),
|
|
mustSecure(2),
|
|
mustNotSecure(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the LinkSec policy for the client.
|
|
This value is populated only if it has been assigned by the
|
|
RADIUS server. This value is only valid when the client is in
|
|
authenticated state."
|
|
DEFVAL {shouldSecure}
|
|
::= { agentAuthMgrClientStatusEntry 18}
|
|
|
|
agentAuthMgrClientSessionTimeLeft OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the time left for the session termination
|
|
action to occur. This value is only
|
|
valid when the client is in authenticated state. "
|
|
::= { agentAuthMgrClientStatusEntry 19}
|
|
|
|
agentAuthMgrAuthHistoryResultsGroup OBJECT IDENTIFIER ::= { fastPathAuthMgr 5 }
|
|
|
|
agentAuthMgrPortAuthHistoryResultTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AgentAuthMgrPortAuthHistoryResultEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "A table to display history of the authentication manager."
|
|
::= { agentAuthMgrAuthHistoryResultsGroup 1 }
|
|
|
|
agentAuthMgrPortAuthHistoryResultEntry OBJECT-TYPE
|
|
SYNTAX AgentAuthMgrPortAuthHistoryResultEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Represents authentication manager results in history table."
|
|
INDEX { agentAuthMgrAuthHistoryResultIfaceIndex,
|
|
agentAuthMgrAuthHistoryResultIndex}
|
|
::= {agentAuthMgrPortAuthHistoryResultTable 1 }
|
|
|
|
AgentAuthMgrPortAuthHistoryResultEntry ::= SEQUENCE {
|
|
agentAuthMgrAuthHistoryResultIfaceIndex Unsigned32,
|
|
agentAuthMgrAuthHistoryResultIndex Unsigned32,
|
|
agentAuthMgrAuthHistoryResultTimeStamp DateAndTime,
|
|
agentAuthMgrAuthHistoryResultMacAddress MacAddress,
|
|
agentAuthMgrAuthHistoryResultAuthMethod INTEGER,
|
|
agentAuthMgrAuthHistoryResultAuthStatus INTEGER,
|
|
agentAuthMgrAuthHistoryResultAge TimeTicks,
|
|
agentAuthMgrAuthHistoryResultVlanId Unsigned32,
|
|
agentAuthMgrAuthHistoryResultAccessStatus INTEGER,
|
|
agentAuthMgrAuthHistoryResultFilterID DisplayString,
|
|
agentAuthMgrAuthHistoryResultDACL DisplayString,
|
|
agentAuthMgrAuthHistoryResultVlanAssignedType INTEGER,
|
|
agentAuthMgrAuthHistoryResultReasonCode INTEGER
|
|
}
|
|
|
|
agentAuthMgrAuthHistoryResultIfaceIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the physical bridge port on which
|
|
authentication event might be received."
|
|
::= { agentAuthMgrPortAuthHistoryResultEntry 1 }
|
|
|
|
agentAuthMgrAuthHistoryResultIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reference to the authentication manager authentication
|
|
history table maintained."
|
|
::= { agentAuthMgrPortAuthHistoryResultEntry 2 }
|
|
|
|
agentAuthMgrAuthHistoryResultTimeStamp OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the exact time of authentication manager authentication
|
|
event information occurred maintained in the
|
|
history table."
|
|
::= { agentAuthMgrPortAuthHistoryResultEntry 3 }
|
|
|
|
agentAuthMgrAuthHistoryResultMacAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the client MAC address maintained in
|
|
the authentication history table."
|
|
::= { agentAuthMgrPortAuthHistoryResultEntry 4 }
|
|
|
|
agentAuthMgrAuthHistoryResultAuthMethod OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
undefined(0),
|
|
dot1x(1),
|
|
mab(2)
|
|
,captivePortal(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The method using which the client is authenticated."
|
|
::= { agentAuthMgrPortAuthHistoryResultEntry 5 }
|
|
|
|
agentAuthMgrAuthHistoryResultAuthStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
success(1),
|
|
failure(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the authentication manager authentication status
|
|
(Success or Failure) for the authentication manager
|
|
authentication event takes place. "
|
|
::= { agentAuthMgrPortAuthHistoryResultEntry 6 }
|
|
|
|
agentAuthMgrAuthHistoryResultAge OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Time since the authentication entry was added to the history table.
|
|
It is displayed in days, hours, minutes, and seconds."
|
|
::= { agentAuthMgrPortAuthHistoryResultEntry 7 }
|
|
|
|
agentAuthMgrAuthHistoryResultVlanId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the VLANID associated with the client if authenticated successfully."
|
|
::= { agentAuthMgrPortAuthHistoryResultEntry 8 }
|
|
|
|
agentAuthMgrAuthHistoryResultAccessStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
granted(1),
|
|
denied(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Authentication access status indicates the exact status of the
|
|
dot1x client. Granted means the client is allowed access to the
|
|
network using dot1x or monitor mode. Denied means the client is
|
|
not allowed access to the network."
|
|
::= { agentAuthMgrPortAuthHistoryResultEntry 9 }
|
|
|
|
agentAuthMgrAuthHistoryResultFilterID OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the Filter ID or Diffserv Policy name assigned by
|
|
the RADIUS server. This value is only valid when the client
|
|
is in authenticated state."
|
|
::= { agentAuthMgrPortAuthHistoryResultEntry 10 }
|
|
|
|
agentAuthMgrAuthHistoryResultDACL OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the Downloadable Access Control List name assigned by
|
|
the RADIUS server. This value is only valid when the client
|
|
is in authenticated state."
|
|
::= { agentAuthMgrPortAuthHistoryResultEntry 11 }
|
|
|
|
agentAuthMgrAuthHistoryResultVlanAssignedType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
default(1),
|
|
radius(2),
|
|
unauthenticatedVlan(3),
|
|
guestVlan(4),
|
|
voiceVlan(5),
|
|
monitorVlan(6),
|
|
notAssigned(7)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the VLAN Assigned Reason maintained in the history
|
|
table."
|
|
::= { agentAuthMgrPortAuthHistoryResultEntry 12 }
|
|
|
|
|
|
agentAuthMgrAuthHistoryResultReasonCode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
none(0),
|
|
supplicant-timeout(1),
|
|
eapol-timeout(2),
|
|
radius-request-timeout(3),
|
|
radius-auth-failure(4),
|
|
radius-auth-comm-failure(5),
|
|
radius-challenge-process-invalid-nas-port(6), -- current, radius-challenge-process-invalid-nas-port no longer supported
|
|
radius-challenge-process-wrong-eap-msg(7),
|
|
radius-request-send-msg-error(8),
|
|
radius-accept-process-invalid-nas-port(9), -- current, radius-accept-process-invalid-nas-port no longer supported
|
|
radius-accept-process-wrong-eap-msg(10),
|
|
radius-accept-filter-assignment-failure(11),
|
|
radius-accept-diffserv-not-present(12),
|
|
radius-accept-vlan-assignment-failure(13),
|
|
vlan-assignment-feature-not-enabled(14),
|
|
radius-success(15),
|
|
local-auth-user-not-found(16),
|
|
local-auth-user-no-access(17),
|
|
local-auth-md5-validation-failure(18),
|
|
local-auth-invalid-eap-type(19),
|
|
local-failure(20),
|
|
local-success(21),
|
|
radius-invalid-radius-status(22),
|
|
guest-vlan-timer-expiry(23),
|
|
undefined-auth-method(24),
|
|
reject-auth-method(25),
|
|
invalid-auth-method(26),
|
|
auth-method-not-configured(27),
|
|
unauth-vlan-not-created(28),
|
|
guest-vlan-not-created(29),
|
|
radius-accept-invalid-vlan-failure(30),
|
|
eapol-request-id-timeout(31),
|
|
all-radius-servers-dead(32),
|
|
client-disconnected(33),
|
|
guest-vlan-success(34),
|
|
unauth-vlan-success(35),
|
|
critical-vlan-success(36),
|
|
monitor-success(37),
|
|
dacl-apply-failure(38),
|
|
open-success(39)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the authentication reason refered by the result index on a port."
|
|
::= { agentAuthMgrPortAuthHistoryResultEntry 13 }
|
|
|
|
-- agentAuthMgrAuthHistoryResultsClear OBJECT-TYPE
|
|
-- SYNTAX INTEGER {
|
|
-- enable(1),
|
|
-- disable(2)
|
|
-- }
|
|
-- MAX-ACCESS read-write
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "When set to enable(1), all Authentication Manager Authentication
|
|
-- History information will be reset."
|
|
-- DEFVAL { disable }
|
|
-- ::= { agentAuthMgrAuthHistoryResultsGroup 2 }
|
|
|
|
--**************************************************************************************
|
|
-- agentAuthMgrPortAuthHistoryResultClearTable
|
|
--
|
|
--**************************************************************************************
|
|
|
|
agentAuthMgrPortAuthHistoryResultClearTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AgentAuthMgrPortAuthHistoryResultClearEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "A table to clear the authentication manager authentication history
|
|
per interface."
|
|
::= { agentAuthMgrAuthHistoryResultsGroup 3 }
|
|
|
|
agentAuthMgrPortAuthHistoryResultClearEntry OBJECT-TYPE
|
|
SYNTAX AgentAuthMgrPortAuthHistoryResultClearEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Represents to clear the authentication manager authentication results for an
|
|
authentication manager authentication history table."
|
|
INDEX { agentAuthMgrAuthHistoryResultIfIndex }
|
|
::= {agentAuthMgrPortAuthHistoryResultClearTable 1 }
|
|
|
|
AgentAuthMgrPortAuthHistoryResultClearEntry ::= SEQUENCE {
|
|
agentAuthMgrAuthHistoryResultIfIndex Unsigned32,
|
|
agentAuthMgrPortAuthHistoryResultsClear INTEGER
|
|
}
|
|
agentAuthMgrAuthHistoryResultIfIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the physical Bridge Port on which authentication event
|
|
might be received."
|
|
::= { agentAuthMgrPortAuthHistoryResultClearEntry 1 }
|
|
|
|
|
|
agentAuthMgrPortAuthHistoryResultsClear OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to enable(1), all authentication manager authentication history
|
|
information for the given port will be reset. The value is write-only.
|
|
Attempt to read will return disable(2)."
|
|
DEFVAL { disable }
|
|
::= { agentAuthMgrPortAuthHistoryResultClearEntry 2 }
|
|
|
|
|
|
--**************************************************************************************
|
|
-- agentAuthMgrAuthStatsGroup -> Contains MIB objects displaying Authentication Manager
|
|
-- statistics per interface
|
|
--**************************************************************************************
|
|
agentAuthMgrAuthStatsGroup OBJECT IDENTIFIER ::= { fastPathAuthMgr 6 }
|
|
|
|
agentAuthMgrPortStatsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AgentAuthMgrPortStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "A table to display the authentication manager statistics."
|
|
::= { agentAuthMgrAuthStatsGroup 1 }
|
|
|
|
agentAuthMgrPortStatsEntry OBJECT-TYPE
|
|
SYNTAX AgentAuthMgrPortStatsEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Represents authentication manager statistics per port."
|
|
INDEX { agentAuthMgrPortIfaceIndex, agentAuthMgrPortMethodIndex }
|
|
::= {agentAuthMgrPortStatsTable 1 }
|
|
|
|
AgentAuthMgrPortStatsEntry ::= SEQUENCE {
|
|
agentAuthMgrPortIfaceIndex Unsigned32,
|
|
agentAuthMgrPortMethodIndex INTEGER,
|
|
agentAuthMgrPortStatsAttempts Unsigned32,
|
|
agentAuthMgrPortStatsFailedAttempts Unsigned32
|
|
}
|
|
|
|
agentAuthMgrPortIfaceIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the physical bridge port on which
|
|
statistics are retrieved."
|
|
::= { agentAuthMgrPortStatsEntry 1 }
|
|
|
|
agentAuthMgrPortMethodIndex OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
dot1x(1),
|
|
mab(2)
|
|
,captivePortal(3)
|
|
}
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The index of the authentication method for which statistics are reviewed."
|
|
|
|
::= { agentAuthMgrPortStatsEntry 2 }
|
|
|
|
agentAuthMgrPortStatsAttempts OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the number of successful authentications events
|
|
of specified method on specified port."
|
|
::= { agentAuthMgrPortStatsEntry 3 }
|
|
|
|
agentAuthMgrPortStatsFailedAttempts OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the number of unsuccessful authentications attempts
|
|
of specified method on specified port."
|
|
::= { agentAuthMgrPortStatsEntry 4 }
|
|
|
|
|
|
-- Clear statistics ----
|
|
agentAuthMgrPortStatsClearTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AgentAuthMgrPortStatsClearEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "A table to clear the authentication manager statistics."
|
|
::= { agentAuthMgrAuthStatsGroup 2 }
|
|
|
|
agentAuthMgrPortStatsClearEntry OBJECT-TYPE
|
|
SYNTAX AgentAuthMgrPortStatsClearEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Represents to clear the authentication manager statistics per interface."
|
|
INDEX { agentAuthMgrPortIfaceIndex }
|
|
::= {agentAuthMgrPortStatsClearTable 1 }
|
|
|
|
AgentAuthMgrPortStatsClearEntry ::= SEQUENCE {
|
|
agentAuthMgrPortIfaceIndex Unsigned32,
|
|
agentAuthMgrPortStatsClear INTEGER
|
|
}
|
|
|
|
agentAuthMgrPortStatsClear OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to enable(1), all authentication manager statistics for
|
|
the given port will be reset. The value is write-only. Attempt to read
|
|
will return disable(2)."
|
|
DEFVAL { disable }
|
|
::= { agentAuthMgrPortStatsClearEntry 2 }
|
|
|
|
--**************************************************************************************
|
|
-- Auth Mgr Traps Config
|
|
--**************************************************************************************
|
|
|
|
agentAuthMgrTrapsConfigGroup OBJECT IDENTIFIER ::= { fastPathAuthMgr 7 }
|
|
|
|
authMgrTrapMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object enables/disables the user manager trap mode."
|
|
DEFVAL { disable }
|
|
::= { agentAuthMgrTrapsConfigGroup 1 }
|
|
|
|
--**************************************************************************************
|
|
-- agentAuthMgrMonitorModeConfigGroup -> Contains MIB objects configuring/displaying
|
|
-- Authentication Manager Monitor Mode details and associated Functionality
|
|
--
|
|
--**************************************************************************************
|
|
agentAuthMgrMonitorModeConfigGroup OBJECT IDENTIFIER ::= { fastPathAuthMgr 8 }
|
|
|
|
agentAuthMgrMonitorModeEnabled OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "Enable/Disable Authentication Manager Monitor mode
|
|
Support on the switch."
|
|
DEFVAL { disable }
|
|
::= { agentAuthMgrMonitorModeConfigGroup 1 }
|
|
|
|
agentAuthMgrMonitorModeClients OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Retrieves the number of clients that got
|
|
authenticated by Monitor mode globally."
|
|
::= { agentAuthMgrMonitorModeConfigGroup 2 }
|
|
|
|
agentAuthMgrNonMonitorModeClients OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Retrieves the number of clients that are granted access by
|
|
Authentication Manager with no monitor mode enabled."
|
|
::= { agentAuthMgrMonitorModeConfigGroup 3 }
|
|
|
|
|
|
|
|
--**************************************************************************************
|
|
-- Auth Mgr Traps
|
|
--
|
|
--**************************************************************************************
|
|
fastpathAuthMgrTraps OBJECT IDENTIFIER ::= { fastPathAuthMgr 0 }
|
|
|
|
agentAuthMgrClientAuthStatusTrap NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
agentAuthMgrInterface,
|
|
agentAuthMgrClientMacAddress,
|
|
agentAuthMgrClientAuthMethod,
|
|
agentAuthMgrClientAuthstatus
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Trap is sent from Auth Mgr when client is authorised/un-authorised."
|
|
::= { fastpathAuthMgrTraps 1 }
|
|
|
|
END
|