-- This file was included in Ciena MIB release MIBS-CIENA-CES-08-07-00-024 -- -- CIENA-CES-8021X-MIB.my -- CIENA-CES-8021X-MIB DEFINITIONS ::= BEGIN IMPORTS Integer32, OBJECT-TYPE, MODULE-IDENTITY, NOTIFICATION-TYPE FROM SNMPv2-SMI DisplayString, TruthValue FROM SNMPv2-TC cienaCesNotifications, cienaCesConfig FROM CIENA-SMI cienaGlobalSeverity, cienaGlobalMacAddress FROM CIENA-GLOBAL-MIB dot1xPaeSystemAuthControl FROM IEEE8021-PAE-MIB; -- 1.3.6.1.4.1.1271.2.1.42 cienaCes8021xMIB MODULE-IDENTITY LAST-UPDATED "201708220000Z" ORGANIZATION "Ciena Corp." CONTACT-INFO " Mib Meister 7035 Ridge Road Hanover, Maryland 21076 USA Phone: +1 800 921 1144 Email: support@ciena.com" DESCRIPTION "The MIB module is for 802.1x supplicant and authenticator information." REVISION "201708220000Z" DESCRIPTION "Initial creation. Based on WWP-LEOS-8021X-MIB update 201510020000Z" ::= { cienaCesConfig 42 } -- -- Node definitions -- -- 1.3.6.1.4.1.1271.2.1.42.1 cienaCes8021xConf OBJECT IDENTIFIER ::= { cienaCes8021xMIB 1 } -- 1.3.6.1.4.1.1271.2.1.42.1.1 cienaCes8021xGroups OBJECT IDENTIFIER ::= { cienaCes8021xConf 1 } -- 1.3.6.1.4.1.1271.2.1.42.1.2 cienaCes8021xCompls OBJECT IDENTIFIER ::= { cienaCes8021xConf 2 } -- 1.3.6.1.4.1.1271.2.1.42.2 cienaCes8021xObjs OBJECT IDENTIFIER ::= { cienaCes8021xMIB 2 } -- 1.3.6.1.4.1.1271.2.1.42.2.1 cienaCes8021xPortTable OBJECT-TYPE SYNTAX SEQUENCE OF CienaCes8021xPortEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Table with an entry for every port on the switch" ::= { cienaCes8021xObjs 1 } -- 1.3.6.1.4.1.1271.2.1.42.2.1.1 cienaCes8021xPortEntry OBJECT-TYPE SYNTAX CienaCes8021xPortEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry (conceptual row) in the cienaCes8021xPortTable." INDEX { cienaCes8021xPort } ::= { cienaCes8021xPortTable 1 } CienaCes8021xPortEntry ::= SEQUENCE { cienaCes8021xPort Unsigned32, cienaCes8021xRole INTEGER, cienaCes8021xAuthPortStatsClear INTEGER, cienaCes8021xNotificationAuthenticationEvent INTEGER } -- 1.3.6.1.4.1.1271.2.1.42.2.1.1.1 cienaCes8021xPort OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "Pgid of the port" ::= { cienaCes8021xPortEntry 1 } -- 1.3.6.1.4.1.1271.2.1.42.2.1.1.2 cienaCes8021xRole OBJECT-TYPE SYNTAX INTEGER { none(1), supplicant(2), authenticator(3), both(4) } MAX-ACCESS read-write STATUS current DESCRIPTION "802.1x role of the Port." ::= { cienaCes8021xPortEntry 2 } -- 1.3.6.1.4.1.1271.2.1.42.2.1.1.3 cienaCes8021xAuthPortStatsClear OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this MIB object to 'true' clears the authenticator port statistics." ::= { cienaCes8021xPortEntry 3 } -- 1.3.6.1.4.1.1271.2.1.42.2.1.1.4 cienaCes8021xNotificationAuthenticationEvent OBJECT-TYPE SYNTAX INTEGER { success(1), failure(2), timeout(3) } MAX-ACCESS accessible-for-notify STATUS current DESCRIPTION "This object identifies the type of authentication event being communicated in the notification in which this object is located." ::= { cienaCes8021xPortEntry 4 } -- 1.3.6.1.4.1.1271.2.1.42.3 cienaCes8021xEvents OBJECT IDENTIFIER ::= { cienaCes8021xMIB 3 } -- 1.3.6.1.4.1.1271.2.1.42.3.0 cienaCes8021xEventsV2 OBJECT IDENTIFIER ::= { cienaCes8021xEvents 0 } -- -- Extension to dot1xSuppConfigTable Supplicant MIB -- -- 1.3.6.1.4.1.1271.2.1.42.2.2 cienaCes8021xSuppTable OBJECT-TYPE SYNTAX SEQUENCE OF CienaCes8021xSuppEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table that contains the configuration objects for the Supplicant PAE associated with each port. An entry appears in this table for each port that may authenticate itself when challenged by a remote system." ::= { cienaCes8021xObjs 2 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1 cienaCes8021xSuppEntry OBJECT-TYPE SYNTAX CienaCes8021xSuppEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "The configuration information for a Supplicant PAE." INDEX { cienaCes8021xSuppPort } ::= { cienaCes8021xSuppTable 1 } CienaCes8021xSuppEntry ::= SEQUENCE { cienaCes8021xSuppPort Unsigned32, cienaCes8021xSuppUserName DisplayString, cienaCes8021xSuppPassword DisplayString, cienaCes8021xSuppPortStatsClear INTEGER, cienaCes8021xSuppEAPMethod INTEGER, cienaCes8021xSuppEAPAllowedMethods BITS, cienaCes8021xSuppOperationalState INTEGER, cienaCes8021xSuppMutualAuthenticationAdminState INTEGER, cienaCes8021xSuppCheckCertificateTimeAdminState INTEGER, cienaCes8021xSuppMutualAuthenticationOperState INTEGER, cienaCes8021xSuppCheckCertificateTimeOperState INTEGER, cienaCes8021xSuppDeviceCertificateStatus INTEGER, cienaCes8021xSuppSecret OCTET STRING, cienaCes8021xSuppAdminState INTEGER, cienaCes8021xSuppEAPVersion Integer32, cienaCes8021xSuppOCSPAdminState INTEGER, cienaCes8021xSuppCertificateName DisplayString, cienaCes8021xSuppMinimumTlsVersion INTEGER, cienaCes8021xSuppPeerCertReauthAdminState INTEGER } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.1 cienaCes8021xSuppPort OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "The MIB object is used as an index in the table and specifies the pgid of the port." ::= { cienaCes8021xSuppEntry 1 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.2 cienaCes8021xSuppUserName OBJECT-TYPE SYNTAX DisplayString (SIZE(0..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "Username for authenticating this supplicant, also used as the 802.1x identity. Setting this object to zero length string resets the username." ::= { cienaCes8021xSuppEntry 2 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.3 cienaCes8021xSuppPassword OBJECT-TYPE SYNTAX DisplayString (SIZE(0..128)) MAX-ACCESS read-write STATUS current DESCRIPTION "The password used with cienaCes8021xSuppUserName for EAP-MD5 authentication. Doing a get on this object always returns a zero length string for security reasons." ::= { cienaCes8021xSuppEntry 3 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.5 cienaCes8021xSuppPortStatsClear OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this MIB object to 'true' clears the supplicant port statistics." ::= { cienaCes8021xSuppEntry 5 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.10 cienaCes8021xSuppEAPMethod OBJECT-TYPE SYNTAX INTEGER { eapMd5(1) } MAX-ACCESS read-write STATUS obsolete DESCRIPTION "Obsolete. Use cienaCes8021xSuppEAPAllowedMethods instead." ::= { cienaCes8021xSuppEntry 10 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.11 cienaCes8021xSuppEAPAllowedMethods OBJECT-TYPE SYNTAX BITS { eapMd5(0), eapTls(1) } MAX-ACCESS read-write STATUS current DESCRIPTION "Extensible Authentication Protocol methods allowed for this supplicant." ::= { cienaCes8021xSuppEntry 11 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.12 cienaCes8021xSuppOperationalState OBJECT-TYPE SYNTAX INTEGER { disabled(1), enabled(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "Returns the operational state of this supplicant." ::= { cienaCes8021xSuppEntry 12 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.13 cienaCes8021xSuppMutualAuthenticationAdminState OBJECT-TYPE SYNTAX INTEGER { disabled(1), enabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Administratively enables/disables authentication of the server by the supplicant. Applies to EAP-TLS." ::= { cienaCes8021xSuppEntry 13 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.14 cienaCes8021xSuppCheckCertificateTimeAdminState OBJECT-TYPE SYNTAX INTEGER { disabled(1), enabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Administratively enables/disables checking of the server's certificate timestamp when doing mutual authentication. Applies to EAP-TLS." ::= { cienaCes8021xSuppEntry 14 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.15 cienaCes8021xSuppMutualAuthenticationOperState OBJECT-TYPE SYNTAX INTEGER { disabled(1), enabled(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "Returns the operative state of mutual authentication checking. Applies to EAP-TLS." ::= { cienaCes8021xSuppEntry 15 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.16 cienaCes8021xSuppCheckCertificateTimeOperState OBJECT-TYPE SYNTAX INTEGER { disabled(1), enabled(2) } MAX-ACCESS read-only STATUS current DESCRIPTION "Returns the operative state of certificate time stamp checking when doing mutual authentication. Applies to EAP-TLS." ::= { cienaCes8021xSuppEntry 16 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.17 cienaCes8021xSuppDeviceCertificateStatus OBJECT-TYPE SYNTAX INTEGER { valid(1), invalid(2), notPresent(3) } MAX-ACCESS read-only STATUS current DESCRIPTION "Returns the state of the supplicant device certificate. Applies to EAP-TLS." ::= { cienaCes8021xSuppEntry 17 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.18 cienaCes8021xSuppSecret OBJECT-TYPE SYNTAX OCTET STRING(SIZE(0..259)) MAX-ACCESS read-write STATUS current DESCRIPTION "Sets the pre-encrypted secret that shall be used along with the username specified by cienaCes8021xSuppUserName to gain access on a port. A get returns the encrypted secret for the supplicant." ::= { cienaCes8021xSuppEntry 18} -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.19 cienaCes8021xSuppAdminState OBJECT-TYPE SYNTAX INTEGER { disabled(1), enabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object is used to specify the user administrative state of the supplicant port." ::= { cienaCes8021xSuppEntry 19 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.20 cienaCes8021xSuppEAPVersion OBJECT-TYPE SYNTAX Integer32 (1..2) MAX-ACCESS read-write STATUS current DESCRIPTION "This object is used to specify the EAPoL version of the supplicant port." ::= { cienaCes8021xSuppEntry 20 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.21 cienaCes8021xSuppOCSPAdminState OBJECT-TYPE SYNTAX INTEGER { disabled(1), enabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Administratively enables/disables OCSP checking of the server's certificate when doing mutual authentication. Applies to EAP-TLS." ::= { cienaCes8021xSuppEntry 21 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.22 cienaCes8021xSuppCertificateName OBJECT-TYPE SYNTAX DisplayString (SIZE(0..32)) MAX-ACCESS read-write STATUS current DESCRIPTION "Name of the certificate to be used for authenticating this supplicant. Applies to EAP-TLS." ::= { cienaCes8021xSuppEntry 22 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.23 cienaCes8021xSuppMinimumTlsVersion OBJECT-TYPE SYNTAX INTEGER { version1dot0(1), version1dot1(2), version1dot2(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object is used to specify the minimum TLS version that can be used by the supplicant port. Applies to EAP-TLS." ::= { cienaCes8021xSuppEntry 23 } -- 1.3.6.1.4.1.1271.2.1.42.2.2.1.24 cienaCes8021xSuppPeerCertReauthAdminState OBJECT-TYPE SYNTAX INTEGER { disabled(1), enabled(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Administratively enables/disables peer certificate reauthentication on this supplicant. Applies to EAP-TLS." ::= { cienaCes8021xSuppEntry 24 } -- 1.3.6.1.4.1.1271.2.1.42.2.3 cienaCes8021xGlobalAttrs OBJECT IDENTIFIER ::= { cienaCes8021xObjs 3 } -- 1.3.6.1.4.1.1271.2.1.42.2.3.1 cienaCes8021xAuthStatsClear OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this MIB object to 'true' clears the authenticator global statistics." ::= { cienaCes8021xGlobalAttrs 1 } -- 1.3.6.1.4.1.1271.2.1.42.2.3.2 cienaCes8021xSuppStatsClear OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "Setting this MIB object to 'true' clears the supplicant global statistics." ::= { cienaCes8021xGlobalAttrs 2 } -- -- Notifications -- -- 1.3.6.1.4.1.1271.2.2.101 cienaCes8021xMIBNotificationPrefix OBJECT IDENTIFIER ::= { cienaCesNotifications 101 } -- 1.3.6.1.4.1.1271.2.2.101.0 cienaCes8021xMIBNotification OBJECT IDENTIFIER ::= { cienaCes8021xMIBNotificationPrefix 0 } -- 1.3.6.1.4.1.1271.2.2.101.0.1 cienaCes8021xSuppAuthenticationEvent NOTIFICATION-TYPE OBJECTS { cienaGlobalSeverity, cienaGlobalMacAddress, cienaCes8021xPort, cienaCes8021xNotificationAuthenticationEvent } STATUS current DESCRIPTION "This notification is generated when a supplicant authentication event, as identified by the value of cienaCes8021xNotificationAuthenticationEvent has occurred on the port identified by cienaCes8021xPort." ::= { cienaCes8021xMIBNotification 1 } -- 1.3.6.1.4.1.1271.2.2.101.0.2 cienaCes8021xAuthAuthenticationEvent NOTIFICATION-TYPE OBJECTS { cienaGlobalSeverity, cienaGlobalMacAddress, cienaCes8021xPort, cienaCes8021xNotificationAuthenticationEvent } STATUS current DESCRIPTION "This notification is generated when a authenticator authentication event, as identified by the value of cienaCes8021xNotificationAuthenticationEvent has occurred on the port identified by cienaCes8021xPort." ::= { cienaCes8021xMIBNotification 2 } -- 1.3.6.1.4.1.1271.2.2.101.0.3 cienaCes8021xGlobalStateChangeEvent NOTIFICATION-TYPE OBJECTS { cienaGlobalSeverity, cienaGlobalMacAddress, dot1xPaeSystemAuthControl } STATUS current DESCRIPTION "This notification is generated when the dot1x global state is changed." ::= { cienaCes8021xMIBNotification 3 } -- 1.3.6.1.4.1.1271.2.2.101.0.4 cienaCes8021xAuthConfigChangeEvent NOTIFICATION-TYPE OBJECTS { cienaGlobalSeverity, cienaGlobalMacAddress, cienaCes8021xPort } STATUS current DESCRIPTION "This notification is generated when a configuration change is made in a dot1x authentication port." ::= { cienaCes8021xMIBNotification 4 } -- 1.3.6.1.4.1.1271.2.2.101.0.5 cienaCes8021xSuppConfigChangeEvent NOTIFICATION-TYPE OBJECTS { cienaGlobalSeverity, cienaGlobalMacAddress, cienaCes8021xPort } STATUS current DESCRIPTION "This notification is generated when a configuration change is made in a dot1x supplicant port." ::= { cienaCes8021xMIBNotification 5 } END -- -- CIENA-CES-8021X-MIB.my --