-- ***************************************************************************** -- Juniper-TACACS-Plus-Client-MIB -- -- Juniper Networks Enterprise MIB -- TACACS+ Client MIB -- -- Copyright (c) 2002, 2004 Juniper Networks, Inc. All Rights Reserved. -- ***************************************************************************** Juniper-TACACS-Plus-Client-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Counter32, IpAddress FROM SNMPv2-SMI TEXTUAL-CONVENTION, RowStatus, TruthValue, TimeStamp FROM SNMPv2-TC MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF juniMibs FROM Juniper-MIBs; juniTacacsPlusClientMIB MODULE-IDENTITY LAST-UPDATED "200403021731Z" -- 02-Mar-04 12:31 PM EST ORGANIZATION "Juniper Networks, Inc." CONTACT-INFO " Juniper Networks, Inc. Postal: 10 Technology Park Drive Westford, MA 01886-3146 USA Tel: +1 978 589 5800 Email: mib@Juniper.net" DESCRIPTION "The Terminal Access Controller Access Control System Plus (TACACS+) Client MIB for the Juniper Networks enterprise." -- Revision History REVISION "200403021731Z" -- 02-Mar-04 12:31 PM EST - JUNOSe 5.3 DESCRIPTION "Added juniTacacsPlusClientHostOrder to juniTacacsPlusClientHostConfigTable." REVISION "200209162144Z" -- 16-Sep-02 05:44 PM EDT - JUNOSe 5.0 DESCRIPTION "Replaced Unisphere names with Juniper names." REVISION "200207121349Z" -- 12-Jul-02 09:49 AM EDT - JUNOSe 4.1 DESCRIPTION "Initial version of this MIB module." ::= { juniMibs 60 } -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -- Textual conventions -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ JuniKeyString ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "A string to keep a TACACS+ key. It may contain TAB character and/or any character from 0x20 to 0x7e inclusive. Its lenght is limited to 100. For security reasons it always reads as an empty string." SYNTAX OCTET STRING (SIZE(0..100)) -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -- Managed objects -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ juniTacacsPlusClientObjects OBJECT IDENTIFIER ::= { juniTacacsPlusClientMIB 1 } juniTacacsPlusClientCommonConfig OBJECT IDENTIFIER ::= { juniTacacsPlusClientObjects 1 } juniTacacsPlusClientHostConfig OBJECT IDENTIFIER ::= { juniTacacsPlusClientObjects 2 } juniTacacsPlusClientHostStats OBJECT IDENTIFIER ::= { juniTacacsPlusClientObjects 3 } -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -- Common parameters shared by all hosts -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ juniTacacsPlusClientDirectedRequest OBJECT-TYPE SYNTAX INTEGER { notRestrictedAndTruncated(1), disabled(2), notRestrictedAndNotTruncated(3), restrictedAndTruncated(4), restrictedAndNotTruncated(5) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object represents directed-request option setting. In any of the enabled enabled states user name entered as `user@host' will be sent to specified host fot authentication. If `restricted' is in effect and the specified host is not available client would not try to use other hosts, if `truncated' is in effect, then `@host' part will be stripped before submission for authentication." ::= { juniTacacsPlusClientCommonConfig 1 } juniTacacsPlusClientTimeout OBJECT-TYPE SYNTAX INTEGER (0..255) MAX-ACCESS read-write STATUS current DESCRIPTION "TACACS+ host response timeout in seconds. Value 0 means 'not configured, it this case built-in internal timeout value will be used." ::= { juniTacacsPlusClientCommonConfig 2 } juniTacacsPlusClientKey OBJECT-TYPE SYNTAX JuniKeyString MAX-ACCESS read-write STATUS current DESCRIPTION "If the size is non-zero, packets passed between host and client will be encrypted." ::= { juniTacacsPlusClientCommonConfig 3 } juniTacacsPlusClientSourceIp OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS read-write STATUS current DESCRIPTION "If the value is is not 0.0.0.0 client will use this address as a source IP address for communication with servers. Changing this value would not affect existing connections." ::= { juniTacacsPlusClientCommonConfig 4 } -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -- Per host parameters -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ juniTacacsPlusClientHostConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF JuniTacacsPlusClientHostConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains per host configuration parameters." ::= { juniTacacsPlusClientHostConfig 1 } juniTacacsPlusClientHostConfigEntry OBJECT-TYPE SYNTAX JuniTacacsPlusClientHostConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A TACACS+ host statistics table entry." INDEX { juniTacacsPlusClientHostAddr } ::= { juniTacacsPlusClientHostConfigTable 1 } JuniTacacsPlusClientHostConfigEntry ::= SEQUENCE { juniTacacsPlusClientHostAddr IpAddress, juniTacacsPlusClientHostPort INTEGER, juniTacacsPlusClientHostPrimary TruthValue, juniTacacsPlusClientHostSingleConnection TruthValue, juniTacacsPlusClientHostTimeout INTEGER, juniTacacsPlusClientHostKey JuniKeyString, juniTacacsPlusClientHostStatus RowStatus, juniTacacsPlusClientHostOrder INTEGER } juniTacacsPlusClientHostAddr OBJECT-TYPE SYNTAX IpAddress MAX-ACCESS not-accessible STATUS current DESCRIPTION "The IP address of the host." ::= { juniTacacsPlusClientHostConfigEntry 1 } juniTacacsPlusClientHostPort OBJECT-TYPE SYNTAX INTEGER (1..65535) MAX-ACCESS read-create STATUS current DESCRIPTION "The TCP port of the host." DEFVAL { 49 } ::= { juniTacacsPlusClientHostConfigEntry 2 } juniTacacsPlusClientHostPrimary OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Non-directed requests are submitted to the primary host first. There is only one primary host in the table. So, setting this object to true, will also change the value of this object in the current primary host. If primary host is deleted or reset, system will assing new primary host. When the first entry is created it becomes primary regardless of the value of this object." DEFVAL { false } ::= { juniTacacsPlusClientHostConfigEntry 3 } juniTacacsPlusClientHostSingleConnection OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "Traditionally TACACS+ client creates a new TCP connection for every session. If this value is true then TACACS+ client will try to use single connection if supported both by client implementation and by the host." DEFVAL { false } ::= { juniTacacsPlusClientHostConfigEntry 4 } juniTacacsPlusClientHostTimeout OBJECT-TYPE SYNTAX INTEGER (0..255) MAX-ACCESS read-create STATUS current DESCRIPTION "TACACS+ host response timeout in seconds. If the value is 0 then the value of juniTacacsPlusClientTimeout will be used instead." ::= { juniTacacsPlusClientHostConfigEntry 5 } juniTacacsPlusClientHostKey OBJECT-TYPE SYNTAX JuniKeyString MAX-ACCESS read-create STATUS current DESCRIPTION "If size is non-zero, packets passed between host and client will be encrypted with the key, otherwise the value of juniTacacsPlusClientKey will be used for the purpose." DEFVAL { "" } ::= { juniTacacsPlusClientHostConfigEntry 6 } juniTacacsPlusClientHostStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Status object, only `createAndGo' and 'destroy' are supported." ::= { juniTacacsPlusClientHostConfigEntry 7 } juniTacacsPlusClientHostOrder OBJECT-TYPE SYNTAX INTEGER MAX-ACCESS read-only STATUS current DESCRIPTION "The search order of this TACACS+ host within all configured TACACS+ hosts. This MIB object indicates the order in which a TACACS+ request will be sent to the TACACS+ hosts until a response is received. The primary host is always the first host to be contacted. The remaining hosts will be contacted in the order that they were created. Should the primary host be deleted, the next host in the search order will become the primary host." ::= { juniTacacsPlusClientHostConfigEntry 8 } -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -- Host statistics -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ juniTacacsPlusClientHostStatsTable OBJECT-TYPE SYNTAX SEQUENCE OF JuniTacacsPlusClientHostStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table contains per host statistics." ::= { juniTacacsPlusClientHostStats 1 } juniTacacsPlusClientHostStatsEntry OBJECT-TYPE SYNTAX JuniTacacsPlusClientHostStatsEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A TACACS+ host statistics table entry." AUGMENTS { juniTacacsPlusClientHostConfigEntry } ::= { juniTacacsPlusClientHostStatsTable 1 } JuniTacacsPlusClientHostStatsEntry ::= SEQUENCE { juniTacacsPlusClientHostAuthRequests Counter32, juniTacacsPlusClientHostAuthReplies Counter32, juniTacacsPlusClientHostAuthPending Counter32, juniTacacsPlusClientHostAuthTimeouts Counter32, juniTacacsPlusClientHostAuthorRequests Counter32, juniTacacsPlusClientHostAuthorReplies Counter32, juniTacacsPlusClientHostAuthorPending Counter32, juniTacacsPlusClientHostAuthorTimeouts Counter32, juniTacacsPlusClientHostAcctRequests Counter32, juniTacacsPlusClientHostAcctReplies Counter32, juniTacacsPlusClientHostAcctPending Counter32, juniTacacsPlusClientHostAcctTimeouts Counter32, juniTacacsPlusClientHostDiscontinuityTime TimeStamp } juniTacacsPlusClientHostAuthRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of authentication requests sent to the host." ::= { juniTacacsPlusClientHostStatsEntry 1 } juniTacacsPlusClientHostAuthReplies OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of authentication replies received from the host." ::= { juniTacacsPlusClientHostStatsEntry 2 } juniTacacsPlusClientHostAuthPending OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of expected but not received authentication replies from the host." ::= { juniTacacsPlusClientHostStatsEntry 3 } juniTacacsPlusClientHostAuthTimeouts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of authentication timeouts for the host." ::= { juniTacacsPlusClientHostStatsEntry 4 } juniTacacsPlusClientHostAuthorRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of authorization requests sent to the host." ::= { juniTacacsPlusClientHostStatsEntry 5 } juniTacacsPlusClientHostAuthorReplies OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of authorization replies received from the host." ::= { juniTacacsPlusClientHostStatsEntry 6 } juniTacacsPlusClientHostAuthorPending OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of expected but not received authorization replies from the host." ::= { juniTacacsPlusClientHostStatsEntry 7 } juniTacacsPlusClientHostAuthorTimeouts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of authorization timeouts for the host." ::= { juniTacacsPlusClientHostStatsEntry 8 } juniTacacsPlusClientHostAcctRequests OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of accounting requests sent to the host." ::= { juniTacacsPlusClientHostStatsEntry 9 } juniTacacsPlusClientHostAcctReplies OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of accounting replies received from the host." ::= { juniTacacsPlusClientHostStatsEntry 10 } juniTacacsPlusClientHostAcctPending OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of expected but not received accounting replies from the host." ::= { juniTacacsPlusClientHostStatsEntry 11 } juniTacacsPlusClientHostAcctTimeouts OBJECT-TYPE SYNTAX Counter32 MAX-ACCESS read-only STATUS current DESCRIPTION "Number of accounting timeouts for the host." ::= { juniTacacsPlusClientHostStatsEntry 12 } juniTacacsPlusClientHostDiscontinuityTime OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "The value of sysUpTime when corresponding juniTacacsPlusHostConfigEntry was created, this object containg zero if host entry was created during system initializatin." ::= { juniTacacsPlusClientHostStatsEntry 13 } -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ -- Conformance information -- +++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ juniTacacsPlusClientConformance OBJECT IDENTIFIER ::= { juniTacacsPlusClientMIB 2 } juniTacacsPlusClientCompliances OBJECT IDENTIFIER ::= { juniTacacsPlusClientConformance 1 } juniTacacsPlusClientGroups OBJECT IDENTIFIER ::= { juniTacacsPlusClientConformance 2 } juniTacacsPlusCompliance MODULE-COMPLIANCE STATUS obsolete DESCRIPTION "Obsolete compliance statement for entities which implement the Juniper TACACS+ Client MIB." MODULE -- this module MANDATORY-GROUPS { juniTacacsPlusClientCommonGroup, juniTacacsPlusClientHostConfigGroup, juniTacacsPlusClientHostStatsGroup } ::= { juniTacacsPlusClientCompliances 1 } -- JUNOSe 4.1 juniTacacsPlusCompliance2 MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for entities which implement the Juniper TACACS+ Client MIB." MODULE -- this module MANDATORY-GROUPS { juniTacacsPlusClientCommonGroup, juniTacacsPlusClientHostConfigGroup2, juniTacacsPlusClientHostStatsGroup } ::= { juniTacacsPlusClientCompliances 2 } -- JUNOSe 5.3 -- -- units of conformance -- juniTacacsPlusClientCommonGroup OBJECT-GROUP OBJECTS { juniTacacsPlusClientDirectedRequest, juniTacacsPlusClientTimeout, juniTacacsPlusClientKey, juniTacacsPlusClientSourceIp } STATUS current DESCRIPTION "This group defines common configuration parameters for all hosts." ::= { juniTacacsPlusClientGroups 1 } juniTacacsPlusClientHostConfigGroup OBJECT-GROUP OBJECTS { juniTacacsPlusClientHostPort, juniTacacsPlusClientHostPrimary, juniTacacsPlusClientHostSingleConnection, juniTacacsPlusClientHostTimeout, juniTacacsPlusClientHostKey, juniTacacsPlusClientHostStatus } STATUS obsolete DESCRIPTION "Obsolete group for defining per host configuration parameters." ::= { juniTacacsPlusClientGroups 2 } juniTacacsPlusClientHostStatsGroup OBJECT-GROUP OBJECTS { juniTacacsPlusClientHostAuthRequests, juniTacacsPlusClientHostAuthReplies, juniTacacsPlusClientHostAuthPending, juniTacacsPlusClientHostAuthTimeouts, juniTacacsPlusClientHostAuthorRequests, juniTacacsPlusClientHostAuthorReplies, juniTacacsPlusClientHostAuthorPending, juniTacacsPlusClientHostAuthorTimeouts, juniTacacsPlusClientHostAcctRequests, juniTacacsPlusClientHostAcctReplies, juniTacacsPlusClientHostAcctPending, juniTacacsPlusClientHostAcctTimeouts, juniTacacsPlusClientHostDiscontinuityTime } STATUS current DESCRIPTION "This group defines statistics collected on per host basis." ::= { juniTacacsPlusClientGroups 3 } juniTacacsPlusClientHostConfigGroup2 OBJECT-GROUP OBJECTS { juniTacacsPlusClientHostPort, juniTacacsPlusClientHostPrimary, juniTacacsPlusClientHostSingleConnection, juniTacacsPlusClientHostTimeout, juniTacacsPlusClientHostKey, juniTacacsPlusClientHostStatus, juniTacacsPlusClientHostOrder } STATUS current DESCRIPTION "This group defines per host configuration parameters." ::= { juniTacacsPlusClientGroups 4 } END