516 lines
20 KiB
Plaintext
516 lines
20 KiB
Plaintext
-- This file was included in Ciena MIB release MIBS-CIENA-CES-08-07-00-024
|
|
--
|
|
-- CIENA-CES-8021X-MIB.my
|
|
--
|
|
|
|
|
|
CIENA-CES-8021X-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
Integer32, OBJECT-TYPE, MODULE-IDENTITY, NOTIFICATION-TYPE
|
|
FROM SNMPv2-SMI
|
|
DisplayString, TruthValue
|
|
FROM SNMPv2-TC
|
|
cienaCesNotifications, cienaCesConfig
|
|
FROM CIENA-SMI
|
|
cienaGlobalSeverity, cienaGlobalMacAddress
|
|
FROM CIENA-GLOBAL-MIB
|
|
dot1xPaeSystemAuthControl
|
|
FROM IEEE8021-PAE-MIB;
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42
|
|
cienaCes8021xMIB MODULE-IDENTITY
|
|
LAST-UPDATED "201708220000Z"
|
|
ORGANIZATION
|
|
"Ciena Corp."
|
|
CONTACT-INFO
|
|
" Mib Meister
|
|
7035 Ridge Road
|
|
Hanover, Maryland 21076
|
|
USA
|
|
Phone: +1 800 921 1144
|
|
Email: support@ciena.com"
|
|
DESCRIPTION
|
|
"The MIB module is for 802.1x supplicant and authenticator
|
|
information."
|
|
REVISION
|
|
"201708220000Z"
|
|
DESCRIPTION
|
|
"Initial creation. Based on WWP-LEOS-8021X-MIB update 201510020000Z"
|
|
::= { cienaCesConfig 42 }
|
|
|
|
|
|
--
|
|
-- Node definitions
|
|
--
|
|
-- 1.3.6.1.4.1.1271.2.1.42.1
|
|
cienaCes8021xConf OBJECT IDENTIFIER ::= { cienaCes8021xMIB 1 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.1.1
|
|
cienaCes8021xGroups OBJECT IDENTIFIER ::= { cienaCes8021xConf 1 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.1.2
|
|
cienaCes8021xCompls OBJECT IDENTIFIER ::= { cienaCes8021xConf 2 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2
|
|
cienaCes8021xObjs OBJECT IDENTIFIER ::= { cienaCes8021xMIB 2 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.1
|
|
cienaCes8021xPortTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CienaCes8021xPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Table with an entry for every port on the switch"
|
|
::= { cienaCes8021xObjs 1 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.1.1
|
|
cienaCes8021xPortEntry OBJECT-TYPE
|
|
SYNTAX CienaCes8021xPortEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (conceptual row) in the cienaCes8021xPortTable."
|
|
INDEX { cienaCes8021xPort }
|
|
::= { cienaCes8021xPortTable 1 }
|
|
|
|
CienaCes8021xPortEntry ::=
|
|
SEQUENCE {
|
|
cienaCes8021xPort Unsigned32,
|
|
cienaCes8021xRole INTEGER,
|
|
cienaCes8021xAuthPortStatsClear INTEGER,
|
|
cienaCes8021xNotificationAuthenticationEvent INTEGER
|
|
}
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.1.1.1
|
|
cienaCes8021xPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Pgid of the port"
|
|
::= { cienaCes8021xPortEntry 1 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.1.1.2
|
|
cienaCes8021xRole OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
none(1),
|
|
supplicant(2),
|
|
authenticator(3),
|
|
both(4)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"802.1x role of the Port."
|
|
::= { cienaCes8021xPortEntry 2 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.1.1.3
|
|
cienaCes8021xAuthPortStatsClear OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Setting this MIB object to 'true' clears the authenticator port statistics."
|
|
::= { cienaCes8021xPortEntry 3 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.1.1.4
|
|
cienaCes8021xNotificationAuthenticationEvent OBJECT-TYPE
|
|
SYNTAX INTEGER
|
|
{
|
|
success(1),
|
|
failure(2),
|
|
timeout(3)
|
|
}
|
|
MAX-ACCESS accessible-for-notify
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object identifies the type of authentication event being communicated
|
|
in the notification in which this object is located."
|
|
::= { cienaCes8021xPortEntry 4 }
|
|
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.3
|
|
cienaCes8021xEvents OBJECT IDENTIFIER ::= { cienaCes8021xMIB 3 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.3.0
|
|
cienaCes8021xEventsV2 OBJECT IDENTIFIER ::= { cienaCes8021xEvents 0 }
|
|
|
|
--
|
|
-- Extension to dot1xSuppConfigTable Supplicant MIB
|
|
--
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2
|
|
cienaCes8021xSuppTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF CienaCes8021xSuppEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A table that contains the configuration objects for the
|
|
Supplicant PAE associated with each port.
|
|
An entry appears in this table for each port that may
|
|
authenticate itself when challenged by a remote system."
|
|
::= { cienaCes8021xObjs 2 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1
|
|
cienaCes8021xSuppEntry OBJECT-TYPE
|
|
SYNTAX CienaCes8021xSuppEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The configuration information for a Supplicant PAE."
|
|
INDEX { cienaCes8021xSuppPort }
|
|
::= { cienaCes8021xSuppTable 1 }
|
|
|
|
CienaCes8021xSuppEntry ::=
|
|
SEQUENCE {
|
|
cienaCes8021xSuppPort Unsigned32,
|
|
cienaCes8021xSuppUserName DisplayString,
|
|
cienaCes8021xSuppPassword DisplayString,
|
|
cienaCes8021xSuppPortStatsClear INTEGER,
|
|
cienaCes8021xSuppEAPMethod INTEGER,
|
|
cienaCes8021xSuppEAPAllowedMethods BITS,
|
|
cienaCes8021xSuppOperationalState INTEGER,
|
|
cienaCes8021xSuppMutualAuthenticationAdminState INTEGER,
|
|
cienaCes8021xSuppCheckCertificateTimeAdminState INTEGER,
|
|
cienaCes8021xSuppMutualAuthenticationOperState INTEGER,
|
|
cienaCes8021xSuppCheckCertificateTimeOperState INTEGER,
|
|
cienaCes8021xSuppDeviceCertificateStatus INTEGER,
|
|
cienaCes8021xSuppSecret OCTET STRING,
|
|
cienaCes8021xSuppAdminState INTEGER,
|
|
cienaCes8021xSuppEAPVersion Integer32,
|
|
cienaCes8021xSuppOCSPAdminState INTEGER,
|
|
cienaCes8021xSuppCertificateName DisplayString,
|
|
cienaCes8021xSuppMinimumTlsVersion INTEGER,
|
|
cienaCes8021xSuppPeerCertReauthAdminState INTEGER
|
|
}
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.1
|
|
cienaCes8021xSuppPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The MIB object is used as an index in the table and specifies the pgid of the port."
|
|
::= { cienaCes8021xSuppEntry 1 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.2
|
|
cienaCes8021xSuppUserName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..32))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Username for authenticating this supplicant, also used as the 802.1x identity.
|
|
Setting this object to zero length string resets the username."
|
|
::= { cienaCes8021xSuppEntry 2 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.3
|
|
cienaCes8021xSuppPassword OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..128))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The password used with cienaCes8021xSuppUserName for EAP-MD5 authentication.
|
|
Doing a get on this object always returns a zero length string for security reasons."
|
|
::= { cienaCes8021xSuppEntry 3 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.5
|
|
cienaCes8021xSuppPortStatsClear OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Setting this MIB object to 'true' clears the supplicant port statistics."
|
|
::= { cienaCes8021xSuppEntry 5 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.10
|
|
cienaCes8021xSuppEAPMethod OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
eapMd5(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS obsolete
|
|
DESCRIPTION
|
|
"Obsolete. Use cienaCes8021xSuppEAPAllowedMethods instead."
|
|
::= { cienaCes8021xSuppEntry 10 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.11
|
|
cienaCes8021xSuppEAPAllowedMethods OBJECT-TYPE
|
|
SYNTAX BITS {
|
|
eapMd5(0),
|
|
eapTls(1)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Extensible Authentication Protocol methods allowed for this supplicant."
|
|
::= { cienaCes8021xSuppEntry 11 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.12
|
|
cienaCes8021xSuppOperationalState OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disabled(1),
|
|
enabled(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the operational state of this supplicant."
|
|
::= { cienaCes8021xSuppEntry 12 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.13
|
|
cienaCes8021xSuppMutualAuthenticationAdminState OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disabled(1),
|
|
enabled(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Administratively enables/disables authentication of the
|
|
server by the supplicant. Applies to EAP-TLS."
|
|
::= { cienaCes8021xSuppEntry 13 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.14
|
|
cienaCes8021xSuppCheckCertificateTimeAdminState OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disabled(1),
|
|
enabled(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Administratively enables/disables checking of the server's
|
|
certificate timestamp when doing mutual authentication.
|
|
Applies to EAP-TLS."
|
|
::= { cienaCes8021xSuppEntry 14 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.15
|
|
cienaCes8021xSuppMutualAuthenticationOperState OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disabled(1),
|
|
enabled(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the operative state of mutual authentication checking.
|
|
Applies to EAP-TLS."
|
|
::= { cienaCes8021xSuppEntry 15 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.16
|
|
cienaCes8021xSuppCheckCertificateTimeOperState OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disabled(1),
|
|
enabled(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the operative state of certificate time stamp checking when
|
|
doing mutual authentication. Applies to EAP-TLS."
|
|
::= { cienaCes8021xSuppEntry 16 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.17
|
|
cienaCes8021xSuppDeviceCertificateStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
valid(1),
|
|
invalid(2),
|
|
notPresent(3)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Returns the state of the supplicant device certificate.
|
|
Applies to EAP-TLS."
|
|
::= { cienaCes8021xSuppEntry 17 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.18
|
|
cienaCes8021xSuppSecret OBJECT-TYPE
|
|
SYNTAX OCTET STRING(SIZE(0..259))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Sets the pre-encrypted secret that shall be used along with the
|
|
username specified by cienaCes8021xSuppUserName to gain access
|
|
on a port. A get returns the encrypted secret for the supplicant."
|
|
::= { cienaCes8021xSuppEntry 18}
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.19
|
|
cienaCes8021xSuppAdminState OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disabled(1),
|
|
enabled(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to specify the user administrative state
|
|
of the supplicant port."
|
|
::= { cienaCes8021xSuppEntry 19 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.20
|
|
cienaCes8021xSuppEAPVersion OBJECT-TYPE
|
|
SYNTAX Integer32 (1..2)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to specify the EAPoL version of the supplicant
|
|
port."
|
|
::= { cienaCes8021xSuppEntry 20 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.21
|
|
cienaCes8021xSuppOCSPAdminState OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disabled(1),
|
|
enabled(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Administratively enables/disables OCSP checking of the server's
|
|
certificate when doing mutual authentication.
|
|
Applies to EAP-TLS."
|
|
::= { cienaCes8021xSuppEntry 21 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.22
|
|
cienaCes8021xSuppCertificateName OBJECT-TYPE
|
|
SYNTAX DisplayString (SIZE(0..32))
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Name of the certificate to be used for authenticating this supplicant.
|
|
Applies to EAP-TLS."
|
|
::= { cienaCes8021xSuppEntry 22 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.23
|
|
cienaCes8021xSuppMinimumTlsVersion OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
version1dot0(1),
|
|
version1dot1(2),
|
|
version1dot2(3)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is used to specify the minimum TLS version that can be
|
|
used by the supplicant port.
|
|
Applies to EAP-TLS."
|
|
::= { cienaCes8021xSuppEntry 23 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.2.1.24
|
|
cienaCes8021xSuppPeerCertReauthAdminState OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
disabled(1),
|
|
enabled(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Administratively enables/disables peer certificate reauthentication
|
|
on this supplicant.
|
|
Applies to EAP-TLS."
|
|
::= { cienaCes8021xSuppEntry 24 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.3
|
|
cienaCes8021xGlobalAttrs OBJECT IDENTIFIER ::= { cienaCes8021xObjs 3 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.3.1
|
|
cienaCes8021xAuthStatsClear OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Setting this MIB object to 'true' clears the authenticator global statistics."
|
|
::= { cienaCes8021xGlobalAttrs 1 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.1.42.2.3.2
|
|
cienaCes8021xSuppStatsClear OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Setting this MIB object to 'true' clears the supplicant global statistics."
|
|
::= { cienaCes8021xGlobalAttrs 2 }
|
|
|
|
--
|
|
-- Notifications
|
|
--
|
|
|
|
-- 1.3.6.1.4.1.1271.2.2.101
|
|
cienaCes8021xMIBNotificationPrefix OBJECT IDENTIFIER ::= { cienaCesNotifications 101 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.2.101.0
|
|
cienaCes8021xMIBNotification OBJECT IDENTIFIER ::= { cienaCes8021xMIBNotificationPrefix 0 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.2.101.0.1
|
|
cienaCes8021xSuppAuthenticationEvent NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
cienaGlobalSeverity,
|
|
cienaGlobalMacAddress,
|
|
cienaCes8021xPort,
|
|
cienaCes8021xNotificationAuthenticationEvent
|
|
}
|
|
STATUS current
|
|
DESCRIPTION "This notification is generated when a supplicant authentication event,
|
|
as identified by the value of cienaCes8021xNotificationAuthenticationEvent
|
|
has occurred on the port identified by cienaCes8021xPort."
|
|
::= { cienaCes8021xMIBNotification 1 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.2.101.0.2
|
|
cienaCes8021xAuthAuthenticationEvent NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
cienaGlobalSeverity,
|
|
cienaGlobalMacAddress,
|
|
cienaCes8021xPort,
|
|
cienaCes8021xNotificationAuthenticationEvent
|
|
}
|
|
STATUS current
|
|
DESCRIPTION "This notification is generated when a authenticator authentication event,
|
|
as identified by the value of cienaCes8021xNotificationAuthenticationEvent
|
|
has occurred on the port identified by cienaCes8021xPort."
|
|
::= { cienaCes8021xMIBNotification 2 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.2.101.0.3
|
|
cienaCes8021xGlobalStateChangeEvent NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
cienaGlobalSeverity,
|
|
cienaGlobalMacAddress,
|
|
dot1xPaeSystemAuthControl
|
|
}
|
|
STATUS current
|
|
DESCRIPTION "This notification is generated when the dot1x global state is
|
|
changed."
|
|
::= { cienaCes8021xMIBNotification 3 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.2.101.0.4
|
|
cienaCes8021xAuthConfigChangeEvent NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
cienaGlobalSeverity,
|
|
cienaGlobalMacAddress,
|
|
cienaCes8021xPort
|
|
}
|
|
STATUS current
|
|
DESCRIPTION "This notification is generated when a configuration change is made
|
|
in a dot1x authentication port."
|
|
::= { cienaCes8021xMIBNotification 4 }
|
|
|
|
-- 1.3.6.1.4.1.1271.2.2.101.0.5
|
|
cienaCes8021xSuppConfigChangeEvent NOTIFICATION-TYPE
|
|
OBJECTS {
|
|
cienaGlobalSeverity,
|
|
cienaGlobalMacAddress,
|
|
cienaCes8021xPort
|
|
}
|
|
STATUS current
|
|
DESCRIPTION "This notification is generated when a configuration change is made
|
|
in a dot1x supplicant port."
|
|
::= { cienaCes8021xMIBNotification 5 }
|
|
|
|
END
|
|
|
|
--
|
|
-- CIENA-CES-8021X-MIB.my
|
|
--
|