773 lines
34 KiB
Plaintext
773 lines
34 KiB
Plaintext
-- Dot1x Advanced Features MIB overview:
|
|
-- Dot1x Advanced Features MIB falls under lb6m MIB node of the private subtree.
|
|
|
|
NETGEAR-DOT1X-ADVANCED-FEATURES-MIB DEFINITIONS ::= BEGIN
|
|
|
|
-- Netgear Dot1x Advanced Features MIB
|
|
-- Copyright Netgear Inc (2003-2007) All rights reserved.
|
|
|
|
-- This SNMP Management Information Specification
|
|
-- embodies Netgear Inc's confidential and proprietary
|
|
-- intellectual property. Netgear Inc retains all title
|
|
-- and ownership in the Specification including any revisions.
|
|
|
|
-- This Specification is supplied "AS IS", Netgear Inc
|
|
-- makes no warranty, either expressed or implied,
|
|
-- as to the use, operation, condition, or performance of the
|
|
-- Specification.
|
|
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE,
|
|
Unsigned32, TimeTicks FROM SNMPv2-SMI
|
|
dot1xPaePortNumber FROM IEEE8021-PAE-MIB
|
|
TEXTUAL-CONVENTION,
|
|
RowStatus,MacAddress,DateAndTime FROM SNMPv2-TC
|
|
DisplayString FROM RFC1213-MIB
|
|
lb6m FROM QUANTA-LB6M-REF-MIB;
|
|
|
|
|
|
fastPathdot1xAdvanced MODULE-IDENTITY
|
|
LAST-UPDATED "201101260000Z" -- 26 January 2011 12:00:00 GMT
|
|
ORGANIZATION "Netgear Inc"
|
|
CONTACT-INFO ""
|
|
|
|
DESCRIPTION
|
|
"The Netgear Private MIB for FastPath Dot1x Advanced Features "
|
|
|
|
-- Revision history.
|
|
REVISION
|
|
"201101260000Z" -- 26 January 2011 12:00:00 GMT
|
|
DESCRIPTION
|
|
"Postal address updated."
|
|
REVISION
|
|
"200705230000Z" -- 23 May 2007 12:00:00 GMT
|
|
DESCRIPTION
|
|
"Netgear branding related changes."
|
|
|
|
::= { lb6m 36 }
|
|
|
|
|
|
Dot1xPortControlMode ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The control values of the Authenticator PAE controlled
|
|
Port."
|
|
SYNTAX INTEGER {
|
|
forceUnauthorized(1),
|
|
auto(2),
|
|
forceAuthorized(3),
|
|
macBased(4)
|
|
}
|
|
|
|
Dot1xSessionTerminationAction ::= TEXTUAL-CONVENTION
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The action to be taken on session termination ."
|
|
SYNTAX INTEGER {
|
|
default(1),
|
|
reauthenticate(2)
|
|
}
|
|
|
|
agentDot1xEnhancementConfigGroup OBJECT IDENTIFIER ::= { fastPathdot1xAdvanced 1 }
|
|
|
|
agentDot1xRadiusVlanAssignment OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable/Disable dot1x Vlan Assignment Support on the switch."
|
|
DEFVAL { disable }
|
|
::= { agentDot1xEnhancementConfigGroup 1 }
|
|
|
|
agentDot1xDynamicVlanCreationMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable/Disable dot1x dynamic vlan creation Support on the switch."
|
|
DEFVAL { disable }
|
|
::= { agentDot1xEnhancementConfigGroup 2 }
|
|
|
|
agentDot1xEapolFloodMode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Enable/Disable dot1x eapol flooding mode on the switch."
|
|
DEFVAL { disable }
|
|
::= { agentDot1xEnhancementConfigGroup 3 }
|
|
|
|
--**************************************************************************************
|
|
-- agentDot1xPortConfigGroup -> Contains MIB objects configuring/displaying Dot1x Port details
|
|
-- and associated Functionality
|
|
--
|
|
--**************************************************************************************
|
|
|
|
agentDot1xPortConfigGroup OBJECT IDENTIFIER ::= { fastPathdot1xAdvanced 2 }
|
|
|
|
--------------------------------------------------------------
|
|
-- The Dot1x Enhanced Port Table
|
|
--------------------------------------------------------------
|
|
|
|
agentDot1xPortConfigTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AgentDot1xPortConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "A table for dot1x enhanced Port details and associated functionality."
|
|
::= { agentDot1xPortConfigGroup 1 }
|
|
|
|
agentDot1xPortConfigEntry OBJECT-TYPE
|
|
SYNTAX AgentDot1xPortConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Represents entry for port config table."
|
|
INDEX { dot1xPaePortNumber}
|
|
::= {agentDot1xPortConfigTable 1 }
|
|
|
|
AgentDot1xPortConfigEntry ::= SEQUENCE {
|
|
agentDot1xPortControlMode
|
|
Dot1xPortControlMode,
|
|
agentDot1xGuestVlanId
|
|
Unsigned32,
|
|
agentDot1xGuestVlanPeriod
|
|
Unsigned32,
|
|
agentDot1xUnauthenticatedVlan
|
|
Unsigned32,
|
|
agentDot1xMaxUsers
|
|
Unsigned32,
|
|
agentDot1xPortVlanAssigned
|
|
Unsigned32,
|
|
agentDot1xPortVlanAssignedReason
|
|
INTEGER,
|
|
agentDot1xPortSessionTimeout
|
|
Unsigned32,
|
|
agentDot1xPortTerminationAction
|
|
Dot1xSessionTerminationAction,
|
|
agentDot1xPortMABenabled
|
|
INTEGER,
|
|
agentDot1xPortMABenabledOperational
|
|
INTEGER
|
|
|
|
}
|
|
|
|
agentDot1xPortControlMode OBJECT-TYPE
|
|
SYNTAX Dot1xPortControlMode
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Dot1x port control mode of this port.The Port control mode .
|
|
The port control mode for this interface can take the following values ,
|
|
force-unauthorized - the port is in unauthorized mode,
|
|
auto-Port based mode. If a client authenticates suscessfully, then the interface is authorized .
|
|
Otherwise, the port is in unauthorized mode.
|
|
If more than one clients are attached to the port , then only one client needs to authenticate to allow other clients access.
|
|
force-authorized - The port is placed in authorized mode
|
|
macBased - If more than one client is attached to the port, then each client needs to authenticate separately.
|
|
This object depcreates dot1xAuthAuthControlledPortControl object in IEEE8021-PAE-MIB"
|
|
DEFVAL {auto}
|
|
::= { agentDot1xPortConfigEntry 1}
|
|
|
|
agentDot1xGuestVlanId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the Guest Vlan of the port. A port will
|
|
be moved to its Guest Vlan if no client sucessfully
|
|
authenticates on that port for the Guest Vlan Period.
|
|
A value of zero indicates no Guest Vlan is configured for the interface."
|
|
DEFVAL {0}
|
|
::= { agentDot1xPortConfigEntry 2}
|
|
|
|
agentDot1xGuestVlanPeriod OBJECT-TYPE
|
|
SYNTAX Unsigned32 (1..300)
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The value, in seconds, of the guestVlanPeriod constant
|
|
currently in use for Guest Vlan Assignment for the
|
|
port ."
|
|
DEFVAL { 90 }
|
|
::= { agentDot1xPortConfigEntry 3 }
|
|
|
|
|
|
agentDot1xUnauthenticatedVlan OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the Unauthenticated Vlan of the port. A port will
|
|
be moved to its unauthenticated Vlan if the client authenticates unsucessfully
|
|
on that port .
|
|
A value of zero indicates no Unauthenticated Vlan is configured for the port. "
|
|
DEFVAL {0}
|
|
::= { agentDot1xPortConfigEntry 4}
|
|
|
|
agentDot1xMaxUsers OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Specifies the maximum users or clients that can authenticate on this port when the port control mode is macBased. "
|
|
::= { agentDot1xPortConfigEntry 5}
|
|
|
|
agentDot1xPortVlanAssigned OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Specifies the vlan the port is assigned to by Dot1x .
|
|
Only relevant if the port control mode of the port is auto. "
|
|
DEFVAL {0}
|
|
::= { agentDot1xPortConfigEntry 6}
|
|
|
|
agentDot1xPortVlanAssignedReason OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
default(1),
|
|
radius(2),
|
|
unauthenticatedVlan(3),
|
|
guestVlan(4),
|
|
voiceVlan(5),
|
|
monitorVlan(6),
|
|
notAssigned(7)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Reason the port is assigned to the vlan specified by agentDot1xPortVlanAssigned .
|
|
Only relevant if the port control mode of the port is auto. "
|
|
DEFVAL {5}
|
|
::= { agentDot1xPortConfigEntry 7}
|
|
|
|
agentDot1xPortSessionTimeout OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Specifies the session timeout value assigned by the Radius server for this port .
|
|
Only relevant if the port control mode of the port is auto. "
|
|
::= { agentDot1xPortConfigEntry 8}
|
|
|
|
agentDot1xPortTerminationAction OBJECT-TYPE
|
|
SYNTAX Dot1xSessionTerminationAction
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Specifies the session termination action assigned by the Radius Server .This is the action taken when the session times out .
|
|
Only relevant if the port control mode of the port is auto. "
|
|
DEFVAL {1}
|
|
::= { agentDot1xPortConfigEntry 9}
|
|
|
|
agentDot1xPortMABenabled OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Specifies if Mac-based bypass authentication is configured for the port. "
|
|
DEFVAL {2}
|
|
::= { agentDot1xPortConfigEntry 10}
|
|
|
|
agentDot1xPortMABenabledOperational OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Displays the operational value of the Mac-based authentication bypass mode (MAB) on the port. "
|
|
DEFVAL {2}
|
|
::= { agentDot1xPortConfigEntry 11}
|
|
|
|
--**************************************************************************************
|
|
-- agentDot1xClientConfigGroup -> Contains MIB objects displaying Dot1x Client details and
|
|
-- associated Functionality
|
|
--
|
|
--**************************************************************************************
|
|
|
|
agentDot1xClientConfigGroup OBJECT IDENTIFIER ::= { fastPathdot1xAdvanced 3 }
|
|
|
|
agentDot1xClientConfigTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AgentDot1xClientConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "A table for dot1x Client details and associated functionality."
|
|
::= { agentDot1xClientConfigGroup 1 }
|
|
|
|
agentDot1xClientConfigEntry OBJECT-TYPE
|
|
SYNTAX AgentDot1xClientConfigEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Represents entry for port config table."
|
|
INDEX { agentDot1xClientMacAddress}
|
|
::= {agentDot1xClientConfigTable 1 }
|
|
|
|
AgentDot1xClientConfigEntry ::= SEQUENCE {
|
|
agentDot1xClientMacAddress
|
|
MacAddress,
|
|
agentDot1xLogicalPort
|
|
Unsigned32,
|
|
agentDot1xInterface
|
|
Unsigned32,
|
|
agentDot1xClientAuthPAEstate
|
|
INTEGER,
|
|
agentDot1xClientBackendState
|
|
INTEGER,
|
|
agentDot1xClientUserName
|
|
DisplayString,
|
|
agentDot1xClientSessionTime
|
|
Unsigned32,
|
|
agentDot1xClientFilterID
|
|
DisplayString,
|
|
agentDot1xClientVlanAssigned
|
|
Unsigned32,
|
|
agentDot1xClientVlanAssignedReason
|
|
INTEGER,
|
|
agentDot1xClientSessionTimeout
|
|
Unsigned32,
|
|
agentDot1xClientTerminationAction
|
|
Dot1xSessionTerminationAction
|
|
}
|
|
|
|
agentDot1xClientMacAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the client MAC address of the client. "
|
|
::= { agentDot1xClientConfigEntry 1}
|
|
|
|
agentDot1xLogicalPort OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the client MAC address of the client . "
|
|
::= { agentDot1xClientConfigEntry 2}
|
|
|
|
agentDot1xInterface OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the physical interface to which the client is attached . "
|
|
::= { agentDot1xClientConfigEntry 3}
|
|
|
|
agentDot1xClientAuthPAEstate OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
initialize(1),
|
|
disconnected(2),
|
|
connecting(3),
|
|
authenticating(4),
|
|
authenticated(5),
|
|
aborting(6),
|
|
held(7),
|
|
forceAuth(8),
|
|
forceUnauth(9)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The current value of the Authenticator PAE state
|
|
machine for the client."
|
|
::={ agentDot1xClientConfigEntry 4}
|
|
|
|
agentDot1xClientBackendState OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
request(1),
|
|
response(2),
|
|
success(3),
|
|
fail(4),
|
|
timeout(5),
|
|
idle(6),
|
|
initialize(7)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The current state of the Backend Authentication
|
|
state machine."
|
|
::={ agentDot1xClientConfigEntry 5}
|
|
|
|
agentDot1xClientUserName OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the username with which the client is authenticated to the Radius server .
|
|
This value is only valid when the client is in authenticated state. "
|
|
::= { agentDot1xClientConfigEntry 6}
|
|
|
|
agentDot1xClientSessionTime OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the time elapsed in seconds since the client was authenticated in this session.
|
|
This value is only valid when the client is in authenticated state. "
|
|
::= { agentDot1xClientConfigEntry 7}
|
|
|
|
agentDot1xClientFilterID OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the Filter ID or Diffserv Policy name to be applied to the session .
|
|
This vlaue is populated only if it has been assigned by the RADIUS server.
|
|
This value is only valid when the client is in authenticated state."
|
|
::= { agentDot1xClientConfigEntry 8}
|
|
|
|
agentDot1xClientVlanAssigned OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the vlan the client is associated with by Dot1x .
|
|
This value is only valid when the client is in authenticated state."
|
|
::= { agentDot1xClientConfigEntry 9}
|
|
|
|
agentDot1xClientVlanAssignedReason OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
default(1),
|
|
radius(2),
|
|
unauthenticatedVlan(3),
|
|
monitorVlan(6),
|
|
invalid(7)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Reason the client is associated to the vlan specified by agentDot1xClientVlanAssigned .
|
|
This value is only valid when the client is in authenticated state."
|
|
::= { agentDot1xClientConfigEntry 10}
|
|
|
|
agentDot1xClientSessionTimeout OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the session time remaining for the client if assigned by the Radius server .
|
|
A value of 0 indicates that no session timeout was assigned by the RADIUS server.
|
|
This value is only valid when the client is in authenticated state. "
|
|
::= { agentDot1xClientConfigEntry 11}
|
|
|
|
agentDot1xClientTerminationAction OBJECT-TYPE
|
|
SYNTAX Dot1xSessionTerminationAction
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the session termination action assigned by the Radius Server .
|
|
This is the action taken when the session times out .
|
|
This value is only valid when the client is in authenticated state. "
|
|
::= { agentDot1xClientConfigEntry 12}
|
|
|
|
|
|
|
|
--**************************************************************************************
|
|
-- agentDot1xMonitorModeConfigGroup -> Contains MIB objects configuring/displaying Dot1x
|
|
-- Monitor Mode details and associated Functionality
|
|
--
|
|
--**************************************************************************************
|
|
agentDot1xMonitorModeConfigGroup OBJECT IDENTIFIER ::= { fastPathdot1xAdvanced 4 }
|
|
|
|
agentDot1xMonitorModeEnabled OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION "Enable/Disable Dot1x Monitor mode
|
|
Support on the switch."
|
|
DEFVAL { disable }
|
|
::= { agentDot1xMonitorModeConfigGroup 1 }
|
|
|
|
agentDot1xMonitorModeClients OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Retrieves the number of clients that got
|
|
authenticated by Monitor mode globally."
|
|
::= { agentDot1xMonitorModeConfigGroup 2 }
|
|
|
|
agentDot1xNonMonitorModeClients OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Retrieves the number of clients that are granted access by Dot1x with no monitor mode enabled."
|
|
::= { agentDot1xMonitorModeConfigGroup 3 }
|
|
|
|
|
|
--**************************************************************************************
|
|
-- agentDot1xMonitorModeConfigGroup -> Contains MIB objects configuring/displaying Dot1x
|
|
-- Monitor Mode details and associated Functionality
|
|
--
|
|
--**************************************************************************************
|
|
agentDot1xAuthHistoryResultsGroup OBJECT IDENTIFIER ::= { fastPathdot1xAdvanced 5 }
|
|
|
|
agentDot1xPortAuthHistoryResultTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AgentDot1xPortAuthHistoryResultEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "A table to display the dot1x monitor mode results."
|
|
::= { agentDot1xAuthHistoryResultsGroup 1 }
|
|
|
|
agentDot1xPortAuthHistoryResultEntry OBJECT-TYPE
|
|
SYNTAX AgentDot1xPortAuthHistoryResultEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Represents Dot1x Authentication results for a Dot1x Authentication History table."
|
|
INDEX { agentDot1xAuthHistoryResultIfaceIndex,
|
|
agentDot1xAuthHistoryResultIndex}
|
|
::= {agentDot1xPortAuthHistoryResultTable 1 }
|
|
|
|
AgentDot1xPortAuthHistoryResultEntry ::= SEQUENCE {
|
|
agentDot1xAuthHistoryResultIfaceIndex Unsigned32,
|
|
agentDot1xAuthHistoryResultIndex Unsigned32,
|
|
agentDot1xAuthHistoryResultTimeStamp DateAndTime,
|
|
agentDot1xAuthHistoryResultAge TimeTicks,
|
|
agentDot1xAuthHistoryResultMacAddress MacAddress,
|
|
agentDot1xAuthHistoryResultVlanId Unsigned32,
|
|
agentDot1xAuthHistoryResultAuthStatus INTEGER,
|
|
agentDot1xAuthHistoryResultAccessStatus INTEGER,
|
|
agentDot1xAuthHistoryResultFilterID DisplayString,
|
|
agentDot1xAuthHistoryResultVlanAssigned Unsigned32,
|
|
agentDot1xAuthHistoryResultVlanAssignedType INTEGER,
|
|
agentDot1xAuthHistoryResultReasonCode INTEGER
|
|
}
|
|
|
|
agentDot1xAuthHistoryResultIfaceIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the physical Bridge Port on which dot1x Auth event
|
|
might be received."
|
|
::= { agentDot1xPortAuthHistoryResultEntry 1 }
|
|
|
|
agentDot1xAuthHistoryResultIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Reference to the Dot1x Authentication history table maintained."
|
|
::= { agentDot1xPortAuthHistoryResultEntry 2 }
|
|
|
|
agentDot1xAuthHistoryResultTimeStamp OBJECT-TYPE
|
|
SYNTAX DateAndTime
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the exact time of Dot1x Authentication
|
|
event information occurred maintained in the
|
|
history table."
|
|
::= { agentDot1xPortAuthHistoryResultEntry 3 }
|
|
|
|
agentDot1xAuthHistoryResultAge OBJECT-TYPE
|
|
SYNTAX TimeTicks
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Time since the authentication entry was added to the history table. It is displayed in days, hours, minutes, and seconds."
|
|
::= { agentDot1xPortAuthHistoryResultEntry 4 }
|
|
|
|
agentDot1xAuthHistoryResultMacAddress OBJECT-TYPE
|
|
SYNTAX MacAddress
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the client MAC Address maintained in
|
|
the Dot1x Authentication history table."
|
|
::= { agentDot1xPortAuthHistoryResultEntry 5 }
|
|
|
|
agentDot1xAuthHistoryResultVlanId OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the VLANID maintained in the history
|
|
table. It is the VLANID which is failed to
|
|
associate to the port during authentication process.
|
|
The VLANID is identified distinctly by the Reason
|
|
code for the respective entry. Valid only when the
|
|
reason code is set to 13 (VLAN assignment failure).
|
|
In all the other cases, VLANID is set to 0. "
|
|
::= { agentDot1xPortAuthHistoryResultEntry 6 }
|
|
|
|
agentDot1xAuthHistoryResultAuthStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
success(1),
|
|
failure(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the Dot1x Authentication status (Success or Failure) for the Dot1x Authentication event takes place. "
|
|
::= { agentDot1xPortAuthHistoryResultEntry 7 }
|
|
|
|
agentDot1xAuthHistoryResultAccessStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
granted(1),
|
|
denied(2)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
" Authentication access status indicates the exact status of the dot1x client.
|
|
Granted means the client is allowed access to the network using dot1x or monitor mode.
|
|
Denied means the client is not allowed access to the network."
|
|
::= { agentDot1xPortAuthHistoryResultEntry 8 }
|
|
|
|
agentDot1xAuthHistoryResultFilterID OBJECT-TYPE
|
|
SYNTAX DisplayString
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the Filter ID or Diffserv Policy name assigned by the RADIUS server.
|
|
This value is only valid when the client is in authenticated state."
|
|
::= { agentDot1xPortAuthHistoryResultEntry 9 }
|
|
|
|
agentDot1xAuthHistoryResultVlanAssigned OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the VLANID maintained in the history
|
|
table (It is the VLANID Assigned to a Port or Client authenticate)."
|
|
::= { agentDot1xPortAuthHistoryResultEntry 10 }
|
|
|
|
agentDot1xAuthHistoryResultVlanAssignedType OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
default(1),
|
|
radius(2),
|
|
unauthenticatedVlan(3),
|
|
guestVlan(4),
|
|
voiceVlan(5),
|
|
monitorVlan(6),
|
|
notAssigned(7)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Specifies the VLAN Assigned Reason maintained in the history
|
|
table."
|
|
::= { agentDot1xPortAuthHistoryResultEntry 11 }
|
|
|
|
|
|
agentDot1xAuthHistoryResultReasonCode OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
supplicant-timeout(1),
|
|
eapol-timeout(2),
|
|
radius-request-timeout(3),
|
|
radius-auth-failure(4),
|
|
radius-auth-comm-failure(5),
|
|
radius-challenge-process-invalid-nas-port(6),
|
|
radius-challenge-process-wrong-eap-msg(7),
|
|
radius-request-send-msg-error(8),
|
|
radius-accept-process-invalid-nas-port(9),
|
|
radius-accept-process-wrong-eap-msg(10),
|
|
radius-accept-filter-assignment-failure(11),
|
|
radius-accept-diffserv-not-present(12),
|
|
radius-accept-vlan-assignment-failure(13),
|
|
vlan-assignment-feature-not-enabled(14),
|
|
radius-success(15),
|
|
local-auth-user-not-found(16),
|
|
local-auth-user-no-access(17),
|
|
local-auth-md5-validation-failure(18),
|
|
local-auth-invalid-eap-type(19),
|
|
local-failure(20),
|
|
local-success(21),
|
|
radius-invalid-radius-status(22),
|
|
guest-vlan-timer-expiry(23),
|
|
undefined-auth-method(24),
|
|
reject-auth-method(25),
|
|
invalid-auth-method(26),
|
|
auth-method-not-configured(27),
|
|
unauth-vlan-not-created(28),
|
|
guest-vlan-not-created(29),
|
|
radius-accept-invalid-vlan-failure(30)
|
|
}
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION "Specifies the Dot1x authentication reason
|
|
refered by the result index on a port."
|
|
::= { agentDot1xPortAuthHistoryResultEntry 12 }
|
|
|
|
|
|
agentDot1xAuthHistoryResultsClear OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to enable(1), all Dot1x Authentication History information will be reset."
|
|
DEFVAL { disable }
|
|
::= { agentDot1xAuthHistoryResultsGroup 2 }
|
|
|
|
--**************************************************************************************
|
|
-- agentDot1xPortAuthHistoryResultClearTable
|
|
--
|
|
--**************************************************************************************
|
|
|
|
agentDot1xPortAuthHistoryResultClearTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF AgentDot1xPortAuthHistoryResultClearEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "A table to clear the dot1x monitor mode results per interface."
|
|
::= { agentDot1xAuthHistoryResultsGroup 3 }
|
|
|
|
agentDot1xPortAuthHistoryResultClearEntry OBJECT-TYPE
|
|
SYNTAX AgentDot1xPortAuthHistoryResultClearEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION "Represents to clear the Dot1x Authentication results for a Dot1x Authentication History table."
|
|
INDEX { agentDot1xAuthHistoryResultIfIndex }
|
|
::= {agentDot1xPortAuthHistoryResultClearTable 1 }
|
|
|
|
AgentDot1xPortAuthHistoryResultClearEntry ::= SEQUENCE {
|
|
agentDot1xAuthHistoryResultIfIndex Unsigned32,
|
|
agentDot1xPortAuthHistoryResultsClear INTEGER
|
|
}
|
|
|
|
agentDot1xAuthHistoryResultIfIndex OBJECT-TYPE
|
|
SYNTAX Unsigned32
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object represents the physical Bridge Port on which dot1x Auth event
|
|
might be received."
|
|
::= { agentDot1xPortAuthHistoryResultClearEntry 1 }
|
|
|
|
|
|
agentDot1xPortAuthHistoryResultsClear OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"When set to enable(1), all Dot1x Authentication History information for
|
|
the given port will be reset. The value is write-only. Attempt to read
|
|
will return disable(2)."
|
|
DEFVAL { disable }
|
|
::= { agentDot1xPortAuthHistoryResultClearEntry 2 }
|
|
|
|
|
|
END
|