mibs/nokia/aos7/ALCATEL-IND1-AAA-MIB
ALCATEL-IND1-AAA-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-IDENTITY, OBJECT-TYPE, IpAddress,
Integer32, Unsigned32, NOTIFICATION-TYPE
FROM SNMPv2-SMI
MacAddress, RowStatus
FROM SNMPv2-TC
MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
FROM SNMPv2-CONF
SnmpAdminString FROM SNMP-FRAMEWORK-MIB
InetAddressType, InetAddress, InetAddressPrefixLength
FROM INET-ADDRESS-MIB
softentIND1AAA
FROM ALCATEL-IND1-BASE;
alcatelIND1AAAMIB MODULE-IDENTITY
LAST-UPDATED "201311070000Z"
ORGANIZATION "Alcatel-Lucent"
CONTACT-INFO
"Please consult with Customer Service to ensure the most appropriate
version of this document is used with the products in question:
Alcatel-Lucent, Enterprise Solutions Division
(Formerly Alcatel Internetworking, Incorporated)
26801 West Agoura Road
Agoura Hills, CA 91301-5122
United States Of America
Telephone: North America +1 800 995 2696
Latin America +1 877 919 9526
Europe +31 23 556 0100
Asia +65 394 7933
All Other +1 818 878 4507
Electronic Mail: support@ind.alcatel.com
World Wide Web: http://alcatel-lucent.com/wps/portal/enterprise
File Transfer Protocol: ftp://ftp.ind.alcatel.com/pub/products/mibs"
DESCRIPTION
"This module describes an authoritative enterprise-specific Simple
Network Management Protocol (SNMP) Management Information Base (MIB):
For the Birds Of Prey Product Line
Authentication, Authorization, and Accounting (AAA) Subsystem.
The right to make changes in specification and other information
contained in this document without prior notice is reserved.
No liability shall be assumed for any incidental, indirect, special, or
consequential damages whatsoever arising from or related to this
document or the information contained herein.
Vendors, end-users, and other interested parties are granted
non-exclusive license to use this specification in connection with
management of the products for which it is intended to be used.
Copyright (C) 1995-2007 Alcatel-Lucent
ALL RIGHTS RESERVED WORLDWIDE"
REVISION "201005130000Z"
DESCRIPTION
"Fixed the Notifications to use MIB Module OID.0 as Notifications root."
REVISION "200704030000Z"
DESCRIPTION
"The latest version of this MIB Module."
::= { softentIND1AAA 1 }
alcatelIND1AAAMIBObjects OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Branch For Authentication, Authorization, and Accounting (AAA)
Subsystem Managed Objects."
::= { alcatelIND1AAAMIB 1 }
alcatelIND1AAAMIBConformance OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Branch For Authentication, Authorization, and Accounting (AAA)
Subsystem Conformance Information."
::= { alcatelIND1AAAMIB 2 }
alcatelIND1AAAMIBGroups OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Branch For Authentication, Authorization, and Accounting (AAA)
Subsystem Units Of Conformance."
::= { alcatelIND1AAAMIBConformance 1 }
alcatelIND1AAAMIBCompliances OBJECT-IDENTITY
STATUS current
DESCRIPTION
"Branch For Authentication, Authorization, and Accounting (AAA)
Subsystem Compliance Statements."
::= { alcatelIND1AAAMIBConformance 2 }
-- Overview of the AAA MIB
--
-- this MIB provides configuration of the AAA services including the
-- servers and the local user database
--
-- AAA server MIB
aaaServerMIB OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 1 }
--
-- Server configuration table
--
aaaServerTable OBJECT-TYPE
SYNTAX SEQUENCE OF AaaServerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table shows current configuration for each AAA server."
::= { aaaServerMIB 1 }
aaaServerEntry OBJECT-TYPE
SYNTAX AaaServerEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An AAA server configuration identified by its protocol
and its index. An entry is created/removed when a server
is defined or undefined with IOS configuration commands
via CLI or by issuing appropriate sets to this table
using snmp."
INDEX { aaasName }
::= { aaaServerTable 1 }
AaaServerEntry ::= SEQUENCE
{
aaasName SnmpAdminString,
aaasProtocol INTEGER,
aaasHostName SnmpAdminString,
aaasIpAddress IpAddress,
aaasHostName2 SnmpAdminString,
aaasIpAddress2 IpAddress,
aaasRetries Integer32,
aaasTimout Integer32,
aaasRadKey SnmpAdminString,
aaasRadAuthPort Integer32,
aaasRadAcctPort Integer32,
aaasLdapPort Integer32,
aaasLdapDn SnmpAdminString,
aaasLdapPasswd SnmpAdminString,
aaasLdapSearchBase SnmpAdminString,
aaasLdapServType INTEGER,
aaasLdapEnableSsl INTEGER,
aaasRowStatus RowStatus,
aaasTacacsKey SnmpAdminString,
aaasTacacsPort Integer32,
aaasVrfName SnmpAdminString,
aaasRadKeyHash SnmpAdminString,
aaasLdapPasswdHash SnmpAdminString,
aaasTacacsKeyHash SnmpAdminString
}
aaasName OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Name of the server.
This name is given by the operator to refer the server."
::= { aaaServerEntry 1}
aaasProtocol OBJECT-TYPE
SYNTAX INTEGER
{
radius(1),
ldap(2),
ace(3),
tacacs(4)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Protocol used with the server:
radius(1) - RADIUS
ldap(2) - LDAP
ace(3) - ACE
tacacs(4) - TACACS+"
::= { aaaServerEntry 2}
aaasHostName OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 64 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"DNS name of the server host."
::= { aaaServerEntry 3}
aaasIpAddress OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"IP address of the server host."
::= { aaaServerEntry 4}
aaasHostName2 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 64 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"DNS name of the backup server host."
::= { aaaServerEntry 5}
aaasIpAddress2 OBJECT-TYPE
SYNTAX IpAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"IP address of the backup server host."
::= { aaaServerEntry 6}
aaasRetries OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 32 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" Number of retries the switch makes to the server to
authenticate a user before trying the next backup server.
The default value is 3."
DEFVAL { 3 }
::= { aaaServerEntry 7}
aaasTimout OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 30 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Time-out for server replies to authentication requests.
The default value is 2."
DEFVAL { 2 }
::= { aaaServerEntry 8}
aaasRadKey OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 64 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The shared secret is a string of characters known to the switch
and to the RADIUS server, but it is not sent out over the network.
The secret can be any text string and must be configured here as
well as on the server. The secret is stored encrypted using a two
way algorithm."
::= { aaaServerEntry 9}
aaasRadAuthPort OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 65535 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For RADIUS server only.
Port number for authentication request;
the host is not used for authentication if set to 0.
The default value is 1645."
DEFVAL { 1645 }
::= { aaaServerEntry 10}
aaasRadAcctPort OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 65535 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For RADIUS server only.
Port number for accounting request;
the host is not used for authentication if set to 0.
The default value is 1646."
DEFVAL { 1646 }
::= { aaaServerEntry 11}
aaasLdapPort OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 65535 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For LDAP server only.
Port number for LDAP server host."
DEFVAL { 0 }
::= { aaaServerEntry 12}
aaasLdapDn OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 255 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For LDAP server only.
the super user dn, i.e., the administrative distinguished name
recognized by the LDAP-enabled directory servers
(e.g., cn=manager)"
::= { aaaServerEntry 13}
aaasLdapPasswd OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For LDAP server only.
the super user password, i.e., the administrative password
recognized by LDAP-enabled directory servers (e.g., secret).
The secret is stored encrypted using a two way algorithm."
::= { aaaServerEntry 14}
aaasLdapSearchBase OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 64 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For LDAP server only.
Search base recognized by LDAP-enabled
directory servers (e.g.,o=company, c=US)."
::= { aaaServerEntry 15}
aaasLdapServType OBJECT-TYPE
SYNTAX INTEGER
{
ns(0),
generic(1),
netscape(2),
novell(3),
sun(4),
microsoft(5)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For LDAP server only.
Directory server type used in LDAP Authentication:
ns(0) - non significant value
generic(1) - Generic Schema
netscape(2) - Netscape Directory Server
novell(3) - Novell NDS
sun(4) - Sun Directory Services
microsoft(5) - Microsoft Active Directory"
DEFVAL { netscape }
::= { aaaServerEntry 16}
aaasLdapEnableSsl OBJECT-TYPE
SYNTAX INTEGER
{
ns(0),
true(1),
false(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Only for LDAP server.
Specify if the connection between the swtich and the LDAP server
use a SSL session."
DEFVAL { false }
::= { aaaServerEntry 17}
aaasRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this table entry."
DEFVAL { notInService }
::= { aaaServerEntry 18}
aaasTacacsKey OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 64 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The shared secret is a string of characters known to the switch
and to the TACACS+ server, but it is not sent out over the network.
The secret can be any text string and must be configured here as
well as on the server. The secret is stored encrypted using a two
way algorithm."
::= { aaaServerEntry 19}
aaasTacacsPort OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 65535 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"For TACACS+ server only.
Port number for LDAP server host."
DEFVAL { 49 }
::= { aaaServerEntry 20}
aaasVrfName OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of the VRF that the server is on.
This VRF name is valid only when the server type is RADIUS.
(aaasProtocol = 1 (Radius)."
::= { aaaServerEntry 21}
aaasRadKeyHash OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 256 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The encrypted version of the aaasRadKey attribute."
::= { aaaServerEntry 22}
aaasLdapPasswdHash OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 256 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The encrypted version of the aaasLdapPasswd attribute."
::= { aaaServerEntry 23}
aaasTacacsKeyHash OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 256 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The encrypted version of the aaasTacacsKey attribute."
::= { aaaServerEntry 24}
-- AAA authentication accounting MIB
aaaAuthAcctMIB OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 2 }
--
-- Authenticated switch access configuration table
--
aaaAuthSATable OBJECT-TYPE
SYNTAX SEQUENCE OF AaaAuthSAEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table allow to display and modify the configuration of the
authentication servers for the switch accesses."
::= { aaaAuthAcctMIB 1 }
aaaAuthSAEntry OBJECT-TYPE
SYNTAX AaaAuthSAEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A switch access authentication entry is specified by the type
of access."
INDEX { aaatsInterface}
::= { aaaAuthSATable 1 }
AaaAuthSAEntry ::= SEQUENCE
{
aaatsInterface INTEGER,
aaatsName1 SnmpAdminString,
aaatsName2 SnmpAdminString,
aaatsName3 SnmpAdminString,
aaatsName4 SnmpAdminString,
aaatsRowStatus RowStatus,
aaatsCertificate INTEGER
}
aaatsInterface OBJECT-TYPE
SYNTAX INTEGER
{
default(1),
console(2),
telnet(3),
ftp(4),
http(5),
snmp(6),
ssh(7)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Type of connection that must be authenticated
default(1) -define the default authentication method for console,
telnet, ftp, snmp , http and ssh. If the operator
interface is not especially configured the default value
is applied to this interface."
::= { aaaAuthSAEntry 1}
aaatsName1 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of the server.
Special value 'local' correspond to the local database.
Other name correspond to an index value of the aaaServerTable
snmp entry can only use ldap server and local database."
::= { aaaAuthSAEntry 2}
aaatsName2 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of a server used if the precedent is not accessible.
Special value 'local' correspond to the local database.
Other name correspond to an index value of the aaaServerTable
snmp entry can only use ldap server and local database."
DEFVAL { "" }
::= { aaaAuthSAEntry 3}
aaatsName3 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of a server used if the precedent is not accessible.
Special value 'local' correspond to the local database.
Other name correspond to an index value of the aaaServerTable
snmp entry can only use ldap server and local database."
DEFVAL { "" }
::= { aaaAuthSAEntry 4}
aaatsName4 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of a server used if the precedent is not accessible.
Special value 'local' correspond to the local database.
Other name correspond to an index value of the aaaServerTable
snmp entry can only use ldap server and local database."
DEFVAL { "" }
::= { aaaAuthSAEntry 5}
aaatsRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this table entry."
DEFVAL { notInService }
::= { aaaAuthSAEntry 7}
aaatsCertificate OBJECT-TYPE
SYNTAX INTEGER
{
noCertificate(0),
certificateOnly(1),
certificateWithPassword(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"use of x509 user certificate during the HTTPs session establisment.
noCertificate(0)- no user certificate is required,
certificateOnly(1) - the DN from the certifiicate is used to access to the authorization
data of the user
certificateWithPassword(2) - the user must execute a log-in procedure with user
name and password after his certificate validation"
DEFVAL { noCertificate }
::= { aaaAuthSAEntry 8}
--
-- Accounting configuration table for switch accesses
--
aaaAcctSATable OBJECT-TYPE
SYNTAX SEQUENCE OF AaaAcctSAEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table shows current configuration for Switch access accounting."
::= { aaaAuthAcctMIB 2 }
aaaAcctSAEntry OBJECT-TYPE
SYNTAX AaaAcctSAEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Accounting configuration for switch access."
INDEX { aaacsInterface }
::= { aaaAcctSATable 1 }
AaaAcctSAEntry ::= SEQUENCE
{
aaacsInterface Integer32,
aaacsName1 SnmpAdminString,
aaacsName2 SnmpAdminString,
aaacsName3 SnmpAdminString,
aaacsName4 SnmpAdminString,
aaacsRowStatus RowStatus
}
aaacsInterface OBJECT-TYPE
SYNTAX Integer32 ( 1 .. 1 )
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"For now, accounting for console, telnet, ftp, http, snmp, ssh are stored
in the same set of servers, the index is always (1)."
::= { aaaAcctSAEntry 1}
aaacsName1 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of the server.
Special value 'local' correspond to the local log.
Other name correspond to an index value of the aaaServerTable
An Ace server can not be used for accounting."
::= { aaaAcctSAEntry 2}
aaacsName2 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of a server used if the precedent is not accessible.
Special value 'local' correspond to the local log.
Other name correspond to an index value of the aaaServerTable
An Ace server can not be used for accounting."
DEFVAL { "" }
::= { aaaAcctSAEntry 3}
aaacsName3 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of a server used if the precedent is not accessible.
Special value 'local' correspond to the local log.
Other name correspond to an index value of the aaaServerTable
An Ace server can not be used for accounting."
DEFVAL { "" }
::= { aaaAcctSAEntry 4}
aaacsName4 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of a server used if the precedent is not accessible.
Special value 'local' correspond to the local log.
Other name correspond to an index value of the aaaServerTable
An Ace server can not be used for accounting."
DEFVAL { "" }
::= { aaaAcctSAEntry 5}
aaacsRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this table entry."
DEFVAL { notInService }
::= { aaaAcctSAEntry 6}
--
-- Accounting configuration table for commands
--
aaaAcctCmdTable OBJECT-TYPE
SYNTAX SEQUENCE OF AaaAcctCmdEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table stores the commands that will be logged during an accounting session.
This feature is valid only for Tacacs+ accounting"
::= { aaaAuthAcctMIB 3 }
aaaAcctCmdEntry OBJECT-TYPE
SYNTAX AaaAcctCmdEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Tacacs+ Accounting configuration for executed commands."
INDEX { aaacmdInterface }
::= { aaaAcctCmdTable 1 }
AaaAcctCmdEntry ::= SEQUENCE
{
aaacmdInterface Integer32,
aaacmdSrvName1 SnmpAdminString,
aaacmdSrvName2 SnmpAdminString,
aaacmdSrvName3 SnmpAdminString,
aaacmdSrvName4 SnmpAdminString,
aaacmdRowStatus RowStatus
}
aaacmdInterface OBJECT-TYPE
SYNTAX Integer32 ( 1 .. 1 )
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"For now, accounting for console, telnet, ftp, http, snmp, ssh are stored
in the same set of servers, the index is always (1)."
::= { aaaAcctCmdEntry 1}
aaacmdSrvName1 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of the Tacacs+ server.
Other name correspond to an index value of the aaaServerTable"
::= { aaaAcctCmdEntry 2}
aaacmdSrvName2 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of the Tacacs+ server used if the precedent is not accessible.
Other name correspond to an index value of the aaaServerTable"
DEFVAL { "" }
::= { aaaAcctCmdEntry 3}
aaacmdSrvName3 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of the Tacacs+ server used if the precedent is not accessible.
Other name correspond to an index value of the aaaServerTable"
DEFVAL { "" }
::= { aaaAcctCmdEntry 4}
aaacmdSrvName4 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of the Tacacs+ server used if the precedent is not accessible.
Other name correspond to an index value of the aaaServerTable"
DEFVAL { "" }
::= { aaaAcctCmdEntry 5}
aaacmdRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this table entry."
DEFVAL { notInService }
::= { aaaAcctCmdEntry 6}
--
-- Authenticated Device configuration table
--
aaaAuthDATable OBJECT-TYPE
SYNTAX SEQUENCE OF AaaAuthDAEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table shows current configuration for MAC/Onex/Captive Portal authentication."
::= { aaaAuthAcctMIB 4 }
aaaAuthDAEntry OBJECT-TYPE
SYNTAX AaaAuthDAEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"configuration for MAC/Onex/Captive Portal authentication."
INDEX { aaadaInterface }
::= { aaaAuthDATable 1 }
AaaAuthDAEntry ::= SEQUENCE
{
aaadaInterface Integer32,
aaadaName1 SnmpAdminString,
aaadaName2 SnmpAdminString,
aaadaName3 SnmpAdminString,
aaadaName4 SnmpAdminString,
aaadaRowStatus RowStatus
}
aaadaInterface OBJECT-TYPE
SYNTAX Integer32 ( 1 .. 3 )
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"one for mac , two for 1x, three for captive portal authentication"
::= { aaaAuthDAEntry 1}
aaadaName1 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of the server.
It corresponds to an index value of the aaaServerTable
Only RADIUS server can be used in front hand."
::= { aaaAuthDAEntry 2}
aaadaName2 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of the server.
It corresponds to an index value of the aaaServerTable
Only RADIUS server can be used in front hand."
DEFVAL { "" }
::= { aaaAuthDAEntry 3}
aaadaName3 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of the server.
It corresponds to an index value of the aaaServerTable
Only RADIUS server can be used in front hand."
DEFVAL { "" }
::= { aaaAuthDAEntry 4}
aaadaName4 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of the server.
It corresponds to an index value of the aaaServerTable
Only RADIUS server can be used in front hand."
DEFVAL { "" }
::= { aaaAuthDAEntry 5}
aaadaRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this table entry."
DEFVAL { notInService }
::= { aaaAuthDAEntry 6}
aaaAcctDATable OBJECT-TYPE
SYNTAX SEQUENCE OF AaaAcctDAEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table shows current configuration for device access accounting."
::= { aaaAuthAcctMIB 5 }
aaaAcctDAEntry OBJECT-TYPE
SYNTAX AaaAcctDAEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Accounting configuration for device access."
INDEX { aaacdInterface }
::= { aaaAcctDATable 1 }
AaaAcctDAEntry ::= SEQUENCE
{
aaacdInterface Integer32,
aaacdName1 SnmpAdminString,
aaacdName2 SnmpAdminString,
aaacdName3 SnmpAdminString,
aaacdName4 SnmpAdminString,
aaacdRowStatus RowStatus,
aaacdSyslogIPAddrType InetAddressType,
aaacdSyslogIPAddr InetAddress,
aaacdSyslogUdpPort Unsigned32,
aaacdCallngStationId INTEGER
}
aaacdInterface OBJECT-TYPE
SYNTAX Integer32 ( 1 .. 3 )
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"accounting for mac ,onex & captive portal "
::= { aaaAcctDAEntry 1}
aaacdName1 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of the server.
Special value 'local' correspond to the local log.
Other name correspond to an index value of the aaaServerTable
for accounting."
::= { aaaAcctDAEntry 2}
aaacdName2 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of a server used if the precedent is not accessible.
Special value 'local' correspond to the local log.
Other name correspond to an index value of the aaaServerTable
for accounting."
DEFVAL { "" }
::= { aaaAcctDAEntry 3}
aaacdName3 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of a server used if the precedent is not accessible.
Special value 'local' correspond to the local log.
Other name correspond to an index value of the aaaServerTable
for accounting."
DEFVAL { "" }
::= { aaaAcctDAEntry 4}
aaacdName4 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 32 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Name of a server used if the precedent is not accessible.
Special value 'local' correspond to the local log.
Other name correspond to an index value of the aaaServerTable
for accounting."
DEFVAL { "" }
::= { aaaAcctDAEntry 5}
aaacdRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this table entry."
DEFVAL { notInService }
::= { aaaAcctDAEntry 6 }
aaacdSyslogIPAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Accounting Syslog IpAddress type"
::= { aaaAcctDAEntry 7 }
aaacdSyslogIPAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Accounting Syslog IpAddress "
::= { aaaAcctDAEntry 8 }
aaacdSyslogUdpPort OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Accounting Syslog Udp port "
DEFVAL { 514 }
::= { aaaAcctDAEntry 9 }
aaacdCallngStationId OBJECT-TYPE
SYNTAX INTEGER
{
mac(1),
ip(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Raduis Calling Station ID "
::= { aaaAcctDAEntry 10 }
alaAaaAuthConfig OBJECT IDENTIFIER ::= { aaaAuthAcctMIB 6 }
--
-- Global Objects for Onex/MAC/Captive Portal authentication/accounting
---
alaAaaOnexReAuthStatus OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Enable/Disable Reauthentication for user authenticated using Onex "
DEFVAL { disable }
::= { alaAaaAuthConfig 1 }
alaAaaOnexReAuthIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Reauthentication Interval for user authenticated using Onex "
DEFVAL { 3600 }
::= { alaAaaAuthConfig 2 }
alaAaaOnexReAuthTrustRadStatus OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Reauthentication Trust Radius status for user authenticated using Onex "
DEFVAL { disable }
::= { alaAaaAuthConfig 3 }
alaAaaOnexIntrmIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Accounting Interim Interval "
DEFVAL { 600 }
::= { alaAaaAuthConfig 4 }
alaAaaOnexIntmIntvlTrstRadSts OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Using Onex ,Interim Interval Trust Radius Status "
DEFVAL { disable }
::= { alaAaaAuthConfig 5 }
alaAaaMacIntrmIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Using Mac, Accounting Interim Interval "
DEFVAL { 600 }
::= { alaAaaAuthConfig 6 }
alaAaaMacIntmIntvlTrstRadStatus OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Using Mac ,Interim Interval Trust Radius Status "
DEFVAL { disable }
::= { alaAaaAuthConfig 7 }
alaAaaMacSessTimeoutStatus OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Using Mac,Interim Session Timeout Status "
DEFVAL { disable }
::= { alaAaaAuthConfig 8 }
alaAaaMacSessTimeoutIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Using Mac,Session Timeout Status Interval "
DEFVAL { 43200 }
::= { alaAaaAuthConfig 9 }
alaAaaMacSesTimeoutTrstRadStatus OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Session Timeout Radius Status for Mac based authenticated user "
DEFVAL { disable }
::= { alaAaaAuthConfig 10 }
alaAaaMacInActLogoutStatus OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Session Timeout Trust Radius Status for Captive Portal method based authenticated user "
DEFVAL { disable }
::= { alaAaaAuthConfig 11 }
alaAaaMacInActLogoutIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"InActivity logout Interval for MAC based authenticated user "
DEFVAL { 600 }
::= { alaAaaAuthConfig 12 }
alaAaaCpIntrmIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Using Captive Portal, Accounting Interim Interval "
DEFVAL { 600 }
::= { alaAaaAuthConfig 13 }
alaAaaCpIntmIntvlTrstRadStatus OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Using Captive Portal ,Interim Interval Trust Radius Status "
DEFVAL { disable }
::= { alaAaaAuthConfig 14 }
alaAaaCpSessTimeoutStatus OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Session Timeout Status for Captive Portal method based authenticated user "
DEFVAL { disable }
::= { alaAaaAuthConfig 15 }
alaAaaCpSessTimeoutIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Session Timeout Interval for Captive Portal method based authenticated user "
DEFVAL { 43200 }
::= { alaAaaAuthConfig 16 }
alaAaaCpSessTmotTrstRadStatus OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Session Timeout Trust Radius Status for Captive Portal method based authenticated user "
DEFVAL { disable }
::= { alaAaaAuthConfig 17 }
alaAaaCpInActLogoutStatus OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"InActivity logout Status for Captive Portal based authenticated user "
DEFVAL { disable }
::= { alaAaaAuthConfig 18 }
alaAaaCpInActLogoutIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"InActivity logout Interval for Captive Portal based authenticated user "
DEFVAL { 600 }
::= { alaAaaAuthConfig 19 }
alaAaaTacacsServerCmdAuthorization OBJECT-TYPE
SYNTAX INTEGER{
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Getting command based authorization from TACACS+ server"
::= { alaAaaAuthConfig 20 }
--
-- user local database configuration table
--
aaaUserMIB OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 3 }
aaaUserTable OBJECT-TYPE
SYNTAX SEQUENCE OF AaaUserEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table shows current configuration for the local user database."
::= { aaaUserMIB 1 }
aaaUserEntry OBJECT-TYPE
SYNTAX AaaUserEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An user configuration identified by its user name."
INDEX { aaauUserName }
::= { aaaUserTable 1 }
AaaUserEntry ::= SEQUENCE
{
aaauUserName SnmpAdminString,
aaauPassword SnmpAdminString,
aaauReadRight1 Unsigned32,
aaauReadRight2 Unsigned32,
aaauWriteRight1 Unsigned32,
aaauWriteRight2 Unsigned32,
aaauSnmpLevel INTEGER,
aaauSnmpAuthKey OCTET STRING,
aaauRowStatus RowStatus,
aaauOldPassword SnmpAdminString,
aaauPasswordExpirationDate SnmpAdminString,
aaauPasswordExpirationInMinute Integer32,
aaauPasswordAllowModifyDate SnmpAdminString,
aaauPasswordLockoutEnable INTEGER,
aaauBadAtempts Integer32,
aaauReadRight3 Unsigned32,
aaauReadRight4 Unsigned32,
aaauWriteRight3 Unsigned32,
aaauWriteRight4 Unsigned32,
aaauSnmpPrivPassword OCTET STRING
}
aaauUserName OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 63 ) )
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Name of the user."
::= { aaaUserEntry 1}
aaauPassword OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 47 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Password of the user. For get response the password in encoded in a
one way method. This makes the password readable by noone."
::= { aaaUserEntry 2}
aaauReadRight1 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Specifies the families that the user can execute with read right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, the user is allowed to run
commands of this family.First part of the bitmask.If the value is
not specified, the value configured for the 'default' user is taken"
::= { aaaUserEntry 3}
aaauReadRight2 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Specifies the families that the user can execute with read right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, the user is allowed to run
commands of this family.Second part of the bitmask.If the value is
not specified, the value configured for the 'default' user is taken"
::= { aaaUserEntry 4}
aaauWriteRight1 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Specifies the families that the user can execute with write right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, the user is allowed to run commands of
this family. First part of the bitmask.If the value is
not specified, the value configured for the 'default' user is taken"
::= { aaaUserEntry 5}
aaauWriteRight2 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Specifies the families that the user can execute with write right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, the user is allowed to run commands of
this family. Second part of the bitmask.If the value is
not specified, the value configured for the 'default' user is taken"
::= { aaaUserEntry 6}
aaauSnmpLevel OBJECT-TYPE
SYNTAX INTEGER
{
no(1),
noauth(2),
sha(3),
md5(4),
shaDes(5),
md5Des(6),
shaAes(7),
sha224(8),
sha256(9)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Specifies if the user is authorized to use SNMP and if yes its security level.
no(1) - Not authorized to use SNMP.
noauth(2) - SNMPv1,SNMPv2c or SNMPv3 without authentication.
sha(3) - SNMPv3 with SHA authentication and no encryption.
md5(4) - SNMPv3 with MD5 authentication and no encryption.
sha-des(5) - SNMPv3 with SHA authentication and DES encryption.
md5-des(6) - SNMPv3 with MD5 authentication and DES encryption.
sha-aes(7) - SNMPv3 with SHA authentication and AES encryption.
sha224(8) - SNMPv3 with SHA224 authentication and no encryption.
sha256(9) - SNMPv3 with SHA256 authentication and no encryption.
If the value is not specified, the value configured for the 'default' user
is taken"
::= { aaaUserEntry 7}
aaauSnmpAuthKey OBJECT-TYPE
SYNTAX OCTET STRING ( SIZE( 0 .. 255 ) )
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Authentication key of the user. The key is encoded in a two way method.
The encryption key is deducted from this key."
::= { aaaUserEntry 8}
aaauRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this table entry."
DEFVAL { notInService }
::= { aaaUserEntry 9}
aaauOldPassword OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 47 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Internal use"
::= { aaaUserEntry 10}
aaauPasswordExpirationDate OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 16 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The local time of when the password would be expired.
This date will be reset once the value of
aaaAsaDefaultPasswordExpirationInDays is updated.
Only the following format is valid:
mm/dd/yyyy hh:mm
where
mm - month (1-12)
dd - day (1-31)
yyyy - year (2000-2050)
hh - hour (1-24)
mm - minute (1-59)
Password will not be expired if set to empty string"
::= { aaaUserEntry 11}
aaauPasswordExpirationInMinute OBJECT-TYPE
SYNTAX Integer32 ( -1 .. 216000 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Number of minutes from now till the password expiration time.
Setting this object will update aaauPasswordExpirationDate.
If -1, password will not be expired.
If 0, password has been expired."
::= { aaaUserEntry 12}
aaauPasswordAllowModifyDate OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 16 ) )
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The local time of when the password can be start to be modified.
This date will be reset once the value of
aaauPasswordAllowModifyDate is updated.
Only the following format is valid:
mm/dd/yyyy hh:mm
where
mm - month (1-12)
dd - day (1-31)
yyyy - year (2000-2050)
hh - hour (1-24)
mm - minute (1-59)
Password will not be expired if set to empty string"
::= { aaaUserEntry 13}
aaauPasswordLockoutEnable OBJECT-TYPE
SYNTAX INTEGER {lockout(1),unlock(2),expired(3)}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Indicate whether this account is locked out."
DEFVAL { unlock }
::= { aaaUserEntry 14}
aaauBadAtempts OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 999 )
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Number bad password attempts in the observation window."
DEFVAL { 0 }
::= { aaaUserEntry 15}
aaauReadRight3 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Specifies the families that the user can execute with read right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, the user is allowed to run
commands of this family.First part of the bitmask.If the value is
not specified, the value configured for the 'default' user is taken"
::= { aaaUserEntry 16}
aaauReadRight4 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Specifies the families that the user can execute with read right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, the user is allowed to run
commands of this family.Second part of the bitmask.If the value is
not specified, the value configured for the 'default' user is taken"
::= { aaaUserEntry 17}
aaauWriteRight3 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Specifies the families that the user can execute with write right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, the user is allowed to run commands of
this family. First part of the bitmask.If the value is
not specified, the value configured for the 'default' user is taken"
::= { aaaUserEntry 18}
aaauWriteRight4 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Specifies the families that the user can execute with write right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, the user is allowed to run commands of
this family. Second part of the bitmask.If the value is
not specified, the value configured for the 'default' user is taken"
::= { aaaUserEntry 19}
aaauSnmpPrivPassword OBJECT-TYPE
SYNTAX OCTET STRING ( SIZE( 8 .. 30 ) )
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Authentication key of the user. The key is encoded in a two way method.
The encryption key is deducted from this key."
::= { aaaUserEntry 20}
-- ASA specific configuration MIB
aaaAsaConfig OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 4 }
--
-- ASA configuration group
--
aaaAsaPasswordSizeMin OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 31 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Minimum number of digits of the passwords
( nominator aaauPassword)."
DEFVAL { 0 }
::= { aaaAsaConfig 1}
aaaAsaDefaultPasswordExpirationInDays OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 150 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Default password expiration time in days to be applied to all users.
Updating this object will reset aaauPasswordExpirationDate.
Password expiration will not be enforced if set to 0."
DEFVAL { 0 }
::= { aaaAsaConfig 2}
aaaAsaPasswordContainUserName OBJECT-TYPE
SYNTAX INTEGER {enable(1),disable(2)}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Indicate whether check password contains username or not."
DEFVAL { disable }
::= { aaaAsaConfig 3}
aaaAsaPasswordMinUpperCase OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 7 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Minimum number of English uppercase characters required for password. 0 is disable"
DEFVAL { 0 }
::= { aaaAsaConfig 4}
aaaAsaPasswordMinLowerCase OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 7 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Minimum number of English lowercase characters required for password 0 is disable."
DEFVAL { 0 }
::= { aaaAsaConfig 5}
aaaAsaPasswordMinDigit OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 7 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Minimum number of base-10 digits required for password. 0 is disable"
DEFVAL { 0 }
::= { aaaAsaConfig 6}
aaaAsaPasswordMinNonAlphan OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 7 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Minimum number of non-alphanumeric required for password. 0 is disable"
DEFVAL { 0 }
::= { aaaAsaConfig 7}
aaaAsaPasswordHistory OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 24 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Password history feature will prevent users from repeatedly using the same password. 0 is disable"
DEFVAL { 4 }
::= { aaaAsaConfig 8}
aaaAsaPasswordMinAge OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 150 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The password can't be modified in these days. 0 is disable"
DEFVAL { 0 }
::= { aaaAsaConfig 9}
aaaAsaLockoutWindow OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 99999 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The window of time in which the system increments the bad logon count.(minutes) 0 is disable"
DEFVAL { 0 }
::= { aaaAsaConfig 10}
aaaAsaLockoutDuration OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 99999 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The amount of time that an account is locked due to the aaauLockoutThreshold being exceeded.(minutes) 0 is disable"
DEFVAL { 0 }
::= { aaaAsaConfig 11}
aaaAsaLockoutThreshold OBJECT-TYPE
SYNTAX Integer32 ( 0 .. 999 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The number of invalid logon attempts that are permitted before the account is locked out. 0 is disable"
DEFVAL { 0 }
::= { aaaAsaConfig 12}
aaaAsaAccessPolicyAdminConsoleOnly OBJECT-TYPE
SYNTAX INTEGER {enable(1),disable(2)}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Enable or disable AdminUser console only restriction"
DEFVAL { disable }
::= { aaaAsaConfig 13}
aaaAsaAccessMode OBJECT-TYPE
SYNTAX INTEGER { default (1),enhanced(2) }
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Set access mode to enhanced or default. 0 is default 1 is enhanced"
DEFVAL { default }
::= { aaaAsaConfig 14}
aaaAsaAccessIpLockoutThreshold OBJECT-TYPE
SYNTAX INTEGER(0..999)
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"When aaaAsaAccessMode is enhanced, This object indicates the value of the threshold for failed login
attempts from an IP address after which the IP address will be banned from switch access.
when aaaAsaAccessMode, this is set to 0, disable"
DEFVAL { 6 }
::= {aaaAsaConfig 15}
aaaAsaAccessManagementIpStatus OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" When aaaAsaAccessMode is enhanced, When enabled , session allowed only for
pre-configured/allowed management station defined in aaaSwitchAccessMgmtStationTable.
If disabled, any station can try to establish session is authenticated successfully,
when disabled aaaSwitchAccessMgmtStationTable will be destroyed.
When aaaAsaAccessMode is default, aaaAsaAccessManagementIpStatus will be disable"
DEFVAL { disable }
::= {aaaAsaConfig 16}
alaAaaClientAttr OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 5 }
--
-- Even in Client Attributes ,we may have different categories (like radius , tacas)so creating one more node
--
alaAaaRadClientGlobalAttr OBJECT IDENTIFIER ::= { alaAaaClientAttr 1 }
alaAaaRadNasPortId OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE(0 ..31 ) )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Radius Client Attribute NAS Port Identifier"
::= { alaAaaRadClientGlobalAttr 1 }
alaAaaRadNasIdentifier OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE(0 ..31 ) )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Radius Client Attribute NAS Identifier"
::= { alaAaaRadClientGlobalAttr 2 }
alaAaaRadUserNameDelim OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE(0 ..31 ) )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Radius Client Attribute user name delimiter"
::= { alaAaaRadClientGlobalAttr 3 }
alaAaaRadPasswordDelim OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE(0 ..31 ) )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Radius Client Attribute user password delimiter"
::= { alaAaaRadClientGlobalAttr 4 }
alaAaaRadCallnStnIdDelim OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE(0 ..31 ) )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Radius Client attribute Calling Station delimiter"
::= { alaAaaRadClientGlobalAttr 5 }
alaAaaRadCalldStnIdDelim OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE(0 ..31 ) )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Radius Client attribute Called Station delimiter"
::= { alaAaaRadClientGlobalAttr 6 }
alaAaaRadUserNameCase OBJECT-TYPE
SYNTAX INTEGER
{
lowerCase(1),
upperCase(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Radius client attribute UserName case"
DEFVAL { upperCase }
::= { alaAaaRadClientGlobalAttr 7 }
alaAaaRadPasswordCase OBJECT-TYPE
SYNTAX INTEGER
{
lowerCase(1),
upperCase(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Radius client attribute Password case"
DEFVAL { upperCase }
::= { alaAaaRadClientGlobalAttr 8 }
alaAaaRadCallingStationIdCase OBJECT-TYPE
SYNTAX INTEGER
{
lowerCase(1),
upperCase(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Radius client attribute CallingStationId case"
DEFVAL { upperCase }
::= { alaAaaRadClientGlobalAttr 9 }
alaAaaRadCalledStationIdCase OBJECT-TYPE
SYNTAX INTEGER
{
lowerCase(1),
upperCase(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Radius client attribute CalledStationId case"
DEFVAL { upperCase }
::= { alaAaaRadClientGlobalAttr 10 }
alaAaaProfileObjects OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 6 }
--
-- Even in Profiles ,we may have different categories so creating one more node
--
alaAaaProfileConfig OBJECT IDENTIFIER ::= { alaAaaProfileObjects 1 }
-- Profile table
-- AG AAA Profile will be created with this table
alaAaaProfTable OBJECT-TYPE
SYNTAX SEQUENCE OF AlaAaaProfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Table contain AAA profiles details for Onex/MAC/Captive Portal "
::= { alaAaaProfileConfig 1 }
alaAaaProfEntry OBJECT-TYPE
SYNTAX AlaAaaProfEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry defines AAA profile for Onex/MAC"
INDEX { alaAaaProfName }
::= { alaAaaProfTable 1 }
AlaAaaProfEntry ::= SEQUENCE
{
alaAaaProfName SnmpAdminString,
alaAaaProfOnexReAuthSts INTEGER,
alaAaaProfOnexReAuthIntrvl Integer32,
alaAaaProfOnexReAuthTrstRadSts INTEGER,
alaAaaProfOnexIntrmIntrvl Integer32,
alaAaaProfOnexIntmItvlTstRadSts INTEGER,
alaAaaProfMacIntrmIntrvl Integer32,
alaAaaProfMacIntmItvlTrstRadSts INTEGER,
alaAaaProfMacSessTimeoutSts INTEGER,
alaAaaProfMacSessTimeoutIntrvl Integer32,
alaAaaProfMacSessTmoutTrstRadSts INTEGER,
alaAaaProfMacInActLogoutSts INTEGER,
alaAaaProfMacInActLogoutIntrvl Integer32,
alaAaaProfCpSessTimeoutSts INTEGER,
alaAaaProfCpSessTimeoutIntrvl Integer32,
alaAaaProfCpSessTmotTrstRadSts INTEGER,
alaAaaProfCpInActLogoutSts INTEGER,
alaAaaProfCpInActLogoutIntrvl Integer32,
alaAaaProfCpIntrmIntrvl Integer32,
alaAaaProfCpItrmIntlTrstRadSts INTEGER,
alaAaaProfRadNasPortId SnmpAdminString,
alaAaaProfRadNasIdentifier SnmpAdminString,
alaAaaProfRadUserNameDelim SnmpAdminString,
alaAaaProfRadPasswrdDelim SnmpAdminString,
alaAaaProfRadCallnStnIdDelim SnmpAdminString,
alaAaaProfRadCalldStnIdDelim SnmpAdminString,
alaAaaProfRadUserNameCase INTEGER,
alaAaaProfRadPasswordCase INTEGER,
alaAaaProfRadCallnStnIdCase INTEGER,
alaAaaProfRadCalldStnIdCase INTEGER,
alaAaaProfRowStatus RowStatus
}
alaAaaProfName OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 1 .. 32 ) )
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" AAA profile name for Onex/MAC/Captive Portal authenticated sessions "
::= { alaAaaProfEntry 1 }
alaAaaProfOnexReAuthSts OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" AAA profile Re-auth Status for Onex authenticated sessions "
DEFVAL { disable }
::= { alaAaaProfEntry 2 }
alaAaaProfOnexReAuthIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" AAA profile Re-auth Interval for Onex authenticated sessions "
DEFVAL { 3600 }
::= { alaAaaProfEntry 3 }
alaAaaProfOnexReAuthTrstRadSts OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" AAA profile Re-auth Trust Radius Status for Onex authenticated sessions "
DEFVAL { disable }
::= { alaAaaProfEntry 4 }
alaAaaProfOnexIntrmIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" AAA profile Interium Interval for Onex authenticated sessions "
DEFVAL { 600 }
::= { alaAaaProfEntry 5 }
alaAaaProfOnexIntmItvlTstRadSts OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" AAA profile Interium Interval Trust Radius Status for Onex authenticated sessions "
DEFVAL { disable }
::= { alaAaaProfEntry 6 }
alaAaaProfMacIntrmIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" AAA profile Interium Interval for MAC authenticated sessions "
DEFVAL { 600 }
::= { alaAaaProfEntry 7 }
alaAaaProfMacIntmItvlTrstRadSts OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" AAA profile Interium Interval Trust Radius Status for MAC authenticated sessions "
DEFVAL { disable }
::= { alaAaaProfEntry 8 }
alaAaaProfMacSessTimeoutSts OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" AAA profile Session Timeout Status for MAC authenticated sessions "
DEFVAL { disable }
::= { alaAaaProfEntry 9 }
alaAaaProfMacSessTimeoutIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" AAA profile Session Timeout Interval for MAC authenticated sessions "
DEFVAL { 43200 }
::= { alaAaaProfEntry 10 }
alaAaaProfMacSessTmoutTrstRadSts OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" AAA profile Session Timeout Trust Radius Status for MAC authenticated sessions "
DEFVAL { disable }
::= { alaAaaProfEntry 11 }
alaAaaProfMacInActLogoutSts OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" AAA profile InActivity Logout Status for MAC authenticated sessions "
DEFVAL { disable }
::= { alaAaaProfEntry 12 }
alaAaaProfMacInActLogoutIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" AAA profile InActivity Logout Interval for MAC authenticated sessions "
DEFVAL { 600 }
::= { alaAaaProfEntry 13 }
alaAaaProfCpSessTimeoutSts OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"AAA profile Captive Portal Session Timeout Status. "
DEFVAL { disable }
::= { alaAaaProfEntry 14 }
alaAaaProfCpSessTimeoutIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"AAA profile Captive Portal Session Timeout Interval. "
DEFVAL { 432000 }
::= { alaAaaProfEntry 15 }
alaAaaProfCpSessTmotTrstRadSts OBJECT-TYPE
SYNTAX INTEGER
{
enable(1),
disable(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"AAA profile Captive Portal Session Timeout Trust radius Status "
DEFVAL { disable }
::= { alaAaaProfEntry 16 }
alaAaaProfCpInActLogoutSts OBJECT-TYPE
SYNTAX INTEGER
{
enable(1),
disable(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"AAA profile Captive Portal Inactivity Logout Status."
DEFVAL { disable }
::= { alaAaaProfEntry 17 }
alaAaaProfCpInActLogoutIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"AAA profile Captive Portal Inactivity Logout Interval."
DEFVAL { 600 }
::= { alaAaaProfEntry 18 }
alaAaaProfCpIntrmIntrvl OBJECT-TYPE
SYNTAX Integer32
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"AAA profile Captive Portal Interim Interval."
DEFVAL { 43200 }
::= { alaAaaProfEntry 19 }
alaAaaProfCpItrmIntlTrstRadSts OBJECT-TYPE
SYNTAX INTEGER
{
enable(1),
disable(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"AAA profile Captive Portal Interim Interval Trust Radius Status."
DEFVAL { disable }
::= { alaAaaProfEntry 20 }
alaAaaProfRadNasPortId OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE(0 ..31 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Radius Client Attribute NAS Port Identifier"
::= { alaAaaProfEntry 21 }
alaAaaProfRadNasIdentifier OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE(0 ..31 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Radius Client Attribute NAS Identifier"
::= { alaAaaProfEntry 22 }
alaAaaProfRadUserNameDelim OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE(0 ..31 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Radius Client Attribute user name delimiter"
::= { alaAaaProfEntry 23 }
alaAaaProfRadPasswrdDelim OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE(0 ..31 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Radius Client Attribute Password delimiter"
::= { alaAaaProfEntry 24 }
alaAaaProfRadCallnStnIdDelim OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE(0 ..31 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Radius Client attribute Calling Station delimiter"
::= { alaAaaProfEntry 25 }
alaAaaProfRadCalldStnIdDelim OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE(0 ..31 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Radius Client attribute Called Station delimiter"
::= { alaAaaProfEntry 26 }
alaAaaProfRadUserNameCase OBJECT-TYPE
SYNTAX INTEGER
{
lowerCase(1),
upperCase(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Radius client Attribute UserName case"
DEFVAL { upperCase }
::= { alaAaaProfEntry 27 }
alaAaaProfRadPasswordCase OBJECT-TYPE
SYNTAX INTEGER
{
lowerCase(1),
upperCase(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Radius client attribute Password case"
DEFVAL { upperCase }
::= { alaAaaProfEntry 28 }
alaAaaProfRadCallnStnIdCase OBJECT-TYPE
SYNTAX INTEGER
{
lowerCase(1),
upperCase(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Radius client attribute CallingStationId case"
DEFVAL { upperCase }
::= { alaAaaProfEntry 29 }
alaAaaProfRadCalldStnIdCase OBJECT-TYPE
SYNTAX INTEGER
{
lowerCase(1),
upperCase(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Radius client attribute CalledStationId case"
DEFVAL { upperCase }
::= { alaAaaProfEntry 30 }
alaAaaProfRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Row status of table ."
DEFVAL { notInService }
::= { alaAaaProfEntry 31 }
--
-- Profile based Authorization table
--
alaAaaProfAuthTable OBJECT-TYPE
SYNTAX SEQUENCE OF AlaAaaProfAuthEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table shows aaa profiles for configuring authentication server for MAC/Onex/Captive Portal"
::= { alaAaaProfileConfig 2 }
alaAaaProfAuthEntry OBJECT-TYPE
SYNTAX AlaAaaProfAuthEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"configuration for MAC/Onex authentication."
INDEX { alaAaaProfName, alaAaaProfAuthInterface}
::= { alaAaaProfAuthTable 1 }
AlaAaaProfAuthEntry ::= SEQUENCE
{
alaAaaProfAuthInterface INTEGER,
alaAaaProfAuthSrvName1 SnmpAdminString,
alaAaaProfAuthSrvName2 SnmpAdminString,
alaAaaProfAuthSrvName3 SnmpAdminString,
alaAaaProfAuthSrvName4 SnmpAdminString,
alaAaaProfAuthRowStatus RowStatus
}
alaAaaProfAuthInterface OBJECT-TYPE
SYNTAX INTEGER
{
mac(1),
dot1x(2),
captivePortal(3)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"one for mac, two for 1x,threee for Captive Portal"
::= { alaAaaProfAuthEntry 1}
alaAaaProfAuthSrvName1 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 31 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" Radius authenticated server"
::= { alaAaaProfAuthEntry 2}
alaAaaProfAuthSrvName2 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 31 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" Radius authenticated server"
::= { alaAaaProfAuthEntry 3}
alaAaaProfAuthSrvName3 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 31 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" Radius authenticated server"
::= { alaAaaProfAuthEntry 4}
alaAaaProfAuthSrvName4 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 31 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
" Radius authenticated server"
::= { alaAaaProfAuthEntry 5}
alaAaaProfAuthRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this table entry."
DEFVAL { notInService }
::= { alaAaaProfAuthEntry 6 }
--
-- Profile based Accounting table
--
alaAaaProfAcctTable OBJECT-TYPE
SYNTAX SEQUENCE OF AlaAaaProfAcctEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
" Profile Table for configuring radius accounting server for MAC/Onex authentication."
::= { alaAaaProfileConfig 3 }
alaAaaProfAcctEntry OBJECT-TYPE
SYNTAX AlaAaaProfAcctEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"configuration for MAC/Onex/Captive Portal accounting."
INDEX { alaAaaProfName, alaAaaProfAcctInterface}
::= { alaAaaProfAcctTable 1 }
AlaAaaProfAcctEntry ::= SEQUENCE
{
alaAaaProfAcctInterface INTEGER,
alaAaaProfAcctSrvName1 SnmpAdminString,
alaAaaProfAcctSrvName2 SnmpAdminString,
alaAaaProfAcctSrvName3 SnmpAdminString,
alaAaaProfAcctSrvName4 SnmpAdminString,
alaAaaProfAcctSyslogIPAddrType InetAddressType,
alaAaaProfAcctSyslogIPAddr InetAddress,
alaAaaProfAcctSyslogUdpPort Unsigned32,
alaAaaProfAcctCalingStationId INTEGER,
alaAaaProfAcctRowStatus RowStatus
}
alaAaaProfAcctInterface OBJECT-TYPE
SYNTAX INTEGER
{
mac(1),
dot1x(2),
captivePortal(3)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"one for mac, two for 1x, three for Captive Portal"
::= { alaAaaProfAcctEntry 1 }
alaAaaProfAcctSrvName1 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 31 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Radius accounting Server for Onex/MAC/Captive Portal accounting sessions."
::= { alaAaaProfAcctEntry 2 }
alaAaaProfAcctSrvName2 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 31 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Radius accounting Server for Onex/MAC/Captive Portal accounting sessions."
::= { alaAaaProfAcctEntry 3 }
alaAaaProfAcctSrvName3 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 31 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Radius accounting Server for Onex/MAC/Captive Portal accounting sessions."
::= { alaAaaProfAcctEntry 4 }
alaAaaProfAcctSrvName4 OBJECT-TYPE
SYNTAX SnmpAdminString ( SIZE( 0 .. 31 ) )
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Radius accounting Server for Onex/MAC/Captive Portal accounting sessions."
::= { alaAaaProfAcctEntry 5 }
alaAaaProfAcctSyslogIPAddrType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Accounting Syslog IpAddress type"
::= { alaAaaProfAcctEntry 6 }
alaAaaProfAcctSyslogIPAddr OBJECT-TYPE
SYNTAX InetAddress
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Accounting Syslog IpAddress "
::= { alaAaaProfAcctEntry 7 }
alaAaaProfAcctSyslogUdpPort OBJECT-TYPE
SYNTAX Unsigned32 (0..65535)
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Accounting Syslog Udp port "
DEFVAL { 514 }
::= { alaAaaProfAcctEntry 8 }
alaAaaProfAcctCalingStationId OBJECT-TYPE
SYNTAX INTEGER
{
mac(1),
ip(2)
}
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Raduis Calling Station ID "
::= { alaAaaProfAcctEntry 9 }
alaAaaProfAcctRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this table entry."
DEFVAL { notInService }
::= { alaAaaProfAcctEntry 10 }
-- START: AAA SWITCH ACCESS CONFIG-RELATED MIB---------------------
aaaSwitchAccessConfig OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 7 }
-- SwitchAccess config MIB --
aaaSwitchAccessMgmtStationTable OBJECT-TYPE
SYNTAX SEQUENCE OF AaaSwitchAccessMgmtStationEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table is used to configure SwitchAccess management station's Ip address."
::= {aaaSwitchAccessConfig 1 }
aaaSwitchAccessMgmtStationEntry OBJECT-TYPE
SYNTAX AaaSwitchAccessMgmtStationEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"SwitchAccessManagementStation configuration."
INDEX { aaaSwitchAccessMgmtStationIpType,
aaaSwitchAccessMgmtStationIpAddress,
aaaSwitchAccessMgmtStationIpPrefixLength
}
::= { aaaSwitchAccessMgmtStationTable 1 }
AaaSwitchAccessMgmtStationEntry ::= SEQUENCE
{
aaaSwitchAccessMgmtStationIpType InetAddressType,
aaaSwitchAccessMgmtStationIpAddress InetAddress,
aaaSwitchAccessMgmtStationIpPrefixLength InetAddressPrefixLength,
aaaSwitchAccessMgmtStationRowStatus RowStatus
}
aaaSwitchAccessMgmtStationIpType OBJECT-TYPE
SYNTAX InetAddressType { unknown(0), ipv4(1) }
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The Ip Address Type for the SwitchAccess management station"
::= { aaaSwitchAccessMgmtStationEntry 1 }
aaaSwitchAccessMgmtStationIpAddress OBJECT-TYPE
SYNTAX InetAddress (SIZE (4 | 16))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The Ip Address for the SwitchAccess management station"
::= { aaaSwitchAccessMgmtStationEntry 2 }
aaaSwitchAccessMgmtStationIpPrefixLength OBJECT-TYPE
SYNTAX InetAddressPrefixLength
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The prefix length that, when combined
with aaaSwitchAccessMgmtStationIpAddress , gives the prefix for this
entry. The InetAddressType is given by the
aaaSwitchAccessMgmtStationIpType object.
Currntly release supports only IPV4."
::= { aaaSwitchAccessMgmtStationEntry 3 }
aaaSwitchAccessMgmtStationRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The Rowstatus of the AaaSwitchAccessMgmtStationEntry."
::= { aaaSwitchAccessMgmtStationEntry 4 }
--
-- Banned IP list, this table will be populated by software
--
aaaSwitchAccessBannedIpTable OBJECT-TYPE
SYNTAX SEQUENCE OF AaaSwitchAccessBannedIpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table is populated by software for Banned Ip address."
::= {aaaSwitchAccessConfig 2}
aaaSwitchAccessBannedIpEntry OBJECT-TYPE
SYNTAX AaaSwitchAccessBannedIpEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"SwitchAccessManagementStation configuration."
INDEX {
aaaSwitchAccessBannedIpType,
aaaSwitchAccessBannedIpAddress
}
::= { aaaSwitchAccessBannedIpTable 1 }
AaaSwitchAccessBannedIpEntry ::= SEQUENCE
{
aaaSwitchAccessBannedIpType InetAddressType,
aaaSwitchAccessBannedIpAddress InetAddress,
aaaSwitchAccessBannedIpRowStatus RowStatus
}
aaaSwitchAccessBannedIpType OBJECT-TYPE
SYNTAX InetAddressType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"IP address type of banned IP"
::= { aaaSwitchAccessBannedIpEntry 1 }
aaaSwitchAccessBannedIpAddress OBJECT-TYPE
SYNTAX InetAddress (SIZE (4|16))
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"IP address of banned IP"
::= { aaaSwitchAccessBannedIpEntry 2 }
aaaSwitchAccessBannedIpRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"Rowstatus of the AaaSwitchAccessBannedIpEntry, Since this table
is populated by switch, only destroy action is allowed."
::= { aaaSwitchAccessBannedIpEntry 3 }
--
-- Switch Access Priv mask based on session type
--
aaaSwitchAccessPrivMaskTable OBJECT-TYPE
SYNTAX SEQUENCE OF AaaSwitchAccessPrivMaskEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table is used to define the user privilege based on access type along with users existing privilege level."
::= { aaaSwitchAccessConfig 3}
aaaSwitchAccessPrivMaskEntry OBJECT-TYPE
SYNTAX AaaSwitchAccessPrivMaskEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Priv mask configuration identified by the access type"
INDEX { aaaSwitchAccessType }
::= { aaaSwitchAccessPrivMaskTable 1 }
AaaSwitchAccessPrivMaskEntry ::= SEQUENCE
{
aaaSwitchAccessType INTEGER,
aaaSwitchAccessReadRight1 Unsigned32,
aaaSwitchAccessReadRight2 Unsigned32,
aaaSwitchAccessReadRight3 Unsigned32,
aaaSwitchAccessReadRight4 Unsigned32,
aaaSwitchAccessWriteRight1 Unsigned32,
aaaSwitchAccessWriteRight2 Unsigned32,
aaaSwitchAccessWriteRight3 Unsigned32,
aaaSwitchAccessWriteRight4 Unsigned32
}
aaaSwitchAccessType OBJECT-TYPE
SYNTAX INTEGER
{
console(1),
telnet(2),
ssh(3),
http(4),
https(5)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Type of connection for which privilege mask should be applied for.
If no specific privilege is configured, by default all the mode shall have
all the privilege for the user."
::= { aaaSwitchAccessPrivMaskEntry 1}
aaaSwitchAccessReadRight1 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the families through the access type can execute with read right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, through the access type the user is allowed to run
commands of this family.First part of the bitmask.If the value is
not specified, the value configured for the 'default'."
::= { aaaSwitchAccessPrivMaskEntry 2}
aaaSwitchAccessReadRight2 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the families through the access type can execute with read right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, through the access type the user is allowed to run
commands of this family.First part of the bitmask.If the value is
not specified, the value configured for the 'default'."
::= { aaaSwitchAccessPrivMaskEntry 3}
aaaSwitchAccessReadRight3 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the families through the access type can execute with read right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, through the access type the user is allowed to run
commands of this family.First part of the bitmask.If the value is
not specified, the value configured for the 'default'."
::= { aaaSwitchAccessPrivMaskEntry 4}
aaaSwitchAccessReadRight4 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the families through the access type can execute with read right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, through the access type the user is allowed to run
commands of this family.First part of the bitmask.If the value is
not specified, the value configured for the 'default'."
::= { aaaSwitchAccessPrivMaskEntry 5}
aaaSwitchAccessWriteRight1 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the families through the access type can execute with read right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, through the access type the user is allowed to run
commands of this family.First part of the bitmask.If the value is
not specified, the value configured for the 'default'."
::= { aaaSwitchAccessPrivMaskEntry 6}
aaaSwitchAccessWriteRight2 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the families through the access type can execute with read right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, through the access type the user is allowed to run
commands of this family.First part of the bitmask.If the value is
not specified, the value configured for the 'default'."
::= { aaaSwitchAccessPrivMaskEntry 7}
aaaSwitchAccessWriteRight3 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the families through the access type can execute with read right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, through the access type the user is allowed to run
commands of this family.First part of the bitmask.If the value is
not specified, the value configured for the 'default'."
::= { aaaSwitchAccessPrivMaskEntry 8}
aaaSwitchAccessWriteRight4 OBJECT-TYPE
SYNTAX Unsigned32 ( 0 .. 4294967295 )
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"Specifies the families through the access type can execute with read right.
Each bit of the 32-bit integer mask represents a command's family
number. When the family bit is set, through the access type the user is allowed to run
commands of this family.First part of the bitmask.If the value is
not specified, the value configured for the 'default'."
::= { aaaSwitchAccessPrivMaskEntry 9}
-- END: AAA SWITCH ACCESS CONFIG-RELATED MIB---------------------
--
-- User profile save
--
alaAaaUserProfileSave OBJECT-TYPE
SYNTAX INTEGER {
userProfile (1),
globalProfile (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object is used for saving the profiles to a file.
userProfile (1) : when set through CLI user profile file is created at /flash/switch/.profiles location and
synced accross Chassis/VC.
globalProfile (2): when set through CLI GlobalProfile.txt is generated and synced accross VC/Chassiss."
::= { alaAaaProfileConfig 4 }
alaAaaCommonCriteriaConfig OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 8 }
alaAaaCommonCriteriaMode OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
disable(2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION
" Enable/Disable Common Criteria mode."
DEFVAL { disable }
::= { alaAaaCommonCriteriaConfig 1 }
--
-- START: AAA TLS CONFIG-RELATED MIB---------------------
--
alaAaaTlsConfig OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 9 }
alaAaaTlsBaseConfig OBJECT IDENTIFIER ::= { alaAaaTlsConfig 1 }
alaAaaTlsCaFileName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Name of the CA bundle file (in PEM format) stored in /flash/switch directory."
::= { alaAaaTlsBaseConfig 1 }
alaAaaTlsCrlFileName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Name of the CRL file (in PEM format) stored in /flash/switch directory."
::= { alaAaaTlsBaseConfig 2 }
alaAaaTlsKeyFileName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Name of the rsa key file stored in /flash/switch directory."
::= { alaAaaTlsBaseConfig 3 }
alaAaaTlsSelfSignedCert OBJECT IDENTIFIER ::= { alaAaaTlsConfig 2 }
alaAaaTlsSelfSignedCertFileName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Name of the self-signed certificate file stored in /flash/switch directory."
::= { alaAaaTlsSelfSignedCert 1 }
alaAaaTlsSelfSignedCertKeyFileName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Name of the key file file stored in /flash/switch directory."
::= { alaAaaTlsSelfSignedCert 2 }
alaAaaTlsSelfSignedCertValidPeriod OBJECT-TYPE
SYNTAX Integer32 (0..3650)
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The valid period in days of certificate."
::= { alaAaaTlsSelfSignedCert 3 }
alaAaaTlsSelfSignedCertCommonName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The certificate common name."
::= { alaAaaTlsSelfSignedCert 4 }
alaAaaTlsSelfSignedCertOrgName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The certificate organization name ."
::= { alaAaaTlsSelfSignedCert 5 }
alaAaaTlsSelfSignedCertOrgUnit OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The certificate organization unit."
::= { alaAaaTlsSelfSignedCert 6 }
alaAaaTlsSelfSignedCertLocality OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Locality of the certificate organization."
::= { alaAaaTlsSelfSignedCert 7 }
alaAaaTlsSelfSignedCertState OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The state of certificate organization."
::= { alaAaaTlsSelfSignedCert 8 }
alaAaaTlsSelfSignedCertCountry OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (2))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The country of certificate organization."
::= { alaAaaTlsSelfSignedCert 9 }
alaAaaTlsSelfSignedCertAction OBJECT-TYPE
SYNTAX INTEGER
{
create (1),
delete (2)
}
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Create/delete self-signed certificate stored in /flash/switch directory."
::= { alaAaaTlsSelfSignedCert 10 }
alaAaaTlsCsr OBJECT IDENTIFIER ::= { alaAaaTlsConfig 3 }
alaAaaTlsCsrFileName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The domain name of csr file stored in /flash/switch directory."
::= { alaAaaTlsCsr 1 }
alaAaaTlsCsrKeyFileName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Name of key file stored in /flash/switch directory."
::= { alaAaaTlsCsr 2 }
alaAaaTlsCsrCommonName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The csr common name."
::= { alaAaaTlsCsr 3 }
alaAaaTlsCsrOrgName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The csr organization name ."
::= { alaAaaTlsCsr 4 }
alaAaaTlsCsrOrgUnit OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The csr organization unit."
::= { alaAaaTlsCsr 5 }
alaAaaTlsCsrLocality OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Locality of the certificate organization."
::= { alaAaaTlsCsr 6 }
alaAaaTlsCsrState OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (0..32))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The state of certificate organization."
::= { alaAaaTlsCsr 7 }
alaAaaTlsCsrCountry OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (2))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "The country of certificate organization."
::= { alaAaaTlsCsr 8 }
alaAaaTlsValidate OBJECT IDENTIFIER ::= { alaAaaTlsConfig 4 }
alaAaaTlsValidateCa OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (1..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Name of the CA certificate (in PEM format) used to validate."
::= { alaAaaTlsValidate 1 }
alaAaaTlsValidateCert OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (1..255))
MAX-ACCESS read-write
STATUS current
DESCRIPTION "Name of the certificate (in PEM format) needed to validate."
::= { alaAaaTlsValidate 2 }
--
-- END: AAA TLS CONFIG-RELATED MIB---------------------
--
--
-- Compliance Statements
--
alcatelIND1AAAMIBCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"Compliance statement for
Authentication, Authorization, and Accounting (AAA) Subsystem."
MODULE -- this module
MANDATORY-GROUPS
{
aaaServerMIBGroup,
aaaAuthAcctGroup,
aaaUserMIBGroup,
alaAaaClientAttrGroup,
alaAaaProfileObjectsGroup,
aaaSwitchAccessMIBGroup,
alaAaaCommonCriteriaGroup,
alaAaaTlsBaseConfigGroup,
alaAaaTlsSelfSignedCertGroup,
alaAaaTlsCsrGroup
}
::= { alcatelIND1AAAMIBCompliances 1 }
--
-- Units Of Conformance
--
aaaServerMIBGroup OBJECT-GROUP
OBJECTS
{
aaasProtocol, -- Server configuration table
aaasHostName,
aaasIpAddress,
aaasHostName2,
aaasIpAddress2,
aaasRetries,
aaasTimout,
aaasRadKey,
aaasRadAuthPort,
aaasRadAcctPort,
aaasLdapPort,
aaasLdapDn,
aaasLdapPasswd,
aaasLdapSearchBase,
aaasLdapServType,
aaasLdapEnableSsl,
aaasRowStatus,
aaasTacacsKey,
aaasTacacsPort,
aaasVrfName,
aaasRadKeyHash,
aaasLdapPasswdHash,
aaasTacacsKeyHash,
aaaAsaAccessMode,
aaaAsaAccessIpLockoutThreshold,
aaaAsaAccessManagementIpStatus
}
STATUS current
DESCRIPTION
"Collection of objects for management of AAA Server."
::= { alcatelIND1AAAMIBGroups 1 }
aaaAuthAcctGroup OBJECT-GROUP
OBJECTS
{
-- Authenticated switch access configuration table
aaatsName1,
aaatsName2,
aaatsName3,
aaatsName4,
aaatsRowStatus,
aaatsCertificate,
-- Accounting configuration table for switch accesses
aaacsName1,
aaacsName2,
aaacsName3,
aaacsName4,
aaacsRowStatus,
aaacmdSrvName1,
aaacmdSrvName2,
aaacmdSrvName3,
aaacmdSrvName4,
aaacmdRowStatus,
-- Device Authentication
aaadaInterface,
aaadaName1,
aaadaName2,
aaadaName3,
aaadaName4,
aaadaRowStatus,
-- Configuration Device Accounting
aaacdName1,
aaacdName2,
aaacdName3,
aaacdName4,
aaacdRowStatus,
aaacdSyslogIPAddrType,
aaacdSyslogIPAddr,
aaacdSyslogUdpPort,
aaacdCallngStationId,
-- Auth Config
alaAaaOnexReAuthStatus,
alaAaaOnexReAuthIntrvl,
alaAaaOnexReAuthTrustRadStatus,
alaAaaOnexIntrmIntrvl,
alaAaaOnexIntmIntvlTrstRadSts,
alaAaaMacIntrmIntrvl,
alaAaaMacIntmIntvlTrstRadStatus,
alaAaaMacSessTimeoutStatus,
alaAaaMacSessTimeoutIntrvl,
alaAaaMacSesTimeoutTrstRadStatus,
alaAaaMacInActLogoutStatus,
alaAaaMacInActLogoutIntrvl,
alaAaaCpSessTimeoutStatus,
alaAaaCpSessTimeoutIntrvl,
alaAaaCpSessTmotTrstRadStatus,
alaAaaCpIntrmIntrvl,
alaAaaCpIntmIntvlTrstRadStatus,
alaAaaCpInActLogoutStatus,
alaAaaCpInActLogoutIntrvl,
alaAaaTacacsServerCmdAuthorization
}
STATUS current
DESCRIPTION
"Collection of objects for management of AAA Authentication Accounting."
::= { alcatelIND1AAAMIBGroups 2 }
aaaUserMIBGroup OBJECT-GROUP
OBJECTS
{
-- User local database configuration table
aaauPassword,
aaauReadRight1,
aaauReadRight2,
aaauWriteRight1,
aaauWriteRight2,
aaauSnmpLevel,
aaauSnmpAuthKey,
aaauRowStatus,
aaauOldPassword,
aaauPasswordExpirationDate,
aaauPasswordExpirationInMinute,
aaauPasswordAllowModifyDate,
aaauPasswordLockoutEnable ,
aaauBadAtempts,
aaauReadRight3,
aaauReadRight4,
aaauWriteRight3,
aaauWriteRight4,
aaaAsaPasswordSizeMin, -- ASA specific configuration MIB
aaaAsaDefaultPasswordExpirationInDays,
aaaAsaPasswordContainUserName,
aaaAsaPasswordMinUpperCase,
aaaAsaPasswordMinLowerCase,
aaaAsaPasswordMinDigit,
aaaAsaPasswordMinNonAlphan,
aaaAsaPasswordHistory,
aaaAsaPasswordMinAge,
aaaAsaLockoutWindow,
aaaAsaLockoutDuration,
aaaAsaLockoutThreshold,
aaaAsaAccessPolicyAdminConsoleOnly,
aaauSnmpPrivPassword
}
STATUS current
DESCRIPTION
"Collection of objects for management of AAA User Local Database."
::= { alcatelIND1AAAMIBGroups 3 }
alaAaaClientAttrGroup OBJECT-GROUP
OBJECTS
{
alaAaaRadNasPortId,
alaAaaRadNasIdentifier,
alaAaaRadUserNameDelim,
alaAaaRadPasswordDelim,
alaAaaRadCallnStnIdDelim,
alaAaaRadCalldStnIdDelim,
alaAaaRadUserNameCase,
alaAaaRadPasswordCase,
alaAaaRadCallingStationIdCase,
alaAaaRadCalledStationIdCase
}
STATUS current
DESCRIPTION
"Collection of object for AAA client attributes"
::= { alcatelIND1AAAMIBGroups 4 }
alaAaaProfileObjectsGroup OBJECT-GROUP
OBJECTS
{
-- AAA Onex/MAC/Captive Portal Profile Table
alaAaaProfOnexReAuthSts,
alaAaaProfOnexReAuthIntrvl,
alaAaaProfOnexReAuthTrstRadSts,
alaAaaProfOnexIntrmIntrvl,
alaAaaProfOnexIntmItvlTstRadSts,
alaAaaProfMacIntrmIntrvl,
alaAaaProfMacIntmItvlTrstRadSts,
alaAaaProfMacSessTimeoutSts,
alaAaaProfMacSessTimeoutIntrvl,
alaAaaProfMacSessTmoutTrstRadSts,
alaAaaProfMacInActLogoutSts,
alaAaaProfMacInActLogoutIntrvl,
alaAaaProfCpSessTimeoutSts,
alaAaaProfCpSessTimeoutIntrvl,
alaAaaProfCpSessTmotTrstRadSts,
alaAaaProfCpInActLogoutSts,
alaAaaProfCpInActLogoutIntrvl,
alaAaaProfCpIntrmIntrvl,
alaAaaProfCpItrmIntlTrstRadSts,
alaAaaProfRadNasPortId,
alaAaaProfRadNasIdentifier,
alaAaaProfRadUserNameDelim,
alaAaaProfRadPasswrdDelim,
alaAaaProfRadCallnStnIdDelim,
alaAaaProfRadCalldStnIdDelim,
alaAaaProfRadUserNameCase,
alaAaaProfRadPasswordCase,
alaAaaProfRadCallnStnIdCase,
alaAaaProfRadCalldStnIdCase,
alaAaaProfRowStatus,
---Profile based authenticated table objects for Onex/MAC/Captive Portal
alaAaaProfAuthSrvName1,
alaAaaProfAuthSrvName2,
alaAaaProfAuthSrvName3,
alaAaaProfAuthSrvName4,
alaAaaProfAuthRowStatus,
---Profile based accounting table objects for Onex/MAC/Captive Portal
alaAaaProfAcctSrvName1,
alaAaaProfAcctSrvName2,
alaAaaProfAcctSrvName3,
alaAaaProfAcctSrvName4,
alaAaaProfAcctSyslogIPAddrType,
alaAaaProfAcctSyslogIPAddr,
alaAaaProfAcctSyslogUdpPort,
alaAaaProfAcctCalingStationId,
alaAaaProfAcctRowStatus,
---User Profile save object
alaAaaUserProfileSave
}
STATUS current
DESCRIPTION
"Collection of AAA profile objects"
::= { alcatelIND1AAAMIBGroups 5 }
aaaSwitchAccessMIBGroup OBJECT-GROUP
OBJECTS
{
aaaSwitchAccessMgmtStationRowStatus,
aaaSwitchAccessBannedIpRowStatus,
aaaSwitchAccessReadRight1,
aaaSwitchAccessReadRight2,
aaaSwitchAccessReadRight3,
aaaSwitchAccessReadRight4,
aaaSwitchAccessWriteRight1,
aaaSwitchAccessWriteRight2,
aaaSwitchAccessWriteRight3,
aaaSwitchAccessWriteRight4
}
STATUS current
DESCRIPTION
"Collection of objects for management of AAA Switch Access."
::= { alcatelIND1AAAMIBGroups 6 }
alaAaaCommonCriteriaGroup OBJECT-GROUP
OBJECTS
{
alaAaaCommonCriteriaMode
}
STATUS current
DESCRIPTION
"Collection of objects for common criteria."
::= { alcatelIND1AAAMIBGroups 7 }
alaAaaTlsBaseConfigGroup OBJECT-GROUP
OBJECTS
{
alaAaaTlsCaFileName,
alaAaaTlsCrlFileName,
alaAaaTlsKeyFileName
}
STATUS current
DESCRIPTION
"Collection of objects for management of AAA TLS base configuration."
::= { alcatelIND1AAAMIBGroups 8 }
alaAaaTlsSelfSignedCertGroup OBJECT-GROUP
OBJECTS
{
alaAaaTlsSelfSignedCertFileName,
alaAaaTlsSelfSignedCertKeyFileName,
alaAaaTlsSelfSignedCertValidPeriod,
alaAaaTlsSelfSignedCertCommonName,
alaAaaTlsSelfSignedCertOrgName,
alaAaaTlsSelfSignedCertOrgUnit,
alaAaaTlsSelfSignedCertLocality,
alaAaaTlsSelfSignedCertState,
alaAaaTlsSelfSignedCertCountry,
alaAaaTlsSelfSignedCertAction
}
STATUS current
DESCRIPTION
"Collection of objects for management of AAA TLS self-signed certificate."
::= { alcatelIND1AAAMIBGroups 9 }
alaAaaTlsCsrGroup OBJECT-GROUP
OBJECTS
{
alaAaaTlsCsrFileName,
alaAaaTlsCsrKeyFileName,
alaAaaTlsCsrCommonName,
alaAaaTlsCsrOrgName,
alaAaaTlsCsrOrgUnit,
alaAaaTlsCsrLocality,
alaAaaTlsCsrState,
alaAaaTlsCsrCountry
}
STATUS current
DESCRIPTION
"Collection of objects for management of AAA TLS CSR."
::= { alcatelIND1AAAMIBGroups 10 }
alaAaaTlsValidateGroup OBJECT-GROUP
OBJECTS
{
alaAaaTlsValidateCa,
alaAaaTlsValidateCert
}
STATUS current
DESCRIPTION
"Collection of objects for certificate validation."
::= { alcatelIND1AAAMIBGroups 11 }
END