-- Dot1x Advanced Features MIB overview: -- Dot1x Advanced Features MIB falls under fastPath MIB node of the private subtree. FASTPATH-DOT1X-ADVANCED-FEATURES-MIB DEFINITIONS ::= BEGIN -- Broadcom Corporation FastPath Dot1x Advanced Features MIB -- Copyright Broadcom Corporation (2003-2007) All rights reserved. -- This SNMP Management Information Specification -- embodies Broadcom Corporation's confidential and proprietary -- intellectual property. Broadcom Corporation retains all title -- and ownership in the Specification including any revisions. -- This Specification is supplied "AS IS", Broadcom Corporation -- makes no warranty, either expressed or implied, -- as to the use, operation, condition, or performance of the -- Specification. IMPORTS MODULE-IDENTITY, OBJECT-TYPE, NOTIFICATION-TYPE, Unsigned32 FROM SNMPv2-SMI dot1xPaePortNumber FROM IEEE8021-PAE-MIB TEXTUAL-CONVENTION, RowStatus,MacAddress FROM SNMPv2-TC DisplayString FROM RFC1213-MIB fastPath FROM BROADCOM-REF-MIB; fastPathdot1xAdvanced MODULE-IDENTITY LAST-UPDATED "200705230000Z" -- 23 May 2007 12:00:00 GMT ORGANIZATION "Broadcom Corporation" CONTACT-INFO " Customer Support Postal: Broadcom Corporation 100, Perimeter Park Drive Morrisville, NC 27560 Tel: +1 919 865 2700" DESCRIPTION "The Broadcom Private MIB for FastPath Dot1x Advanced Features " -- Revision history. REVISION "200705230000Z" -- 23 May 2007 12:00:00 GMT DESCRIPTION "Broadcom branding related changes." ::= { fastPath 36 } Dot1xPortControlMode ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The control values of the Authenticator PAE controlled Port." SYNTAX INTEGER { forceUnauthorized(1), auto(2), forceAuthorized(3), macBased(4) } Dot1xSessionTerminationAction ::= TEXTUAL-CONVENTION STATUS current DESCRIPTION "The action to be taken on session termination ." SYNTAX INTEGER { default(1), reauthenticate(2) } agentDot1xEnhancementConfigGroup OBJECT IDENTIFIER ::= { fastPathdot1xAdvanced 1 } agentDot1xRadiusVlanAssignment OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION "Enable/Disable dot1x Vlan Assignment Support on the switch." DEFVAL { disable } ::= { agentDot1xEnhancementConfigGroup 1 } --************************************************************************************** -- agentDot1xPortConfigGroup -> Contains MIB objects configuring/displaying Dot1x Port details -- and associated Functionality -- --************************************************************************************** agentDot1xPortConfigGroup OBJECT IDENTIFIER ::= { fastPathdot1xAdvanced 2 } -------------------------------------------------------------- -- The Dot1x Enhanced Port Table -------------------------------------------------------------- agentDot1xPortConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF AgentDot1xPortConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table for dot1x enhanced Port details and associated functionality." ::= { agentDot1xPortConfigGroup 1 } agentDot1xPortConfigEntry OBJECT-TYPE SYNTAX AgentDot1xPortConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Represents entry for port config table." INDEX { dot1xPaePortNumber} ::= {agentDot1xPortConfigTable 1 } AgentDot1xPortConfigEntry ::= SEQUENCE { agentDot1xPortControlMode Dot1xPortControlMode, agentDot1xGuestVlanId Unsigned32, agentDot1xGuestVlanPeriod Unsigned32, agentDot1xUnauthenticatedVlan Unsigned32, agentDot1xMaxUsers Unsigned32, agentDot1xPortVlanAssigned Unsigned32, agentDot1xPortVlanAssignedReason INTEGER, agentDot1xPortSessionTimeout Unsigned32, agentDot1xPortTerminationAction Dot1xSessionTerminationAction, agentDot1xPortMABenabled INTEGER, agentDot1xPortMABenabledOperational INTEGER } agentDot1xPortControlMode OBJECT-TYPE SYNTAX Dot1xPortControlMode MAX-ACCESS read-write STATUS current DESCRIPTION "Dot1x port control mode of this port.The Port control mode . The port control mode for this interface can take the following values , force-unauthorized - the port is in unauthorized mode, auto-Port based mode. If a client authenticates suscessfully, then the interface is authorized . Otherwise, the port is in unauthorized mode. If more than one clients are attached to the port , then only one client needs to authenticate to allow other clients access. force-authorized - The port is placed in authorized mode macBased - If more than one client is attached to the port, then each client needs to authenticate separately. This object depcreates dot1xAuthAuthControlledPortControl object in IEEE8021-PAE-MIB" DEFVAL {auto} ::= { agentDot1xPortConfigEntry 1} agentDot1xGuestVlanId OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "Specifies the Guest Vlan of the port. A port will be moved to its Guest Vlan if no client sucessfully authenticates on that port for the Guest Vlan Period. A value of zero indicates no Guest Vlan is configured for the interface." DEFVAL {0} ::= { agentDot1xPortConfigEntry 2} agentDot1xGuestVlanPeriod OBJECT-TYPE SYNTAX Unsigned32 (0..65535) MAX-ACCESS read-write STATUS current DESCRIPTION "The value, in seconds, of the guestVlanPeriod constant currently in use for Guest Vlan Assignment for the port ." DEFVAL { 90 } ::= { agentDot1xPortConfigEntry 3 } agentDot1xUnauthenticatedVlan OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION "Specifies the Unauthenticated Vlan of the port. A port will be moved to its unauthenticated Vlan if the client authenticates unsucessfully on that port . A value of zero indicates no Unauthenticated Vlan is configured for the port. " DEFVAL {0} ::= { agentDot1xPortConfigEntry 4} agentDot1xMaxUsers OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-write STATUS current DESCRIPTION " Specifies the maximum users or clients that can authenticate on this port when the port control mode is macBased. " ::= { agentDot1xPortConfigEntry 5} agentDot1xPortVlanAssigned OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION " Specifies the vlan the port is assigned to by Dot1x . Only relevant if the port control mode of the port is auto. " DEFVAL {0} ::= { agentDot1xPortConfigEntry 6} agentDot1xPortVlanAssignedReason OBJECT-TYPE SYNTAX INTEGER { default(1), radius(2), unauthenticatedVlan(3), guestVlan(4), notAssigned(5) } MAX-ACCESS read-only STATUS current DESCRIPTION " Reason the port is assigned to the vlan specified by agentDot1xPortVlanAssigned . Only relevant if the port control mode of the port is auto. " DEFVAL {5} ::= { agentDot1xPortConfigEntry 7} agentDot1xPortSessionTimeout OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION " Specifies the session timeout value assigned by the Radius server for this port . Only relevant if the port control mode of the port is auto. " ::= { agentDot1xPortConfigEntry 8} agentDot1xPortTerminationAction OBJECT-TYPE SYNTAX Dot1xSessionTerminationAction MAX-ACCESS read-only STATUS current DESCRIPTION " Specifies the session termination action assigned by the Radius Server .This is the action taken when the session times out . Only relevant if the port control mode of the port is auto. " DEFVAL {1} ::= { agentDot1xPortConfigEntry 9} agentDot1xPortMABenabled OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } MAX-ACCESS read-write STATUS current DESCRIPTION " Specifies if Mac-based bypass authentication is configured for the port. " DEFVAL {2} ::= { agentDot1xPortConfigEntry 10} agentDot1xPortMABenabledOperational OBJECT-TYPE SYNTAX INTEGER { enable(1), disable(2) } MAX-ACCESS read-only STATUS current DESCRIPTION " Displays the operational value of the Mac-based authentication bypass mode (MAB) on the port. " DEFVAL {2} ::= { agentDot1xPortConfigEntry 11} --************************************************************************************** -- agentDot1xClientConfigGroup -> Contains MIB objects displaying Dot1x Client details and -- associated Functionality -- --************************************************************************************** agentDot1xClientConfigGroup OBJECT IDENTIFIER ::= { fastPathdot1xAdvanced 3 } agentDot1xClientConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF AgentDot1xClientConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table for dot1x Client details and associated functionality." ::= { agentDot1xClientConfigGroup 1 } agentDot1xClientConfigEntry OBJECT-TYPE SYNTAX AgentDot1xClientConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Represents entry for port config table." INDEX { agentDot1xClientMacAddress} ::= {agentDot1xClientConfigTable 1 } AgentDot1xClientConfigEntry ::= SEQUENCE { agentDot1xClientMacAddress MacAddress, agentDot1xLogicalPort Unsigned32, agentDot1xInterface Unsigned32, agentDot1xClientAuthPAEstate INTEGER, agentDot1xClientBackendState INTEGER, agentDot1xClientUserName DisplayString, agentDot1xClientSessionTime Unsigned32, agentDot1xClientFilterID DisplayString, agentDot1xClientVlanAssigned Unsigned32, agentDot1xClientVlanAssignedReason INTEGER, agentDot1xClientSessionTimeout Unsigned32, agentDot1xClientTerminationAction Dot1xSessionTerminationAction } agentDot1xClientMacAddress OBJECT-TYPE SYNTAX MacAddress MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the client MAC address of the client. " ::= { agentDot1xClientConfigEntry 1} agentDot1xLogicalPort OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the client MAC address of the client . " ::= { agentDot1xClientConfigEntry 2} agentDot1xInterface OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the physical interface to which the client is attached . " ::= { agentDot1xClientConfigEntry 3} agentDot1xClientAuthPAEstate OBJECT-TYPE SYNTAX INTEGER { initialize(1), disconnected(2), connecting(3), authenticating(4), authenticated(5), aborting(6), held(7), forceAuth(8), forceUnauth(9) } MAX-ACCESS read-only STATUS current DESCRIPTION "The current value of the Authenticator PAE state machine for the client." ::={ agentDot1xClientConfigEntry 4} agentDot1xClientBackendState OBJECT-TYPE SYNTAX INTEGER { request(1), response(2), success(3), fail(4), timeout(5), idle(6), initialize(7) } MAX-ACCESS read-only STATUS current DESCRIPTION "The current state of the Backend Authentication state machine." ::={ agentDot1xClientConfigEntry 5} agentDot1xClientUserName OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the username with which the client is authenticated to the Radius server . This value is only valid when the client is in authenticated state. " ::= { agentDot1xClientConfigEntry 6} agentDot1xClientSessionTime OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the time elapsed in seconds since the client was authenticated in this session. This value is only valid when the client is in authenticated state. " ::= { agentDot1xClientConfigEntry 7} agentDot1xClientFilterID OBJECT-TYPE SYNTAX DisplayString MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the Filter ID or Diffserv Policy name to be applied to the session . This vlaue is populated only if it has been assigned by the RADIUS server. This value is only valid when the client is in authenticated state." ::= { agentDot1xClientConfigEntry 8} agentDot1xClientVlanAssigned OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the vlan the client is associated with by Dot1x . This value is only valid when the client is in authenticated state." ::= { agentDot1xClientConfigEntry 9} agentDot1xClientVlanAssignedReason OBJECT-TYPE SYNTAX INTEGER { default(1), radius(2), unauthenticatedVlan(3), invalid(4) } MAX-ACCESS read-only STATUS current DESCRIPTION " Reason the client is associated to the vlan specified by agentDot1xClientVlanAssigned . This value is only valid when the client is in authenticated state." ::= { agentDot1xClientConfigEntry 10} agentDot1xClientSessionTimeout OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the session time remaining for the client if assigned by the Radius server . A value of 0 indicates that no session timeout was assigned by the RADIUS server. This value is only valid when the client is in authenticated state. " ::= { agentDot1xClientConfigEntry 11} agentDot1xClientTerminationAction OBJECT-TYPE SYNTAX Dot1xSessionTerminationAction MAX-ACCESS read-only STATUS current DESCRIPTION "Specifies the session termination action assigned by the Radius Server . This is the action taken when the session times out . This value is only valid when the client is in authenticated state. " ::= { agentDot1xClientConfigEntry 12} END