1HP-DOT1X-EXTENSIONS-MIB DEFINITIONS ::= BEGIN 2 3IMPORTS 4 MODULE-IDENTITY, OBJECT-TYPE, Counter32, Counter64, 5 Unsigned32, TimeTicks 6 FROM SNMPv2-SMI 7 MacAddress, TruthValue, 8 DisplayString, TimeStamp 9 FROM SNMPv2-TC 10 MODULE-COMPLIANCE, OBJECT-GROUP 11 FROM SNMPv2-CONF 12 SnmpAdminString 13 FROM SNMP-FRAMEWORK-MIB 14 InterfaceIndex 15 FROM IF-MIB 16 dot1xPaePortEntry, dot1xSuppConfigEntry, dot1xAuthConfigEntry, 17 dot1xPaePortNumber 18 FROM IEEE8021-PAE-MIB 19 VlanIndex 20 FROM Q-BRIDGE-MIB 21 hpSwitch 22 FROM HP-ICF-OID 23 ; 24 25hpicfDot1xMIB MODULE-IDENTITY 26 LAST-UPDATED "200509210000Z" -- September 21, 2005 27 ORGANIZATION "Hewlett-Packard Company 28 ProCurve Networking Business" 29 CONTACT-INFO "Hewlett-Packard Company 30 8000 Foothills Blvd. 31 Roseville, CA 95747" 32 DESCRIPTION "This MIB module contains the definitions of Managed 33 Objects for HP ProCurve extensions to IEEE 802.1X. 34 35 This MIB supplements the IEEE 802.1X MIB to 36 provide a mechanism by which to configure and 37 retrieve status on shared-media ports, such as in 38 wireless access points or multi-supplicant mode on 39 ProCurve switches/routers." 40 REVISION "200702020000Z" -- February 2, 2007 41 DESCRIPTION "Added hpicfDot1xAuthAllowGvrpVlans." 42 43 REVISION "200509210000Z" -- September 21, 2005 44 DESCRIPTION "Added hpicfDot1xAuthClientLimit2." 45 46 REVISION "200508050000Z" -- Aug 5, 2005 47 DESCRIPTION "Added import objects." 48 49 REVISION "200408060000Z" -- August 6, 2004 50 DESCRIPTION "Initial version." 51 52 ::= { hpSwitch 25 } 53 54hpicfDot1xMIBObjects OBJECT IDENTIFIER ::= { hpicfDot1xMIB 1 } 55 56-- ---------------------------------------------------------- -- 57-- Textual Conventions 58-- ---------------------------------------------------------- -- 59 60-- ---------------------------------------------------------- -- 61 62-- ---------------------------------------------------------- -- 63-- groups in the hpicfdot1xExt MIB 64-- ---------------------------------------------------------- -- 65 66hpicfDot1xSystem 67 OBJECT IDENTIFIER ::= { hpicfDot1xMIBObjects 1 } 68hpicfDot1xAuthenticator 69 OBJECT IDENTIFIER ::= { hpicfDot1xMIBObjects 2 } 70hpicfDot1xSupplicant 71 OBJECT IDENTIFIER ::= { hpicfDot1xMIBObjects 3 } 72 73-- ---------------------------------------------------------- -- 74 75-- ---------------------------------------------------------- -- 76-- The PAE System Group 77-- ---------------------------------------------------------- -- 78 79-- ------------------------------------------------------------ 80-- The PAE Port Table 81-- (AUGMENTS dot1xPaePortEntry) 82-- ------------------------------------------------------------ 83 84 hpicfDot1xPaePortTable OBJECT-TYPE 85 SYNTAX SEQUENCE OF HpicfDot1xPaePortEntry 86 MAX-ACCESS not-accessible 87 STATUS current 88 DESCRIPTION "This table suplements the 'dot1xPaePortTable'." 89 ::= { hpicfDot1xSystem 1 } 90 91 hpicfDot1xPaePortEntry OBJECT-TYPE 92 SYNTAX HpicfDot1xPaePortEntry 93 MAX-ACCESS not-accessible 94 STATUS current 95 DESCRIPTION "The fields in these entries will be used to supplement 96 'dot1xPaePortEntry'." 97 AUGMENTS { dot1xPaePortEntry } 98 ::= { hpicfDot1xPaePortTable 1 } 99 100 HpicfDot1xPaePortEntry ::= 101 SEQUENCE { 102 hpicfDot1xPaePortAuth TruthValue, 103 hpicfDot1xPaePortSupp TruthValue 104 } 105 106 hpicfDot1xPaePortAuth OBJECT-TYPE 107 SYNTAX TruthValue 108 MAX-ACCESS read-write 109 STATUS current 110 DESCRIPTION "This object allows enable/disable authenticator 111 functionality on a port." 112 ::= { hpicfDot1xPaePortEntry 1 } 113 114 hpicfDot1xPaePortSupp OBJECT-TYPE 115 SYNTAX TruthValue 116 MAX-ACCESS read-write 117 STATUS current 118 DESCRIPTION "This object allows enable/disable supplicant 119 functionality on a port." 120 ::= { hpicfDot1xPaePortEntry 2 } 121 122 123-- ---------------------------------------------------------- -- 124-- The PAE Authenticator Group 125-- ---------------------------------------------------------- -- 126 127-- ---------------------------------------------------------- -- 128-- The Authenticator Configuration Table 129-- ---------------------------------------------------------- -- 130 131-- ------------------------------------------------------------ 132-- 802.1X Authenticator HP proprietary configuration table 133-- (AUGMENTS dot1xAuthConfigEntry) 134-- ------------------------------------------------------------ 135 136 hpicfDot1xAuthConfigTable OBJECT-TYPE 137 SYNTAX SEQUENCE OF HpicfDot1xAuthConfigEntry 138 MAX-ACCESS not-accessible 139 STATUS current 140 DESCRIPTION "This table suplements the 'dot1xAuthConfigTable'." 141 ::= { hpicfDot1xAuthenticator 1 } 142 143 hpicfDot1xAuthConfigEntry OBJECT-TYPE 144 SYNTAX HpicfDot1xAuthConfigEntry 145 MAX-ACCESS not-accessible 146 STATUS current 147 DESCRIPTION "The fields in these entries will be used to supplement 148 'dot1xAuthConfigEntry'." 149 AUGMENTS { dot1xAuthConfigEntry } 150 ::= { hpicfDot1xAuthConfigTable 1 } 151 152 HpicfDot1xAuthConfigEntry ::= 153 SEQUENCE { 154 hpicfDot1xAuthAuthVid VlanIndex, 155 hpicfDot1xAuthUnauthVid VlanIndex, 156 hpicfDot1xAuthUnauthPeriod Unsigned32, 157 hpicfDot1xAuthClientLimit Unsigned32, 158 hpicfDot1xAuthLogoffPeriod Unsigned32, 159 hpicfDot1xAuthClientLimit2 Unsigned32 160 } 161 162 hpicfDot1xAuthAuthVid OBJECT-TYPE 163 SYNTAX VlanIndex 164 MAX-ACCESS read-write 165 STATUS current 166 DESCRIPTION "This object configures PVID for authorized 167 802.1x port." 168 ::= { hpicfDot1xAuthConfigEntry 1 } 169 170 hpicfDot1xAuthUnauthVid OBJECT-TYPE 171 SYNTAX VlanIndex 172 MAX-ACCESS read-write 173 STATUS current 174 DESCRIPTION "This object configures PVID for unauthorized 175 802.1x port." 176 ::= { hpicfDot1xAuthConfigEntry 2 } 177 178 hpicfDot1xAuthUnauthPeriod OBJECT-TYPE 179 SYNTAX Unsigned32 (0..255) 180 UNITS "seconds" 181 MAX-ACCESS read-write 182 STATUS current 183 DESCRIPTION "This objects configures the period of time, in seconds, 184 which authenticator will wait for authentication before 185 transition to guest VLAN mode." 186 DEFVAL { 0 } 187 ::= { hpicfDot1xAuthConfigEntry 3 } 188 189 hpicfDot1xAuthClientLimit OBJECT-TYPE 190 SYNTAX Unsigned32 (1..32) 191 MAX-ACCESS read-write 192 STATUS deprecated 193 DESCRIPTION "*************THIS OBJECT IS DEPRECATED ********** 194 The maximum number of authenticated clients to allow on 195 the port." 196 DEFVAL { 1 } 197 ::= { hpicfDot1xAuthConfigEntry 4 } 198 199 hpicfDot1xAuthLogoffPeriod OBJECT-TYPE 200 SYNTAX Unsigned32 (1..999999999) 201 UNITS "seconds" 202 MAX-ACCESS read-write 203 STATUS current 204 DESCRIPTION "Specifies the period, in seconds, at which an 205 authenticated client will be considered unauthenticated 206 for a lack of activity (i.e. traffic originating 207 from client)." 208 DEFVAL { 300 } 209 ::= { hpicfDot1xAuthConfigEntry 5 } 210 211 hpicfDot1xAuthClientLimit2 OBJECT-TYPE 212 SYNTAX Unsigned32 (0..1024) 213 MAX-ACCESS read-write 214 STATUS current 215 DESCRIPTION "The maximum number of authenticated clients to allow on 216 the port if greater than 0. If 0 then authenticator 217 controls port as a single entity - no client limit." 218 DEFVAL { 0 } 219 ::= { hpicfDot1xAuthConfigEntry 6 } 220 221-- ---------------------------------------------------------- -- 222-- The Shared-Media Authenticator Configuration Table 223-- ---------------------------------------------------------- -- 224 225hpicfDot1xSMAuthConfigTable OBJECT-TYPE 226 SYNTAX SEQUENCE OF HpicfDot1xSMAuthConfigEntry 227 MAX-ACCESS not-accessible 228 STATUS current 229 DESCRIPTION 230 "A table that contains the configuration and basic status 231 objects for Authenticator PAEs associated with each 232 shared-media port." 233 REFERENCE 234 "802.1X-2001 9.4.1 Authenticator Configuration" 235 ::= { hpicfDot1xAuthenticator 2 } 236 237hpicfDot1xSMAuthConfigEntry OBJECT-TYPE 238 SYNTAX HpicfDot1xSMAuthConfigEntry 239 MAX-ACCESS not-accessible 240 STATUS current 241 DESCRIPTION 242 "The configuration information for an Authenticator 243 PAE." 244 INDEX { hpicfDot1xSMAuthPaePort, 245 hpicfDot1xSMAuthMacAddr } 246 ::= { hpicfDot1xSMAuthConfigTable 1 } 247 248HpicfDot1xSMAuthConfigEntry ::= 249 SEQUENCE { 250 hpicfDot1xSMAuthPaePort 251 InterfaceIndex, 252 hpicfDot1xSMAuthMacAddr 253 MacAddress, 254 hpicfDot1xSMAuthInitialize 255 TruthValue, 256 hpicfDot1xSMAuthReauthenticate 257 TruthValue, 258 hpicfDot1xSMAuthPaeState 259 INTEGER, 260 hpicfDot1xSMAuthBackendAuthState 261 INTEGER, 262 hpicfDot1xSMAuthReAuthPeriod 263 Unsigned32, 264 hpicfDot1xSMAuthReAuthEnabled 265 TruthValue 266 } 267 268hpicfDot1xSMAuthPaePort OBJECT-TYPE 269 SYNTAX InterfaceIndex 270 MAX-ACCESS not-accessible 271 STATUS current 272 DESCRIPTION "The interface index associated with this 273 Authenticator PAE. On wired ProCurve products 274 the interface index is the physical port. On 275 wireless products it is the instance (whether 276 real or virtual) of an AP." 277 ::= { hpicfDot1xSMAuthConfigEntry 1 } 278 279hpicfDot1xSMAuthMacAddr OBJECT-TYPE 280 SYNTAX MacAddress 281 MAX-ACCESS read-only 282 STATUS current 283 DESCRIPTION "The 48-bit IEEE media access control address of 284 The supplicant associated with this Authenticator 285 PAE." 286 ::= { hpicfDot1xSMAuthConfigEntry 2 } 287 288hpicfDot1xSMAuthInitialize OBJECT-TYPE 289 SYNTAX TruthValue 290 MAX-ACCESS read-write 291 STATUS current 292 DESCRIPTION 293 "The initialization control for this Authenticator PAE. 294 Setting this attribute TRUE causes the PAE to be 295 initialized. The attribute value reverts to FALSE 296 once initialization has completed." 297 REFERENCE 298 "802.1X-2001 9.6.1.3, Initialize Port" 299 ::= { hpicfDot1xSMAuthConfigEntry 3 } 300 301hpicfDot1xSMAuthReauthenticate OBJECT-TYPE 302 SYNTAX TruthValue 303 MAX-ACCESS read-write 304 STATUS current 305 DESCRIPTION 306 "The reauthentication control for this Authenticator PAE. 307 Setting this attribute TRUE causes the Authenticator 308 PAE state machine for the Port to reauthenticate the 309 Supplicant. Setting this attribute FALSE has no effect. 310 This attribute always returns FALSE when it is read." 311 REFERENCE 312 "802.1X-2001 9.4.1.3 Reauthenticate" 313 ::= { hpicfDot1xSMAuthConfigEntry 4 } 314 315hpicfDot1xSMAuthPaeState OBJECT-TYPE 316 SYNTAX INTEGER { 317 initialize(1), 318 disconnected(2), 319 connecting(3), 320 authenticating(4), 321 authenticated(5), 322 aborting(6), 323 held(7), 324 forceAuth(8), 325 forceUnauth(9), 326 restart(10) 327 } 328 MAX-ACCESS read-only 329 STATUS current 330 DESCRIPTION 331 "The current value of the Authenticator PAE state 332 machine." 333 REFERENCE 334 "802.1X-2001 9.4.1, Authenticator PAE state" 335 ::= { hpicfDot1xSMAuthConfigEntry 5 } 336 337hpicfDot1xSMAuthBackendAuthState OBJECT-TYPE 338 SYNTAX INTEGER { 339 request(1), 340 response(2), 341 success(3), 342 fail(4), 343 timeout(5), 344 idle(6), 345 initialize(7), 346 ignore(8) 347 } 348 MAX-ACCESS read-only 349 STATUS current 350 DESCRIPTION 351 "The current state of the Backend Authentication 352 state machine." 353 REFERENCE 354 "802.1X-2001 9.4.1, Backend Authentication state" 355 ::= { hpicfDot1xSMAuthConfigEntry 6 } 356 357hpicfDot1xSMAuthReAuthPeriod OBJECT-TYPE 358 SYNTAX Unsigned32 359 MAX-ACCESS read-only 360 STATUS current 361 DESCRIPTION 362 "The value, in seconds, of the reAuthPeriod constant 363 currently in use by the Reauthentication Timer state 364 machine." 365 REFERENCE 366 "802.1X-2001 9.4.1, reAuthPeriod" 367 DEFVAL { 3600 } 368 ::= { hpicfDot1xSMAuthConfigEntry 7 } 369 370hpicfDot1xSMAuthReAuthEnabled OBJECT-TYPE 371 SYNTAX TruthValue 372 MAX-ACCESS read-only 373 STATUS current 374 DESCRIPTION 375 "The enable/disable control used by the Reauthentication 376 Timer state machine (8.5.5.1)." 377 REFERENCE 378 "802.1X-2001 9.4.1, reAuthEnabled" 379 DEFVAL { false } 380 ::= { hpicfDot1xSMAuthConfigEntry 8 } 381 382-- ---------------------------------------------------------- -- 383-- The Authenticator Diagnostics Table 384-- ---------------------------------------------------------- -- 385 386hpicfDot1xAuthDiagTable OBJECT-TYPE 387 SYNTAX SEQUENCE OF HpicfDot1xAuthDiagEntry 388 MAX-ACCESS not-accessible 389 STATUS current 390 DESCRIPTION 391 "A table that contains the diagnostics objects for the 392 Authenticator PAE associated with each Port. 393 An entry appears in this table for each port that may 394 authenticate access to itself." 395 ::= { hpicfDot1xAuthenticator 3 } 396 397hpicfDot1xAuthDiagEntry OBJECT-TYPE 398 SYNTAX HpicfDot1xAuthDiagEntry 399 MAX-ACCESS not-accessible 400 STATUS current 401 DESCRIPTION 402 "The diagnostic information for an Authenticator PAE." 403 INDEX { dot1xPaePortNumber } 404 ::= { hpicfDot1xAuthDiagTable 1 } 405 406HpicfDot1xAuthDiagEntry ::= 407 SEQUENCE { 408 hpicfDot1xAuthNumberOfSuccessAuthentication 409 Counter32, 410 hpicfDot1xAuthNumberOfFailedAuthentication 411 Counter32 412 } 413 414hpicfDot1xAuthNumberOfSuccessAuthentication OBJECT-TYPE 415 SYNTAX Counter32 416 MAX-ACCESS read-only 417 STATUS current 418 DESCRIPTION 419 "Counts the number of times that authenticator received 420 an EAP-Success message from Authentication Server. 421 Indicates that Supplicant has successfully authenticated to 422 the Authentication Server." 423 ::= { hpicfDot1xAuthDiagEntry 1 } 424 425hpicfDot1xAuthNumberOfFailedAuthentication OBJECT-TYPE 426 SYNTAX Counter32 427 MAX-ACCESS read-only 428 STATUS current 429 DESCRIPTION 430 "Counts the number of times that authenticator received 431 an EAP-Failure message from Authentication Server. 432 Indicates that Supplicant has failed to authenticate to 433 the Authentication Server." 434 ::= { hpicfDot1xAuthDiagEntry 2 } 435 436 437-- ---------------------------------------------------------- -- 438-- The Authenticator Statistics Table 439-- ---------------------------------------------------------- -- 440 441hpicfDot1xAuthStatsTable OBJECT-TYPE 442 SYNTAX SEQUENCE OF HpicfDot1xAuthStatsEntry 443 MAX-ACCESS not-accessible 444 STATUS current 445 DESCRIPTION 446 "A table that contains the statistics objects for the 447 Authenticator PAE's associated with each shared-media 448 Port." 449 REFERENCE 450 "802.1X-2001 9.4.2 Authenticator Statistics" 451 ::= { hpicfDot1xAuthenticator 4 } 452 453hpicfDot1xAuthStatsEntry OBJECT-TYPE 454 SYNTAX HpicfDot1xAuthStatsEntry 455 MAX-ACCESS not-accessible 456 STATUS current 457 DESCRIPTION 458 "The statistics information for an Authenticator PAE." 459 INDEX { hpicfDot1xSMAuthPaePort, 460 hpicfDot1xSMAuthMacAddr } 461 ::= { hpicfDot1xAuthStatsTable 1 } 462 463HpicfDot1xAuthStatsEntry ::= 464 SEQUENCE { 465 hpicfDot1xAuthEapolFramesRx 466 Counter32, 467 hpicfDot1xAuthEapolFramesTx 468 Counter32, 469 hpicfDot1xAuthEapolStartFramesRx 470 Counter32, 471 hpicfDot1xAuthEapolLogoffFramesRx 472 Counter32, 473 hpicfDot1xAuthEapolRespIdFramesRx 474 Counter32, 475 hpicfDot1xAuthEapolRespFramesRx 476 Counter32, 477 hpicfDot1xAuthEapolReqIdFramesTx 478 Counter32, 479 hpicfDot1xAuthEapolReqFramesTx 480 Counter32, 481 hpicfDot1xAuthInvalidEapolFramesRx 482 Counter32, 483 hpicfDot1xAuthEapLengthErrorFramesRx 484 Counter32, 485 hpicfDot1xAuthLastEapolFrameVersion 486 Unsigned32, 487 hpicfDot1xAuthLastEapolFrameSource 488 MacAddress 489 } 490 491hpicfDot1xAuthEapolFramesRx OBJECT-TYPE 492 SYNTAX Counter32 493 MAX-ACCESS read-only 494 STATUS current 495 DESCRIPTION 496 "The number of valid EAPOL frames of any type 497 that have been received by this Authenticator." 498 REFERENCE 499 "802.1X-2001 9.4.2, EAPOL frames received" 500 ::= { hpicfDot1xAuthStatsEntry 1 } 501 502hpicfDot1xAuthEapolFramesTx OBJECT-TYPE 503 SYNTAX Counter32 504 MAX-ACCESS read-only 505 STATUS current 506 DESCRIPTION 507 "The number of EAPOL frames of any type 508 that have been transmitted by this Authenticator." 509 REFERENCE 510 "802.1X-2001 9.4.2, EAPOL frames transmitted" 511 ::= { hpicfDot1xAuthStatsEntry 2 } 512 513hpicfDot1xAuthEapolStartFramesRx OBJECT-TYPE 514 SYNTAX Counter32 515 MAX-ACCESS read-only 516 STATUS current 517 DESCRIPTION 518 "The number of EAPOL Start frames that have 519 been received by this Authenticator." 520 REFERENCE 521 "802.1X-2001 9.4.2, EAPOL Start frames received" 522 ::= { hpicfDot1xAuthStatsEntry 3 } 523 524hpicfDot1xAuthEapolLogoffFramesRx OBJECT-TYPE 525 SYNTAX Counter32 526 MAX-ACCESS read-only 527 STATUS current 528 DESCRIPTION 529 "The number of EAPOL Logoff frames that have 530 been received by this Authenticator." 531 REFERENCE 532 "802.1X-2001 9.4.2, EAPOL Logoff frames received" 533 ::= { hpicfDot1xAuthStatsEntry 4 } 534 535hpicfDot1xAuthEapolRespIdFramesRx OBJECT-TYPE 536 SYNTAX Counter32 537 MAX-ACCESS read-only 538 STATUS current 539 DESCRIPTION 540 "The number of EAP Resp/Id frames that have 541 been received by this Authenticator." 542 REFERENCE 543 "802.1X-2001 9.4.2, EAPOL Resp/Id frames received" 544 ::= { hpicfDot1xAuthStatsEntry 5 } 545 546hpicfDot1xAuthEapolRespFramesRx OBJECT-TYPE 547 SYNTAX Counter32 548 MAX-ACCESS read-only 549 STATUS current 550 DESCRIPTION 551 "The number of valid EAP Response frames 552 (other than Resp/Id frames) that have been 553 received by this Authenticator." 554 REFERENCE 555 "802.1X-2001 9.4.2, EAPOL Response frames received" 556 ::= { hpicfDot1xAuthStatsEntry 6 } 557 558hpicfDot1xAuthEapolReqIdFramesTx OBJECT-TYPE 559 SYNTAX Counter32 560 MAX-ACCESS read-only 561 STATUS current 562 DESCRIPTION 563 "The number of EAP Req/Id frames that have been 564 transmitted by this Authenticator." 565 REFERENCE 566 "802.1X-2001 9.4.2, EAPOL Req/Id frames transmitted" 567 ::= { hpicfDot1xAuthStatsEntry 7 } 568 569hpicfDot1xAuthEapolReqFramesTx OBJECT-TYPE 570 SYNTAX Counter32 571 MAX-ACCESS read-only 572 STATUS current 573 DESCRIPTION 574 "The number of EAP Request frames 575 (other than Rq/Id frames) that have been 576 transmitted by this Authenticator." 577 REFERENCE 578 "802.1X-2001 9.4.2, EAPOL Request frames transmitted" 579 ::= { hpicfDot1xAuthStatsEntry 8 } 580 581hpicfDot1xAuthInvalidEapolFramesRx OBJECT-TYPE 582 SYNTAX Counter32 583 MAX-ACCESS read-only 584 STATUS current 585 DESCRIPTION 586 "The number of EAPOL frames that have been 587 received by this Authenticator in which the 588 frame type is not recognized." 589 REFERENCE 590 "802.1X-2001 9.4.2, Invalid EAPOL frames received" 591 ::= { hpicfDot1xAuthStatsEntry 9 } 592 593hpicfDot1xAuthEapLengthErrorFramesRx OBJECT-TYPE 594 SYNTAX Counter32 595 MAX-ACCESS read-only 596 STATUS current 597 DESCRIPTION 598 "The number of EAPOL frames that have been received 599 by this Authenticator in which the Packet Body 600 Length field is invalid." 601 REFERENCE 602 "802.1X-2001 9.4.2, EAP length error frames received" 603 ::= { hpicfDot1xAuthStatsEntry 10 } 604 605hpicfDot1xAuthLastEapolFrameVersion OBJECT-TYPE 606 SYNTAX Unsigned32 607 MAX-ACCESS read-only 608 STATUS current 609 DESCRIPTION 610 "The protocol version number carried in the 611 most recently received EAPOL frame." 612 REFERENCE 613 "802.1X-2001 9.4.2, Last EAPOL frame version" 614 ::= { hpicfDot1xAuthStatsEntry 11 } 615 616hpicfDot1xAuthLastEapolFrameSource OBJECT-TYPE 617 SYNTAX MacAddress 618 MAX-ACCESS read-only 619 STATUS current 620 DESCRIPTION 621 "The source MAC address carried in the 622 most recently received EAPOL frame." 623 REFERENCE 624 "802.1X-2001 9.4.2, Last EAPOL frame source" 625 ::= { hpicfDot1xAuthStatsEntry 12 } 626 627-- ---------------------------------------------------------- -- 628-- The Authenticator Session Statistics Table 629-- ---------------------------------------------------------- -- 630 631hpicfDot1xAuthSessionStatsTable OBJECT-TYPE 632 SYNTAX SEQUENCE OF HpicfDot1xAuthSessionStatsEntry 633 MAX-ACCESS not-accessible 634 STATUS current 635 DESCRIPTION 636 "A table that contains the session statistics objects 637 for the Authenticator PAE's associated with each 638 shared-media Port." 639 REFERENCE 640 "802.1X-2001 9.4.4" 641 ::= { hpicfDot1xAuthenticator 5 } 642 643hpicfDot1xAuthSessionStatsEntry OBJECT-TYPE 644 SYNTAX HpicfDot1xAuthSessionStatsEntry 645 MAX-ACCESS not-accessible 646 STATUS current 647 DESCRIPTION 648 "The session statistics information for an Authenticator 649 PAE. This shows the current values being collected for 650 each session that is still in progress, or the final 651 values for the last valid session on each port where 652 there is no session currently active." 653 INDEX { hpicfDot1xSMAuthPaePort, 654 hpicfDot1xSMAuthMacAddr } 655 ::= { hpicfDot1xAuthSessionStatsTable 1 } 656 657HpicfDot1xAuthSessionStatsEntry ::= 658 SEQUENCE { 659 hpicfDot1xAuthSessionPerPAECountersEnabled 660 TruthValue, 661 hpicfDot1xAuthSessionOctetsRx 662 Counter64, 663 hpicfDot1xAuthSessionOctetsTx 664 Counter64, 665 hpicfDot1xAuthSessionFramesRx 666 Counter32, 667 hpicfDot1xAuthSessionFramesTx 668 Counter32, 669 hpicfDot1xAuthSessionId 670 SnmpAdminString, 671 hpicfDot1xAuthSessionAuthenticMethod 672 INTEGER, 673 hpicfDot1xAuthSessionTime 674 TimeTicks, 675 hpicfDot1xAuthSessionStartTime 676 TimeStamp, 677 hpicfDot1xAuthSessionStopTime 678 TimeStamp, 679 hpicfDot1xAuthSessionInactiveTime 680 TimeTicks, 681 hpicfDot1xAuthSessionTerminateCause 682 INTEGER, 683 hpicfDot1xAuthSessionUserName 684 SnmpAdminString, 685 hpicfDot1xAuthSessionIsForwarding 686 TruthValue, 687 hpicfDot1xAuthSessionVid 688 VlanIndex 689 } 690 691hpicfDot1xAuthSessionPerPAECountersEnabled OBJECT-TYPE 692 SYNTAX TruthValue 693 MAX-ACCESS read-only 694 STATUS current 695 DESCRIPTION 696 "Specifies whether individualized PAE octet and 697 frame counts are supported. 698 699 If TRUE then system is capable of maintaining 700 separate counter sets for each, of possibly many, 701 Authenticator PAE instance on a port. 702 703 If FALSE then system is incapable of maintaining 704 separate counter sets. Frame and octet counter values 705 returned are an aggregate of all PAE sessions on the 706 port." 707 ::= { hpicfDot1xAuthSessionStatsEntry 1 } 708 709hpicfDot1xAuthSessionOctetsRx OBJECT-TYPE 710 SYNTAX Counter64 711 MAX-ACCESS read-only 712 STATUS current 713 DESCRIPTION 714 "The number of octets received in user data 715 frames during the session." 716 REFERENCE 717 "802.1X-2001 9.4.4, Session Octets Received" 718 ::= { hpicfDot1xAuthSessionStatsEntry 2 } 719 720hpicfDot1xAuthSessionOctetsTx OBJECT-TYPE 721 SYNTAX Counter64 722 MAX-ACCESS read-only 723 STATUS current 724 DESCRIPTION 725 "The number of octets transmitted in user data 726 frames during the session." 727 REFERENCE 728 "802.1X-2001 9.4.4, Session Octets Transmitted" 729 ::= { hpicfDot1xAuthSessionStatsEntry 3 } 730 731hpicfDot1xAuthSessionFramesRx OBJECT-TYPE 732 SYNTAX Counter32 733 MAX-ACCESS read-only 734 STATUS current 735 DESCRIPTION 736 "The number of user data frames received 737 during the session." 738 REFERENCE 739 "802.1X-2001 9.4.4, Session Frames Received" 740 ::= { hpicfDot1xAuthSessionStatsEntry 4 } 741 742hpicfDot1xAuthSessionFramesTx OBJECT-TYPE 743 SYNTAX Counter32 744 MAX-ACCESS read-only 745 STATUS current 746 DESCRIPTION 747 "The number of user data frames transmitted 748 during the session." 749 REFERENCE 750 "802.1X-2001 9.4.4, Session Frames Transmitted" 751 ::= { hpicfDot1xAuthSessionStatsEntry 5 } 752 753hpicfDot1xAuthSessionId OBJECT-TYPE 754 SYNTAX SnmpAdminString 755 MAX-ACCESS read-only 756 STATUS current 757 DESCRIPTION 758 "A unique identifier for the session, in the 759 form of a printable ASCII string of at least 760 three characters." 761 REFERENCE 762 "802.1X-2001 9.4.4, Session Identifier" 763 ::= { hpicfDot1xAuthSessionStatsEntry 6 } 764 765hpicfDot1xAuthSessionAuthenticMethod OBJECT-TYPE 766 SYNTAX INTEGER { 767 remoteAuthServer(1), 768 localAuthServer(2), 769 localandremoteAuthServer(3) 770 } 771 MAX-ACCESS read-only 772 STATUS current 773 DESCRIPTION 774 "The authentication method used to establish the 775 session." 776 REFERENCE 777 "802.1X-2001 9.4.4, Session Authentication Method" 778 ::= { hpicfDot1xAuthSessionStatsEntry 7 } 779 780hpicfDot1xAuthSessionTime OBJECT-TYPE 781 SYNTAX TimeTicks 782 MAX-ACCESS read-only 783 STATUS current 784 DESCRIPTION 785 "The duration of the session in seconds." 786 REFERENCE 787 "802.1X-2001 9.4.4, Session Time" 788 ::= { hpicfDot1xAuthSessionStatsEntry 8 } 789 790hpicfDot1xAuthSessionStartTime OBJECT-TYPE 791 SYNTAX TimeStamp 792 MAX-ACCESS read-only 793 STATUS current 794 DESCRIPTION 795 "This object contains the value of sysUpTime at the 796 time Supplicant was successfully authenticated." 797 ::= { hpicfDot1xAuthSessionStatsEntry 9 } 798 799hpicfDot1xAuthSessionStopTime OBJECT-TYPE 800 SYNTAX TimeStamp 801 MAX-ACCESS read-only 802 STATUS current 803 DESCRIPTION 804 "This object contains the value of sysUpTime at the 805 time an authenticated Supplicant was de-authenticated, 806 as a result of an EAPOL-Logoff, reauthentication period 807 expiration, or forced asynchronous reauthentication." 808 ::= { hpicfDot1xAuthSessionStatsEntry 10 } 809 810hpicfDot1xAuthSessionInactiveTime OBJECT-TYPE 811 SYNTAX TimeTicks 812 MAX-ACCESS read-only 813 STATUS current 814 DESCRIPTION 815 "This time (in seconds) since last user data frames, 816 either rx or tx, were observed." 817 ::= { hpicfDot1xAuthSessionStatsEntry 11 } 818 819 820hpicfDot1xAuthSessionTerminateCause OBJECT-TYPE 821 SYNTAX INTEGER { 822 supplicantLogoff(1), 823 portFailure(2), 824 supplicantRestart(3), 825 reauthFailed(4), 826 authControlForceUnauth(5), 827 portReInit(6), 828 portAdminDisabled(7), 829 notTerminatedYet(999) 830 } 831 MAX-ACCESS read-only 832 STATUS current 833 DESCRIPTION 834 "The reason for the session termination." 835 REFERENCE 836 "802.1X-2001 9.4.4, Session Terminate Cause" 837 ::= { hpicfDot1xAuthSessionStatsEntry 12 } 838 839hpicfDot1xAuthSessionUserName OBJECT-TYPE 840 SYNTAX SnmpAdminString 841 MAX-ACCESS read-only 842 STATUS current 843 DESCRIPTION 844 "The User-Name representing the identity of the 845 Supplicant PAE." 846 REFERENCE 847 "802.1X-2001 9.4.4, Session User Name" 848 ::= { hpicfDot1xAuthSessionStatsEntry 13 } 849 850hpicfDot1xAuthSessionIsForwarding OBJECT-TYPE 851 SYNTAX TruthValue 852 MAX-ACCESS read-only 853 STATUS current 854 DESCRIPTION 855 "Specifies whether traffic originating from 856 Supplicant PAE is being forwarded by 857 Authenticator PAE. 858 859 If TRUE, then Authenticator is forwarding 860 Supplicant's traffic 861 862 If FALSE, then Authenticator is not forwarding 863 (blocking) Supplicant's traffic." 864 ::= { hpicfDot1xAuthSessionStatsEntry 14 } 865 866hpicfDot1xAuthSessionVid OBJECT-TYPE 867 SYNTAX VlanIndex 868 MAX-ACCESS read-only 869 STATUS current 870 DESCRIPTION 871 "The PVID on which user data frames are being forwarded." 872 ::= { hpicfDot1xAuthSessionStatsEntry 15 } 873 874-- ---------------------------------------------------------- -- 875-- Global Objects for Authenticator 876-- ---------------------------------------------------------- -- 877 878hpicfDot1xAuthAllowGvrpVlans OBJECT-TYPE 879 SYNTAX TruthValue 880 MAX-ACCESS read-write 881 STATUS current 882 DESCRIPTION "This object allows enable/disable the use 883 of RADIUS-assigned dynamic (GVRP) VLANs." 884 ::= { hpicfDot1xAuthenticator 6 } 885 886-- ---------------------------------------------------------- -- 887-- The PAE Supplicant Group 888-- ---------------------------------------------------------- -- 889 890-- placeholder 891 892 893-- ---------------------------------------------------------- -- 894-- The Supplicant Configuration Table 895-- (AUGMENTS dot1xSuppConfigEntry) 896-- ---------------------------------------------------------- -- 897 898-- place holder 899 hpicfDot1xSuppConfigTable OBJECT-TYPE 900 SYNTAX SEQUENCE OF HpicfDot1xSuppConfigEntry 901 MAX-ACCESS not-accessible 902 STATUS current 903 DESCRIPTION "This table suplements the 'dot1xSuppConfigTable'." 904 ::= { hpicfDot1xSupplicant 1 } 905 906 hpicfDot1xSuppConfigEntry OBJECT-TYPE 907 SYNTAX HpicfDot1xSuppConfigEntry 908 MAX-ACCESS not-accessible 909 STATUS current 910 DESCRIPTION "The fields in these entries will be used to supplement 911 'dot1xSuppConfigEntry'." 912 AUGMENTS { dot1xSuppConfigEntry } 913 ::= { hpicfDot1xSuppConfigTable 1 } 914 915 HpicfDot1xSuppConfigEntry ::= 916 SEQUENCE { 917 hpicfDot1xSuppConfigIdentity DisplayString, 918 hpicfDot1xSuppConfigPassword DisplayString 919 } 920 921 hpicfDot1xSuppConfigIdentity OBJECT-TYPE 922 SYNTAX DisplayString (SIZE(0..64)) 923 MAX-ACCESS read-write 924 STATUS current 925 DESCRIPTION "This object can be used to set/get the identity 926 802.1x supplicant supplies to its authenticator." 927 ::= { hpicfDot1xSuppConfigEntry 1 } 928 929 hpicfDot1xSuppConfigPassword OBJECT-TYPE 930 SYNTAX DisplayString (SIZE(0..64)) 931 MAX-ACCESS read-write 932 STATUS current 933 DESCRIPTION "This object can be used to set the password 934 the supplicant uses for MD5 authentication." 935 ::= { hpicfDot1xSuppConfigEntry 2 } 936 937-- ---------------------------------------------------------- -- 938-- Conformance Information 939-- ---------------------------------------------------------- -- 940 941hpicfDot1xConformance OBJECT IDENTIFIER ::= { hpicfDot1xMIB 2 } 942 943hpicfDot1xGroups OBJECT IDENTIFIER ::= { hpicfDot1xConformance 1 } 944 945hpicfDot1xCompliances OBJECT IDENTIFIER 946 ::= { hpicfDot1xConformance 2 } 947 948-- ---------------------------------------------------------- -- 949-- units of conformance 950-- ---------------------------------------------------------- -- 951 952hpicfDot1xPaePortGroup OBJECT-GROUP 953 OBJECTS { 954 hpicfDot1xPaePortAuth, 955 hpicfDot1xPaePortSupp 956 } 957 STATUS current 958 DESCRIPTION 959 "A collection of objects providing basic administrative 960 control over Authenticator PAE and Supplicant PAE in 961 system." 962 ::= { hpicfDot1xGroups 1 } 963 964hpicfDot1xAuthConfigGroup OBJECT-GROUP 965 OBJECTS { 966 hpicfDot1xAuthAuthVid, 967 hpicfDot1xAuthUnauthVid, 968 hpicfDot1xAuthUnauthPeriod, 969 hpicfDot1xAuthClientLimit, 970 hpicfDot1xAuthLogoffPeriod 971 } 972 STATUS deprecated 973 DESCRIPTION 974 "********* THIS GROUP IS DEPRECATED ********* 975 A collection of objects providing basic configuration 976 control of over Authenticator PAEs." 977 ::= { hpicfDot1xGroups 2 } 978 979 980hpicfDot1xSMAuthConfigGroup OBJECT-GROUP 981 OBJECTS { 982 hpicfDot1xSMAuthInitialize, 983 hpicfDot1xSMAuthReauthenticate, 984 hpicfDot1xSMAuthPaeState, 985 hpicfDot1xSMAuthBackendAuthState, 986 hpicfDot1xSMAuthReAuthPeriod, 987 hpicfDot1xSMAuthReAuthEnabled 988 } 989 STATUS current 990 DESCRIPTION 991 "A collection of objects providing basic status and 992 configuration control over Authenticator PAEs running 993 on a shared-media port." 994 ::= { hpicfDot1xGroups 3 } 995 996hpicfDot1xAuthDiagGroup OBJECT-GROUP 997 OBJECTS { 998 hpicfDot1xAuthNumberOfSuccessAuthentication, 999 hpicfDot1xAuthNumberOfFailedAuthentication 1000 } 1001 STATUS current 1002 DESCRIPTION 1003 "A collection of objects providing basic diagnostic 1004 Information over Authenticator PAEs." 1005 ::= { hpicfDot1xGroups 4 } 1006 1007 1008hpicfDot1xAuthStatsGroup OBJECT-GROUP 1009 OBJECTS { 1010 hpicfDot1xAuthEapolFramesRx, 1011 hpicfDot1xAuthEapolFramesTx, 1012 hpicfDot1xAuthEapolStartFramesRx, 1013 hpicfDot1xAuthEapolLogoffFramesRx, 1014 hpicfDot1xAuthEapolRespIdFramesRx, 1015 hpicfDot1xAuthEapolRespFramesRx, 1016 hpicfDot1xAuthEapolReqIdFramesTx, 1017 hpicfDot1xAuthEapolReqFramesTx, 1018 hpicfDot1xAuthInvalidEapolFramesRx, 1019 hpicfDot1xAuthEapLengthErrorFramesRx, 1020 hpicfDot1xAuthLastEapolFrameVersion, 1021 hpicfDot1xAuthLastEapolFrameSource 1022 } 1023 STATUS current 1024 DESCRIPTION 1025 "A collection of objects providing statistics about 1026 Authenticator PAEs running on a shared-media port." 1027 ::= { hpicfDot1xGroups 5 } 1028 1029 1030hpicfDot1xAuthSessionStatsGroup OBJECT-GROUP 1031 OBJECTS { 1032 hpicfDot1xAuthSessionOctetsRx, 1033 hpicfDot1xAuthSessionOctetsTx, 1034 hpicfDot1xAuthSessionFramesRx, 1035 hpicfDot1xAuthSessionFramesTx, 1036 hpicfDot1xAuthSessionId, 1037 hpicfDot1xAuthSessionAuthenticMethod, 1038 hpicfDot1xAuthSessionTime, 1039 hpicfDot1xAuthSessionStartTime, 1040 hpicfDot1xAuthSessionStopTime, 1041 hpicfDot1xAuthSessionInactiveTime, 1042 hpicfDot1xAuthSessionTerminateCause, 1043 hpicfDot1xAuthSessionUserName, 1044 hpicfDot1xAuthSessionIsForwarding, 1045 hpicfDot1xAuthSessionVid 1046 } 1047 STATUS current 1048 DESCRIPTION 1049 "A collection of objects providing statistics about the 1050 current, or last sessions for Authenticator PAEs running 1051 on a shared-media port." 1052 ::= { hpicfDot1xGroups 6 } 1053 1054hpicfDot1xAuthConfigGroup2 OBJECT-GROUP 1055 OBJECTS { 1056 hpicfDot1xAuthAuthVid, 1057 hpicfDot1xAuthUnauthVid, 1058 hpicfDot1xAuthUnauthPeriod, 1059 hpicfDot1xAuthLogoffPeriod, 1060 hpicfDot1xAuthClientLimit2 1061 } 1062 STATUS current 1063 DESCRIPTION 1064 "A collection of objects providing basic configuration 1065 control of over Authenticator PAEs." 1066 ::= { hpicfDot1xGroups 7 } 1067 1068hpicfDot1xAuthConfigGroup3 OBJECT-GROUP 1069 OBJECTS { 1070 hpicfDot1xAuthAuthVid, 1071 hpicfDot1xAuthUnauthVid, 1072 hpicfDot1xAuthUnauthPeriod, 1073 hpicfDot1xAuthLogoffPeriod, 1074 hpicfDot1xAuthClientLimit2, 1075 hpicfDot1xAuthAllowGvrpVlans 1076 } 1077 STATUS current 1078 DESCRIPTION 1079 "A collection of objects providing basic configuration 1080 control of over Authenticator PAEs." 1081 ::= { hpicfDot1xGroups 8 } 1082 1083-- ---------------------------------------------------------- -- 1084-- compliance statements 1085-- ---------------------------------------------------------- -- 1086 1087hpicfDot1xCompliance MODULE-COMPLIANCE 1088 STATUS deprecated 1089 DESCRIPTION 1090 "********* THIS COMPLIANCE IS DEPRECATED ********* 1091 The compliance statement for devices support of 1092 HP ProCurve IEEE 802.1X extensions MIB." 1093 1094 MODULE 1095 GROUP hpicfDot1xPaePortGroup 1096 DESCRIPTION 1097 "This group is mandatory for systems that support 1098 Authenticator and/or Supplicant functions of the PAE." 1099 1100 GROUP hpicfDot1xAuthConfigGroup 1101 DESCRIPTION 1102 "This group is mandatory for systems that support 1103 Authenticator functions of the PAE." 1104 1105 GROUP hpicfDot1xSMAuthConfigGroup 1106 DESCRIPTION 1107 "This group is mandatory for systems that support 1108 shared-media Authenticator functions of the PAE." 1109 1110 1111 GROUP hpicfDot1xAuthStatsGroup 1112 DESCRIPTION 1113 "This group is mandatory for systems that support 1114 the Authenticator functions of the PAE." 1115 1116 GROUP hpicfDot1xAuthSessionStatsGroup 1117 DESCRIPTION 1118 "This group is mandatory for systems that support 1119 the Authenticator functions of the PAE." 1120 1121 1122 ::= { hpicfDot1xCompliances 1 } 1123 1124hpicfDot1xCompliance2 MODULE-COMPLIANCE 1125 STATUS deprecated 1126 DESCRIPTION 1127 "********* THIS COMPLIANCE IS DEPRECATED ********* 1128 The compliance statement for devices support of 1129 HP ProCurve IEEE 802.1X extensions MIB." 1130 1131 MODULE 1132 GROUP hpicfDot1xPaePortGroup 1133 DESCRIPTION 1134 "This group is mandatory for systems that support 1135 Authenticator and/or Supplicant functions of the PAE." 1136 1137 GROUP hpicfDot1xAuthConfigGroup2 1138 DESCRIPTION 1139 "This group is mandatory for systems that support 1140 Authenticator functions of the PAE." 1141 1142 GROUP hpicfDot1xSMAuthConfigGroup 1143 DESCRIPTION 1144 "This group is mandatory for systems that support 1145 shared-media Authenticator functions of the PAE." 1146 1147 1148 GROUP hpicfDot1xAuthStatsGroup 1149 DESCRIPTION 1150 "This group is mandatory for systems that support 1151 the Authenticator functions of the PAE." 1152 1153 GROUP hpicfDot1xAuthSessionStatsGroup 1154 DESCRIPTION 1155 "This group is mandatory for systems that support 1156 the Authenticator functions of the PAE." 1157 1158 1159 ::= { hpicfDot1xCompliances 2 } 1160 1161hpicfDot1xCompliance3 MODULE-COMPLIANCE 1162 STATUS current 1163 DESCRIPTION 1164 "The compliance statement for devices support of 1165 HP ProCurve IEEE 802.1X extensions MIB." 1166 1167 MODULE 1168 GROUP hpicfDot1xPaePortGroup 1169 DESCRIPTION 1170 "This group is mandatory for systems that support 1171 Authenticator and/or Supplicant functions of the PAE." 1172 1173 GROUP hpicfDot1xAuthConfigGroup3 1174 DESCRIPTION 1175 "This group is mandatory for systems that support 1176 Authenticator functions of the PAE." 1177 1178 GROUP hpicfDot1xSMAuthConfigGroup 1179 DESCRIPTION 1180 "This group is mandatory for systems that support 1181 shared-media Authenticator functions of the PAE." 1182 1183 1184 GROUP hpicfDot1xAuthStatsGroup 1185 DESCRIPTION 1186 "This group is mandatory for systems that support 1187 the Authenticator functions of the PAE." 1188 1189 GROUP hpicfDot1xAuthSessionStatsGroup 1190 DESCRIPTION 1191 "This group is mandatory for systems that support 1192 the Authenticator functions of the PAE." 1193 1194 ::= { hpicfDot1xCompliances 3 } 1195 1196 END 1197