1-- ***************************************************************** 2-- CISCO-RADIUS-EXT-MIB.my: Cisco RADIUS extension MIB file. 3-- 4-- Copyright (c) 1999-2000, 2008, 2010 by cisco Systems Inc. 5-- All rights reserved. 6-- ***************************************************************** 7 8CISCO-RADIUS-EXT-MIB DEFINITIONS ::= BEGIN 9 10IMPORTS 11 MODULE-IDENTITY, 12 OBJECT-TYPE, 13 Counter32, 14 Gauge32, 15 Unsigned32 16 FROM SNMPv2-SMI 17 MODULE-COMPLIANCE, 18 OBJECT-GROUP 19 FROM SNMPv2-CONF 20 TimeInterval, 21 TEXTUAL-CONVENTION 22 FROM SNMPv2-TC 23 InetPortNumber 24 FROM INET-ADDRESS-MIB 25 ciscoMgmt 26 FROM CISCO-SMI; 27 28 29ciscoRadiusExtMIB MODULE-IDENTITY 30 LAST-UPDATED "201005250000Z" 31 ORGANIZATION "Cisco Systems, Inc." 32 CONTACT-INFO 33 "Cisco Systems 34 Customer Service 35 36 Postal: 170 W Tasman Drive 37 San Jose, CA 95134 38 USA 39 40 Tel: +1 800 553-NETS 41 42 E-mail: cs-aaa@cisco.com" 43 DESCRIPTION 44 "This MIB module defines objects describing RADIUS (Remote 45 Access Dialin User Service), serving as an extension of the 46 following MIB modules: 47 - 48 - RADIUS-AUTH-CLIENT-MIB [RFC4668] 49 - RADIUS-AUTH-SERVER-MIB [RFC4669] 50 - RADIUS-ACC-CLIENT-MIB [RFC4670] 51 - RADIUS-ACC-SERVER-MIB [RFC4671] 52 - RADIUS-DYNAUTH-CLIENT-MIB [RFC4672] 53 - RADIUS-DYNAUTH-SERVER-MIB [RFC4673] 54 - 55 [RFC4668] D. Nelson, RADIUS Authentication Client MIB for IPv6, 56 57 RFC-4668, August 2006. 58 - 59 [RFC4669] D. Nelson, RADIUS Authentication Server MIB for IPv6, 60 61 RFC-4669, August 2006. 62 - 63 [RFC4670] D. Nelson, RADIUS Accounting Client MIB for IPv6, 64 RFC-4670, August 2006. 65 - 66 [RFC4671] D. Nelson, RADIUS Accounting Server MIB for IPv6, 67 RFC-4671, August 2006. 68 - 69 [RFC4672] S. De Cnodder, N. Jonnala, M. Chiba, RADIUS Dynamic 70 Authorization Client MIB, RFC-4672, September 2006. 71 - 72 [RFC4673] S. De Cnodder, N. Jonnala, M. Chiba, RADIUS Dynamic 73 Authorization Server MIB, RFC-4673, September 2006." 74 REVISION "201005250000Z" 75 DESCRIPTION 76 "Modified 'max-access' of creAuthClientLastUsedSourceId and 77 creAcctClientLastUsedSourceId" 78 REVISION "201005200000Z" 79 DESCRIPTION 80 "Initial Version" 81 ::= { ciscoMgmt 736 } 82 83 84 85RadiusSourceIdentifier ::= TEXTUAL-CONVENTION 86 STATUS current 87 DESCRIPTION 88 "This textual convention represents the range of identifers used 89 when 'extended RADIUS source port' is configured." 90 SYNTAX Unsigned32 (0..255) 91-- Overview of CISCO RADIUS extension MIB 92-- 93-- MIB description 94-- 95-- This MIB module decribes MIB objects used for managing 96-- RADIUS authentication/accounting clients. 97-- 98 99-- Cisco RADIUS Extension MIB object definitions 100 101cRadiusExtMIBObjects OBJECT IDENTIFIER 102 ::= { ciscoRadiusExtMIB 1 } 103 104-- Statistics objects 105 106creClientGlobal OBJECT IDENTIFIER 107 ::= { cRadiusExtMIBObjects 1 } 108 109creClientAuthentication OBJECT IDENTIFIER 110 ::= { cRadiusExtMIBObjects 2 } 111 112creClientAccounting OBJECT IDENTIFIER 113 ::= { cRadiusExtMIBObjects 3 } 114 115creClientDynAuth OBJECT IDENTIFIER 116 ::= { cRadiusExtMIBObjects 4 } 117 118creServerGlobal OBJECT IDENTIFIER 119 ::= { cRadiusExtMIBObjects 5 } 120 121creServerAuthentication OBJECT IDENTIFIER 122 ::= { cRadiusExtMIBObjects 6 } 123 124creServerAccounting OBJECT IDENTIFIER 125 ::= { cRadiusExtMIBObjects 7 } 126 127creServerDynAuth OBJECT IDENTIFIER 128 ::= { cRadiusExtMIBObjects 8 } 129 130 131-- Radius Statistics 132 133creClientTotalMaxInQLength OBJECT-TYPE 134 SYNTAX Gauge32 135 UNITS "RADIUS packets" 136 MAX-ACCESS read-only 137 STATUS current 138 DESCRIPTION 139 "This object indicates the maximum length of the queue which 140 stores the incoming RADIUS packets." 141 ::= { creClientGlobal 1 } 142 143creClientTotalMaxWaitQLength OBJECT-TYPE 144 SYNTAX Gauge32 145 UNITS "RADIUS packets" 146 MAX-ACCESS read-only 147 STATUS current 148 DESCRIPTION 149 "This object indicates the maximum length of the queue which 150 stores the pending RADIUS packets for which the responses are 151 outstanding." 152 ::= { creClientGlobal 2 } 153 154creClientTotalMaxDoneQLength OBJECT-TYPE 155 SYNTAX Gauge32 156 UNITS "RADIUS packets" 157 MAX-ACCESS read-only 158 STATUS current 159 DESCRIPTION 160 "This object indicates the maximum length of the queue which 161 stores those RADIUS packets for which the responses are 162 received." 163 ::= { creClientGlobal 3 } 164 165creClientTotalAccessRejects OBJECT-TYPE 166 SYNTAX Counter32 167 UNITS "RADIUS packets" 168 MAX-ACCESS read-only 169 STATUS current 170 DESCRIPTION 171 "This object indicates the number of access reject packets 172 received by the RADIUS client." 173 ::= { creClientGlobal 4 } 174 175creClientTotalAverageResponseDelay OBJECT-TYPE 176 SYNTAX TimeInterval 177 MAX-ACCESS read-only 178 STATUS current 179 DESCRIPTION 180 "This object indicates the overall response delay experienced 181 by RADIUS packets (both authentication and accounting)." 182 ::= { creClientGlobal 5 } 183 184creClientSourcePortRangeStart OBJECT-TYPE 185 SYNTAX InetPortNumber 186 MAX-ACCESS read-only 187 STATUS current 188 DESCRIPTION 189 "If the 'extended RADIUS source ports' is configured, multiple 190 source ports are used for sending out RADIUS authentication or 191 accounting requests. This MIB object indicates the port value 192 from where this range starts." 193 ::= { creClientGlobal 6 } 194 195creClientSourcePortRangeEnd OBJECT-TYPE 196 SYNTAX InetPortNumber 197 MAX-ACCESS read-only 198 STATUS current 199 DESCRIPTION 200 "If the 'extended RADIUS source port' is configured, multiple 201 source ports are used for sending out RADIUS authentication or 202 accounting requests. This MIB object indicates the port value 203 where this range ends." 204 ::= { creClientGlobal 7 } 205 206creClientLastUsedSourcePort OBJECT-TYPE 207 SYNTAX InetPortNumber 208 MAX-ACCESS read-only 209 STATUS current 210 DESCRIPTION 211 "If the 'extended RADIUS source ports' is configured, multiple 212 source ports are used for sending out RADIUS authentication or 213 accounting requests. This MIB object indicates the last source 214 port that was used to send out a RADIUS authentication or 215 accounting request." 216 ::= { creClientGlobal 8 } 217 218creClientLastUsedSourceId OBJECT-TYPE 219 SYNTAX RadiusSourceIdentifier 220 MAX-ACCESS read-only 221 STATUS current 222 DESCRIPTION 223 "This MIB object indicates the last source identifier that was 224 used to send out a RADIUS packet when 'extended RADIUS source 225 ports' is configured. The source identifier is a counter that 226 is incremented everytime a RADIUS authentication or an 227 accounting packet is sent." 228 ::= { creClientGlobal 9 } 229 230creAuthClientBadAuthenticators OBJECT-TYPE 231 SYNTAX Counter32 232 UNITS "RADIUS packets" 233 MAX-ACCESS read-only 234 STATUS current 235 DESCRIPTION 236 "This object indicates the number of RADIUS authentication 237 response packets received which contained invalid 238 authenticators." 239 ::= { creClientAuthentication 1 } 240 241creAuthClientUnknownResponses OBJECT-TYPE 242 SYNTAX Counter32 243 UNITS "RADIUS packets" 244 MAX-ACCESS read-only 245 STATUS current 246 DESCRIPTION 247 "This object indicates the number of unknown RADIUS 248 authentication responses received." 249 ::= { creClientAuthentication 2 } 250 251creAuthClientTotalPacketsWithResponses OBJECT-TYPE 252 SYNTAX Counter32 253 UNITS "RADIUS packets" 254 MAX-ACCESS read-only 255 STATUS current 256 DESCRIPTION 257 "This object indicates the number of RADIUS authentication 258 packets that received responses." 259 ::= { creClientAuthentication 3 } 260 261creAuthClientBufferAllocFailures OBJECT-TYPE 262 SYNTAX Counter32 263 UNITS "buffer failures" 264 MAX-ACCESS read-only 265 STATUS current 266 DESCRIPTION 267 "This object indicates the number of buffer allocation 268 failures encountered during RADIUS request formation." 269 ::= { creClientAuthentication 4 } 270 271creAuthClientTotalResponses OBJECT-TYPE 272 SYNTAX Counter32 273 UNITS "RADIUS packets" 274 MAX-ACCESS read-only 275 STATUS current 276 DESCRIPTION 277 "This object indicates the number of RADIUS authentication 278 response packets received by the RADIUS client." 279 ::= { creClientAuthentication 5 } 280 281creAuthClientTotalPacketsWithoutResponses OBJECT-TYPE 282 SYNTAX Counter32 283 UNITS "RADIUS packets" 284 MAX-ACCESS read-only 285 STATUS current 286 DESCRIPTION 287 "This object indicates the number of RADIUS authentication 288 packets that never received a response." 289 ::= { creClientAuthentication 6 } 290 291creAuthClientAverageResponseDelay OBJECT-TYPE 292 SYNTAX TimeInterval 293 MAX-ACCESS read-only 294 STATUS current 295 DESCRIPTION 296 "This object indicates the average response delay experienced 297 for RADIUS authentication requests." 298 ::= { creClientAuthentication 7 } 299 300creAuthClientMaxResponseDelay OBJECT-TYPE 301 SYNTAX TimeInterval 302 MAX-ACCESS read-only 303 STATUS current 304 DESCRIPTION 305 "This object indicates the maximum delay experienced for RADIUS 306 authentication requests." 307 ::= { creClientAuthentication 8 } 308 309creAuthClientMaxBufferSize OBJECT-TYPE 310 SYNTAX Unsigned32 (1..4294967295) 311 UNITS "bytes" 312 MAX-ACCESS read-only 313 STATUS current 314 DESCRIPTION 315 "This object indicates the maximum buffer size for RADIUS 316 authentication packet." 317 ::= { creClientAuthentication 9 } 318 319creAuthClientTimeouts OBJECT-TYPE 320 SYNTAX Counter32 321 UNITS "timeouts" 322 MAX-ACCESS read-only 323 STATUS current 324 DESCRIPTION 325 "This object indicates the number of timeouts that have occurred 326 for RADIUS authentication. After a timeout the client may 327 retry sending the request to the same server or to a different 328 server or give up depending on the configuration." 329 ::= { creClientAuthentication 10 } 330 331creAuthClientDupIDs OBJECT-TYPE 332 SYNTAX Counter32 333 UNITS "RADIUS packets" 334 MAX-ACCESS read-only 335 STATUS current 336 DESCRIPTION 337 "This object indicates the number of times client has received 338 duplicate authentication responses with the same identifier. 339 Out of these two packets, the later packet is considered as a 340 true match." 341 ::= { creClientAuthentication 11 } 342 343creAuthClientMalformedResponses OBJECT-TYPE 344 SYNTAX Counter32 345 UNITS "RADIUS packets" 346 MAX-ACCESS read-only 347 STATUS current 348 DESCRIPTION 349 "This object indicates the number of malformed RADIUS 350 authentication responses received. Malformed packets include 351 packets with an invalid length." 352 ::= { creClientAuthentication 12 } 353 354creAuthClientLastUsedSourceId OBJECT-TYPE 355 SYNTAX RadiusSourceIdentifier 356 MAX-ACCESS read-only 357 STATUS current 358 DESCRIPTION 359 "This MIB object indicates the last source identifier that was 360 used to send out a RADIUS authentication request when 'extended 361 RADIUS source ports' is configured. The source identifier is a 362 counter that is incremented everytime a RADIUS authentication 363 request is sent." 364 ::= { creClientAuthentication 13 } 365 366creAcctClientBadAuthenticators OBJECT-TYPE 367 SYNTAX Counter32 368 UNITS "RADIUS packets" 369 MAX-ACCESS read-only 370 STATUS current 371 DESCRIPTION 372 "This object indicates the number of RADIUS Accounting-Response 373 packets received with invalid authenticators." 374 ::= { creClientAccounting 1 } 375 376creAcctClientUnknownResponses OBJECT-TYPE 377 SYNTAX Counter32 378 UNITS "RADIUS packets" 379 MAX-ACCESS read-only 380 STATUS current 381 DESCRIPTION 382 "This object indicates the number of unknown RADIUS accounting 383 responses received." 384 ::= { creClientAccounting 2 } 385 386creAcctClientTotalPacketsWithResponses OBJECT-TYPE 387 SYNTAX Counter32 388 UNITS "RADIUS packets" 389 MAX-ACCESS read-only 390 STATUS current 391 DESCRIPTION 392 "This object indicates the number of RADIUS accounting packets 393 that received responses." 394 ::= { creClientAccounting 3 } 395 396creAcctClientBufferAllocFailures OBJECT-TYPE 397 SYNTAX Counter32 398 UNITS "buffer failures" 399 MAX-ACCESS read-only 400 STATUS current 401 DESCRIPTION 402 "This object indicates the number of buffer allocation failures 403 encountered for RADIUS accounting request." 404 ::= { creClientAccounting 4 } 405 406creAcctClientTotalResponses OBJECT-TYPE 407 SYNTAX Counter32 408 UNITS "RADIUS packets" 409 MAX-ACCESS read-only 410 STATUS current 411 DESCRIPTION 412 "This object indicates the number of RADIUS accounting response 413 packets received by the RADIUS client." 414 ::= { creClientAccounting 5 } 415 416creAcctClientTotalPacketsWithoutResponses OBJECT-TYPE 417 SYNTAX Counter32 418 UNITS "RADIUS packets" 419 MAX-ACCESS read-only 420 STATUS current 421 DESCRIPTION 422 "This object indicates the number of RADIUS accounting packets 423 that never received a response." 424 ::= { creClientAccounting 6 } 425 426creAcctClientAverageResponseDelay OBJECT-TYPE 427 SYNTAX TimeInterval 428 MAX-ACCESS read-only 429 STATUS current 430 DESCRIPTION 431 "This object indicates the average response delay experienced 432 for RADIUS accounting." 433 ::= { creClientAccounting 7 } 434 435creAcctClientMaxResponseDelay OBJECT-TYPE 436 SYNTAX TimeInterval 437 MAX-ACCESS read-only 438 STATUS current 439 DESCRIPTION 440 "This object indicates the maximum delay experienced for RADIUS 441 accounting." 442 ::= { creClientAccounting 8 } 443 444creAcctClientMaxBufferSize OBJECT-TYPE 445 SYNTAX Unsigned32 (1..4294967295) 446 UNITS "bytes" 447 MAX-ACCESS read-only 448 STATUS current 449 DESCRIPTION 450 "This object indicates the maximum buffer size for RADIUS 451 accounting packets." 452 ::= { creClientAccounting 9 } 453 454creAcctClientTimeouts OBJECT-TYPE 455 SYNTAX Counter32 456 UNITS "timeouts" 457 MAX-ACCESS read-only 458 STATUS current 459 DESCRIPTION 460 "This object indicates the number of timeouts that have occurred 461 for RADIUS accounting. After a timeout the client may retry 462 sending the request to the same server or to a different 463 server or give up depending on the configuration." 464 ::= { creClientAccounting 10 } 465 466creAcctClientDupIDs OBJECT-TYPE 467 SYNTAX Counter32 468 UNITS "RADIUS packets" 469 MAX-ACCESS read-only 470 STATUS current 471 DESCRIPTION 472 "This object indicates the number of times client has received 473 duplicate accounting responses with the same identifier. Out 474 of these two packets, the later packet is considered as a true 475 match." 476 ::= { creClientAccounting 11 } 477 478creAcctClientMalformedResponses OBJECT-TYPE 479 SYNTAX Counter32 480 UNITS "RADIUS packets" 481 MAX-ACCESS read-only 482 STATUS current 483 DESCRIPTION 484 "This object indicates the number of malformed RADIUS accounting 485 responses received. Malformed packets include packets with an 486 invalid length." 487 ::= { creClientAccounting 12 } 488 489creAcctClientLastUsedSourceId OBJECT-TYPE 490 SYNTAX RadiusSourceIdentifier 491 MAX-ACCESS read-only 492 STATUS current 493 DESCRIPTION 494 "This MIB object indicates the last source identifier that was 495 used to send out a RADIUS accounting request when 'extended 496 RADIUS source ports' is configured. The source identifier is a 497 counter that is incremented everytime a RADIUS accounting 498 request is sent." 499 ::= { creClientAccounting 13 } 500-- ****************************************************************** 501-- Conformance and Compliance 502-- ****************************************************************** 503 504cRadiusExtMIBConformance OBJECT IDENTIFIER 505 ::= { ciscoRadiusExtMIB 2 } 506 507creMIBCompliances OBJECT IDENTIFIER 508 ::= { cRadiusExtMIBConformance 1 } 509 510creMIBGroups OBJECT IDENTIFIER 511 ::= { cRadiusExtMIBConformance 2 } 512 513 514-- compliance statements 515 516creMIBCompliance MODULE-COMPLIANCE 517 STATUS current 518 DESCRIPTION 519 "The compliance statement for entities which 520 implement the CISCO RADIUS Extention MIB" 521 MODULE -- this module 522 MANDATORY-GROUPS { 523 creClientAuthenenticationGroup, 524 creClientGlobalGroup, 525 creClientAccountingGroup 526 } 527 ::= { creMIBCompliances 1 } 528 529creClientGlobalGroup OBJECT-GROUP 530 OBJECTS { 531 creClientTotalMaxInQLength, 532 creClientTotalMaxWaitQLength, 533 creClientTotalMaxDoneQLength, 534 creClientTotalAccessRejects, 535 creClientSourcePortRangeStart, 536 creClientSourcePortRangeEnd, 537 creClientLastUsedSourcePort, 538 creClientLastUsedSourceId, 539 creClientTotalAverageResponseDelay 540 } 541 STATUS current 542 DESCRIPTION 543 "Objects for providing aggregated statistics of RADIUS client." 544 ::= { creMIBGroups 1 } 545 546-- units of conformance 547 548creClientAuthenenticationGroup OBJECT-GROUP 549 OBJECTS { 550 creAuthClientTotalResponses, 551 creAuthClientTotalPacketsWithResponses, 552 creAuthClientTotalPacketsWithoutResponses, 553 creAuthClientAverageResponseDelay, 554 creAuthClientMaxResponseDelay, 555 creAuthClientTimeouts, 556 creAuthClientDupIDs, 557 creAuthClientBufferAllocFailures, 558 creAuthClientMaxBufferSize, 559 creAuthClientMalformedResponses, 560 creAuthClientBadAuthenticators, 561 creAuthClientUnknownResponses, 562 creAuthClientLastUsedSourceId 563 } 564 STATUS current 565 DESCRIPTION 566 "Objects for providing statistics of RADIUS client 567 authentication packets." 568 ::= { creMIBGroups 2 } 569 570creClientAccountingGroup OBJECT-GROUP 571 OBJECTS { 572 creAcctClientTotalResponses, 573 creAcctClientTotalPacketsWithResponses, 574 creAcctClientTotalPacketsWithoutResponses, 575 creAcctClientAverageResponseDelay, 576 creAcctClientMaxResponseDelay, 577 creAcctClientTimeouts, 578 creAcctClientBadAuthenticators, 579 creAcctClientUnknownResponses, 580 creAcctClientLastUsedSourceId, 581 creAcctClientDupIDs, 582 creAcctClientBufferAllocFailures, 583 creAcctClientMaxBufferSize, 584 creAcctClientMalformedResponses 585 } 586 STATUS current 587 DESCRIPTION 588 "Objects for providing statistics of RADIUS client accounting 589 packets." 590 ::= { creMIBGroups 3 } 591 592END 593 594 595 596 597 598 599 600 601 602 603 604 605 606 607 608 609 610 611 612 613 614 615 616 617 618 619 620 621 622 623 624 625 626 627 628 629 630 631 632 633 634 635 636 637 638 639 640 641 642 643 644 645 646 647 648 649 650 651 652 653 654 655 656 657 658 659 660 661 662 663 664 665 666 667 668 669 670 671 672 673 674 675 676 677 678 679 680 681 682 683 684 685 686 687 688 689 690 691 692 693 694 695 696 697 698 699 700 701 702