1RADLAN-AAA DEFINITIONS ::= BEGIN 2 3-- Title: AAA Private Extension 4-- Version: 7.38.00.00 5-- Date: 13 Dec 2004 6-- 03-Jun-2003 Changed upper bound of rlRadiusGlobalDefaultDeadtime to 2000 7-- 31-Jul-2003 A new field rlRadiusServerUsage was added to rlRadiusServerEntry 8-- 31-Jul-2003 Group rlAAAEap was added 9-- 22-Sep-2003 Group rlTacacs was added 10-- 11-Nov-2004 Scalar rlAAAAuditingEnable 11-- 13-Dec-2004 MIBs for TIC support 12-- a. New fields were added: 13-- rlAAALineLockedState 14-- rlAAALineConsFailedLogins 15-- rlAAALinePasswordValidTime 16-- rlAAALinePasswordExpieryDate 17-- rlAAALocalLockedState 18-- rlAAALocalConsFailedLogins 19-- rlAAALocalPasswordValidTime 20-- rlAAALocalPasswordExpieryDate 21-- b. New scalars 22-- rlAAAMinPasswordLength 23-- rlAAAPasswordHistSize 24-- rlAAAPasswordHistHoldTime 25-- rlAAASuccLoginWriteToFile 26-- rlAAAUnlockUserName 27-- rlAAAUnlockSystemPassword 28-- c. New tables 29-- rlAAALocalLoginHistTable 30-- rlAAALinePassLoginHistTable 31-- rlAAASystemLoginHistTable 32-- rlAAASysPassStatTable 33-- rlAAALockedLineTable 34 35IMPORTS 36 rnd FROM RADLAN-MIB 37 rlRadius FROM RADLAN-MIB 38 rlAAAEap FROM RADLAN-MIB 39 DisplayString FROM SNMPv2-TC 40 TruthValue, RowStatus FROM RADLAN-SNMPv2 41 Unsigned32, IpAddress,Counter32, 42 MODULE-IDENTITY, OBJECT-TYPE FROM SNMPv2-SMI 43 TEXTUAL-CONVENTION FROM SNMPv2-TC; 44 45rlAAA MODULE-IDENTITY 46 LAST-UPDATED "200309210000Z" 47 ORGANIZATION "" 48 CONTACT-INFO 49 "" 50 DESCRIPTION 51 "The private MIB module definition for Authentication, Authorization and Accounting." 52 REVISION "200309210000Z" 53 DESCRIPTION 54 "Added this MODULE-IDENTITY clause." 55 ::= { rnd 79 } 56 57RlAAAMethodtype ::= TEXTUAL-CONVENTION 58 STATUS current 59 DESCRIPTION "Method list type." 60 SYNTAX INTEGER { 61 rlAAAMethodDeny(0), 62 rlAAAMethodLinePassword(1), 63 rlAAAMethodSystemPassword(2), 64 rlAAAMethodLocalUserTable(3), 65 rlAAAMethodRadius(4), 66 rlAAAMethodTacacs(5), 67 rlAAAMethodSucceed(6) 68} 69 70RlAAAServiceType ::= TEXTUAL-CONVENTION 71 STATUS current 72 DESCRIPTION "Line service type.rlAAAServiceTypeDontCare must be the maximum value in the enum." 73 SYNTAX INTEGER { 74 rlAAAServiceTypeDontCare(0), 75 rlAAAServiceTypeTelnet(1), 76 rlAAAServiceTypeHttp(2), 77 rlAAAServiceTypeSsh(3), 78 rlAAAServiceTypeHttps(4), 79 rlAAAServiceTypeSnmp(5) 80} 81 82RlAAALinePortType ::= TEXTUAL-CONVENTION 83 STATUS current 84 DESCRIPTION "Line physical port type,the 85 rlAAAPortDontCare must be the maximum value in the enum." 86 SYNTAX INTEGER { 87 rlAAAPortDontCare(0), 88 rlAAAPortNetwork(1), 89 rlAAAPortConsole(2) 90} 91 92rlAAAMibVersion OBJECT-TYPE 93 SYNTAX INTEGER 94 MAX-ACCESS read-only 95 STATUS current 96 DESCRIPTION 97 "MIB's version, the current version is 1." 98 ::= { rlAAA 1 } 99 100 101rlAAARetries OBJECT-TYPE 102 SYNTAX INTEGER (1..5) 103 MAX-ACCESS read-write 104 STATUS current 105 DESCRIPTION 106 "Determines the number of retries for each method 107 (Radius, local passwords, local users table and 108 tacacs)." 109 ::= { rlAAA 2 } 110 111 112rlAAARadiusEnabled OBJECT-TYPE 113 SYNTAX TruthValue 114 MAX-ACCESS read-write 115 STATUS current 116 DESCRIPTION "Specifies whether AAA will use Radius. When to use 117 Radius exactly depends on its position in the 118 methods list. " 119 ::= { rlAAA 3 } 120 121rlAAATacacsEnabled OBJECT-TYPE 122 SYNTAX TruthValue 123 MAX-ACCESS read-write 124 STATUS current 125 DESCRIPTION "Specifies whether AAA will use Tacacs. When to use 126 Tacacs exactly depends on its position in the 127 methods list." 128 ::= { rlAAA 4 } 129 130rlAAALocalUserEnabled OBJECT-TYPE 131 SYNTAX TruthValue 132 MAX-ACCESS read-write 133 STATUS current 134 DESCRIPTION "Specifies whether AAA will use the local users table. 135 When to use the table exactly depends on its 136 position in the methods list. " 137 ::= { rlAAA 5 } 138 139rlAAASystemPasswordEnabled 140 OBJECT-TYPE 141 SYNTAX TruthValue 142 MAX-ACCESS read-write 143 STATUS current 144 DESCRIPTION "Specifies whether AAA will use the system password. 145 When to use the passwords exactly depends on its 146 position in the methods list. " 147 ::= { rlAAA 6 } 148 149rlAAALinePasswordEnabled OBJECT-TYPE 150 SYNTAX TruthValue 151 MAX-ACCESS read-write 152 STATUS current 153 DESCRIPTION "Specifies whether AAA will use the line password. 154 When to use the passwords exactly depends on its 155 position in the methods list. " 156 ::= { rlAAA 7 } 157 158rlAAAAlwaysSuccessEnabled OBJECT-TYPE 159 SYNTAX TruthValue 160 MAX-ACCESS read-write 161 STATUS current 162 DESCRIPTION "Specifies whether AAA will use the always success method. 163 When to use that method exactly depends on its 164 position in the methods list. " 165 ::= { rlAAA 8 } 166 167-- 168-- suppoted methods 169-- 170 171rlAAARadiusSupported OBJECT-TYPE 172 SYNTAX TruthValue 173 MAX-ACCESS read-only 174 STATUS current 175 DESCRIPTION "This mib show whether Radius is supported in AAA. If the 176 value is false Radius will not be used as an 177 authentication and accounting method. If the value 178 is true Radius will be used by AAA for authentication and 179 accounting if the the AAA was configured to do so 180 (by setting the appropriate mibs)." 181 ::= { rlAAA 9 } 182 183 rlAAATacacsSupported OBJECT-TYPE 184 SYNTAX TruthValue 185 MAX-ACCESS read-only 186 STATUS current 187 DESCRIPTION "This mib show whether Tacacs+ is supported in AAA. If the 188 value is false Tacacs+ will not be used as an 189 authentication and accounting method. If the value 190 is true Tacacs+ will be used by AAA for authentication and 191 accounting if the the AAA was configured to do so 192 (by setting the appropriate mibs)." 193 ::= { rlAAA 10 } 194 195rlAAALocalUserSupported OBJECT-TYPE 196 SYNTAX TruthValue 197 MAX-ACCESS read-only 198 STATUS current 199 DESCRIPTION "This mib show whether the local users db is supported in 200 AAA.If the value is false the local users db will not be 201 used as an authentication and accounting method. If the 202 value is true the local users db will be used by AAA for 203 authentication and accounting method if the the AAA was 204 configured to do so (by setting the appropriate mibs)." 205 ::= { rlAAA 11 } 206 207rlAAASystemPasswordSupported OBJECT-TYPE 208 SYNTAX TruthValue 209 MAX-ACCESS read-only 210 STATUS current 211 DESCRIPTION "This mib show whether system password is supported in AAA. 212 If the value is false system password will not be used as 213 an authentication and accounting method. If the value is 214 true the system password will be used by AAA for 215 authentication and accounting method if the the AAA was 216 configured to do so (by setting the appropriate mibs)." 217 ::= { rlAAA 12 } 218 219rlAAALinePasswordSupported OBJECT-TYPE 220 SYNTAX TruthValue 221 MAX-ACCESS read-only 222 STATUS current 223 DESCRIPTION "This mib show whether line password is supported in AAA. 224 If the value is false line password will not be used as an 225 authentication and accounting method. If the value is true 226 the line password will be used by AAA for authentication and 227 accounting method if the the AAA was configured 228 to do so (by setting the appropriate mibs)." 229 ::= { rlAAA 13 } 230 231rlAAALineAlwaysSuccessSupported OBJECT-TYPE 232 SYNTAX TruthValue 233 MAX-ACCESS read-only 234 STATUS current 235 DESCRIPTION "This mib show whether line always success method is 236 supported in AAA.If the value is false always success 237 method will not be used as an authentication and 238 accounting method. If the value is true the always 239 success method will be used by AAA for authentication and 240 accounting method if the the AAA was configured 241 to do so (by setting the appropriate mibs)." 242 ::= { rlAAA 14 } 243 244-- 245-- method list table 246-- 247 248 249rlAAAMethodListTable OBJECT-TYPE 250 SYNTAX SEQUENCE OF RlAAAMethodListEntry 251 MAX-ACCESS not-accessible 252 STATUS current 253 DESCRIPTION "The table specifies all methods list per method name." 254 ::= { rlAAA 15 } 255 256rlAAAMethodListEntry OBJECT-TYPE 257 SYNTAX RlAAAMethodListEntry 258 MAX-ACCESS not-accessible 259 STATUS current 260 DESCRIPTION "The row definition for this table." 261 INDEX { rlAAAMethodListName} 262 ::= { rlAAAMethodListTable 1 } 263 264RlAAAMethodListEntry ::= SEQUENCE { 265 rlAAAMethodListName DisplayString, 266 rlAAAMethodType1 RlAAAMethodtype, 267 rlAAAMethodType2 RlAAAMethodtype, 268 rlAAAMethodType3 RlAAAMethodtype, 269 rlAAAMethodType4 RlAAAMethodtype, 270 rlAAAMethodType5 RlAAAMethodtype, 271 rlAAAMethodType6 RlAAAMethodtype, 272 rlAAAMethodType7 RlAAAMethodtype, 273 rlAAAMethodListStatus RowStatus 274} 275 276rlAAAMethodListName OBJECT-TYPE 277 SYNTAX DisplayString (SIZE(3..20)) 278 MAX-ACCESS read-write 279 STATUS current 280 DESCRIPTION "Line Method List Name" 281 ::= { rlAAAMethodListEntry 1 } 282 283rlAAAMethodType1 OBJECT-TYPE 284 SYNTAX RlAAAMethodtype 285 MAX-ACCESS read-write 286 STATUS current 287 DESCRIPTION " first method type that will be used in the method 288 linked list." 289 ::= { rlAAAMethodListEntry 2 } 290 291rlAAAMethodType2 OBJECT-TYPE 292 SYNTAX RlAAAMethodtype 293 MAX-ACCESS read-write 294 STATUS current 295 DESCRIPTION " second method type that will be used in the method 296 linked list." 297 ::= { rlAAAMethodListEntry 3 } 298 299 300rlAAAMethodType3 OBJECT-TYPE 301 SYNTAX RlAAAMethodtype 302 MAX-ACCESS read-write 303 STATUS current 304 DESCRIPTION "3th method type that will be used in the method 305 linked list." 306 ::= { rlAAAMethodListEntry 4 } 307 308rlAAAMethodType4 OBJECT-TYPE 309 SYNTAX RlAAAMethodtype 310 MAX-ACCESS read-write 311 STATUS current 312 DESCRIPTION " 4th method type that will be used in the method 313 linked list." 314 ::= { rlAAAMethodListEntry 5 } 315 316rlAAAMethodType5 OBJECT-TYPE 317 SYNTAX RlAAAMethodtype 318 MAX-ACCESS read-write 319 STATUS current 320 DESCRIPTION "5th method type that will be used in the method 321 linked list." 322 ::= { rlAAAMethodListEntry 6 } 323 324 325rlAAAMethodType6 OBJECT-TYPE 326 SYNTAX RlAAAMethodtype 327 MAX-ACCESS read-write 328 STATUS current 329 DESCRIPTION " 6th method type that will be used in the method 330 linked list." 331 ::= { rlAAAMethodListEntry 7 } 332 333 334rlAAAMethodType7 OBJECT-TYPE 335 SYNTAX RlAAAMethodtype 336 MAX-ACCESS read-write 337 STATUS current 338 DESCRIPTION " 7th method type that will be used in the method 339 linked list." 340 ::= { rlAAAMethodListEntry 8 } 341 342rlAAAMethodListStatus OBJECT-TYPE 343 SYNTAX RowStatus 344 MAX-ACCESS read-write 345 STATUS current 346 DESCRIPTION "method list status can be destroy or createAndGo" 347 ::= { rlAAAMethodListEntry 9 } 348 349 350 351-- 352-- Line table 353-- 354--- AAA MIBs for TIC support 355--- Added read only fields to show if a user is locked, 356--- password expiry date and number of consecutive failed logins. 357--- New read write field to set the expiry time for a password. 358-- 359-- Line table 360-- 361 362rlAAALineTable OBJECT-TYPE 363 SYNTAX SEQUENCE OF RlAAALineEntry 364 MAX-ACCESS not-accessible 365 STATUS current 366 DESCRIPTION "The table specifies all lines, their passwords and their 367 authorizations level .the table ordered lexicography by 368 the line name. when a new line is being authenticate the 369 search in line table is from the first entry in table 370 till it find the first entry that fit application input 371 line parameters ." 372 ::= { rlAAA 16 } 373 374rlAAALineEntry OBJECT-TYPE 375 SYNTAX RlAAALineEntry 376 MAX-ACCESS not-accessible 377 STATUS current 378 DESCRIPTION "The row definition for this table." 379 INDEX { rlAAALinePortType, 380 rlAAAIfIndex, 381 rlAAAServiceType} 382::= { rlAAALineTable 1 } 383 384RlAAALineEntry ::= SEQUENCE { 385 rlAAALinePortType RlAAALinePortType, 386 rlAAAIfIndex Unsigned32, 387 rlAAAServiceType RlAAAServiceType, 388 rlAAALineMethodListNameLevel1 DisplayString, 389 rlAAALineMethodListNameLevel2 DisplayString, 390 rlAAALineMethodListNameLevel3 DisplayString, 391 rlAAALineMethodListNameLevel4 DisplayString, 392 rlAAALineMethodListNameLevel5 DisplayString, 393 rlAAALineMethodListNameLevel6 DisplayString, 394 rlAAALineMethodListNameLevel7 DisplayString, 395 rlAAALineMethodListNameLevel8 DisplayString, 396 rlAAALineMethodListNameLevel9 DisplayString, 397 rlAAALineMethodListNameLevel10 DisplayString, 398 rlAAALineMethodListNameLevel11 DisplayString, 399 rlAAALineMethodListNameLevel12 DisplayString, 400 rlAAALineMethodListNameLevel13 DisplayString, 401 rlAAALineMethodListNameLevel14 DisplayString, 402 rlAAALineMethodListNameLevel15 DisplayString, 403 rlAAALinePassword DisplayString, 404 rlAAALineStatus RowStatus, 405 rlAAALineLockedState INTEGER, 406 rlAAALineConsFailedLogins Counter32, 407 rlAAALinePasswordValidTime Unsigned32, 408 rlAAALinePasswordExpieryDate DisplayString 409} 410 411 412rlAAALinePortType OBJECT-TYPE 413 SYNTAX RlAAALinePortType 414 MAX-ACCESS read-write 415 STATUS current 416 DESCRIPTION " the physical port type ." 417 ::= { rlAAALineEntry 1 } 418 419rlAAAIfIndex OBJECT-TYPE 420 SYNTAX Unsigned32 421 MAX-ACCESS read-write 422 STATUS current 423 DESCRIPTION "Identifies the ifindex for which this entry can be used. 424 If index 0 means don't care (can be used for all if indices). 425 For port type console the value could be only 0." 426 ::= { rlAAALineEntry 2} 427 428rlAAAServiceType OBJECT-TYPE 429 SYNTAX RlAAAServiceType 430 MAX-ACCESS read-write 431 STATUS current 432 DESCRIPTION "the service type" 433 ::= { rlAAALineEntry 3 } 434 435rlAAALineMethodListNameLevel1 OBJECT-TYPE 436 SYNTAX DisplayString (SIZE(0..20)) 437 MAX-ACCESS read-write 438 STATUS current 439 DESCRIPTION "Method list Name for level 1 .That name points to the method 440 list table .It is the key in method list table .in that way 441 we can reach the methods list to be used for that line" 442 ::= { rlAAALineEntry 4 } 443 444rlAAALineMethodListNameLevel2 OBJECT-TYPE 445 SYNTAX DisplayString (SIZE(0..20)) 446 MAX-ACCESS read-write 447 STATUS current 448 DESCRIPTION "Method list Name for level 2 that name points to the method 449 list table it is the key in method list table .by that way 450 we can reach the methods list to be used for that line" 451 ::= { rlAAALineEntry 5 } 452 453rlAAALineMethodListNameLevel3 OBJECT-TYPE 454 SYNTAX DisplayString (SIZE(0..20)) 455 MAX-ACCESS read-write 456 STATUS current 457 DESCRIPTION "Method list Name for level 3 that name points to the method 458 list table it is the key in method list table .by that way 459 we can reach the methods list to be used for this line" 460 ::= { rlAAALineEntry 6} 461 462rlAAALineMethodListNameLevel4 OBJECT-TYPE 463 SYNTAX DisplayString (SIZE(0..20)) 464 MAX-ACCESS read-write 465 STATUS current 466 DESCRIPTION "Method list Name for level 4-that name points to the method 467 list table it is the key in method list table .by that way 468 we can reach the methods list to be used for this line" 469 ::= { rlAAALineEntry 7} 470 471rlAAALineMethodListNameLevel5 OBJECT-TYPE 472 SYNTAX DisplayString (SIZE(0..20)) 473 MAX-ACCESS read-write 474 STATUS current 475 DESCRIPTION "Method list Name for level 5 that name points to the method 476 list table it is the key in method list table .in that way 477 we can reach the methods list to be used for that line" 478 ::= { rlAAALineEntry 8} 479 480rlAAALineMethodListNameLevel6 OBJECT-TYPE 481 SYNTAX DisplayString (SIZE(0..20)) 482 MAX-ACCESS read-write 483 STATUS current 484 DESCRIPTION "Method list Name for level 6 that name points to the method 485 list table it is the key in method list table .in that way 486 we can reach the methods list to be used for that line" 487 ::= { rlAAALineEntry 9} 488 489rlAAALineMethodListNameLevel7 OBJECT-TYPE 490 SYNTAX DisplayString (SIZE(0..20)) 491 MAX-ACCESS read-write 492 STATUS current 493 DESCRIPTION "Method list Name for level 7 that name points to the method 494 list table it is the key in method list table .in that way 495 we can reach the methods list to be used for that line" 496 ::= { rlAAALineEntry 10} 497 498rlAAALineMethodListNameLevel8 OBJECT-TYPE 499 SYNTAX DisplayString (SIZE(0..20)) 500 MAX-ACCESS read-write 501 STATUS current 502 DESCRIPTION "Method list Name for level 8 that name points to the method 503 list table it is the key in method list table .in that way 504 we can reach the methods list to be used for that line" 505 ::= { rlAAALineEntry 11} 506 507rlAAALineMethodListNameLevel9 OBJECT-TYPE 508 SYNTAX DisplayString (SIZE(0..20)) 509 MAX-ACCESS read-write 510 STATUS current 511 DESCRIPTION "Method list Name for level 9 that name points to the method 512 list table it is the key in method list table .in that way 513 we can reach the methods list to be used for that line" 514 ::= { rlAAALineEntry 12} 515 516rlAAALineMethodListNameLevel10 OBJECT-TYPE 517 SYNTAX DisplayString (SIZE(0..20)) 518 MAX-ACCESS read-write 519 STATUS current 520 DESCRIPTION "Method list Name for level 10 that name points to the method 521 list table it is the key in method list table .in that way 522 we can reach the methods list to be used for that line" 523 ::= { rlAAALineEntry 13} 524 525rlAAALineMethodListNameLevel11 OBJECT-TYPE 526 SYNTAX DisplayString (SIZE(0..20)) 527 MAX-ACCESS read-write 528 STATUS current 529 DESCRIPTION "Method list Name for level 11 that name points to the method 530 list table it is the key in method list table .in that way 531 we can reach the methods list to be used for that line" 532 ::= { rlAAALineEntry 14} 533 534rlAAALineMethodListNameLevel12 OBJECT-TYPE 535 SYNTAX DisplayString (SIZE(0..20)) 536 MAX-ACCESS read-write 537 STATUS current 538 DESCRIPTION "Method list Name for level 12 that name points to the method 539 list table it is the key in method list table .in that way 540 we can reach the methods list to be used for that line" 541 ::= { rlAAALineEntry 15} 542 543rlAAALineMethodListNameLevel13 OBJECT-TYPE 544 SYNTAX DisplayString (SIZE(0..20)) 545 MAX-ACCESS read-write 546 STATUS current 547 DESCRIPTION "Method list Name for level 13 that name points to the method 548 list table it is the key in method list table .in that way 549 we can reach the methods list to be used for that line" 550 ::= { rlAAALineEntry 16} 551 552rlAAALineMethodListNameLevel14 OBJECT-TYPE 553 SYNTAX DisplayString (SIZE(0..20)) 554 MAX-ACCESS read-write 555 STATUS current 556 DESCRIPTION "Method list Name for level 14 that name points to the method 557 list table it is the key in method list table .in that way 558 we can reach the methods list to be used for that line" 559 ::= { rlAAALineEntry 17} 560 561 rlAAALineMethodListNameLevel15 OBJECT-TYPE 562 SYNTAX DisplayString (SIZE(0..20)) 563 MAX-ACCESS read-write 564 STATUS current 565 DESCRIPTION "Method list Name for level 15 that name points to the method 566 list table it is the key in method list table .in that way 567 we can reach the methods list to be used for that line" 568 ::= { rlAAALineEntry 18} 569 570rlAAALinePassword OBJECT-TYPE 571 SYNTAX DisplayString (SIZE(0..160)) 572 MAX-ACCESS read-write 573 STATUS current 574 DESCRIPTION "Line Password. Zero length password is considered as no 575 password. Password with zero length means that in case this 576 password is the method to be used a method fail is returned 577 and no other method is being used." 578 ::= { rlAAALineEntry 19 } 579 580rlAAALineStatus OBJECT-TYPE 581 SYNTAX RowStatus 582 MAX-ACCESS read-write 583 STATUS current 584 DESCRIPTION "Line status can be destroy or createAndGo" 585 ::= { rlAAALineEntry 20 } 586 587rlAAALineLockedState OBJECT-TYPE 588 SYNTAX INTEGER { 589 locked(0), 590 usable(1) 591 } 592 MAX-ACCESS read-only 593 STATUS current 594 DESCRIPTION "Line locked status" 595 ::= { rlAAALineEntry 21 } 596 597rlAAALineConsFailedLogins OBJECT-TYPE 598 SYNTAX Counter32 599 MAX-ACCESS read-only 600 STATUS current 601 DESCRIPTION "Number of last consecutive failed logins" 602 ::= { rlAAALineEntry 22 } 603 604rlAAALinePasswordValidTime OBJECT-TYPE 605 SYNTAX Unsigned32 606 MAX-ACCESS read-write 607 STATUS current 608 DESCRIPTION 609 "The period of time in days, during which the password, 610 is considered valid for login. Value of 0 means never expired. 611 The actual range is product specific. 612 After this time the system may allow limited number of logins 613 to change the password. " 614 DEFVAL { 0 } 615 ::= { rlAAALineEntry 23} 616 617rlAAALinePasswordExpieryDate OBJECT-TYPE 618 SYNTAX DisplayString 619 MAX-ACCESS read-only 620 STATUS current 621 DESCRIPTION "If Line password aging is active, the date on which 622 The current password will expire. 623 Otherwise zero size string" 624 ::= { rlAAALineEntry 24 } 625 626 627-- 628-- local user db table 629-- 630 631---_for rlAAALocalUserTable addition is in BOLD. 632--- Added read only fields to show if a user is locked, 633--- password expiry date and number of consecutive failed logins. 634--- New read write field to set the expiry time for a password. 635 636 637rlAAALocalUserTable OBJECT-TYPE 638 SYNTAX SEQUENCE OF RlAAALocalUserEntry 639 MAX-ACCESS not-accessible 640 STATUS current 641 DESCRIPTION "The table specifies all usernames, their passwords and 642 their authorizations." 643 ::= { rlAAA 17 } 644 645rlAAALocalUserEntry OBJECT-TYPE 646 SYNTAX RlAAALocalUserEntry 647 MAX-ACCESS not-accessible 648 STATUS current 649 DESCRIPTION "The row definition for this table." 650 INDEX { rlAAALocalUserName} 651 ::= { rlAAALocalUserTable 1 } 652 653RlAAALocalUserEntry ::= SEQUENCE { 654 rlAAALocalUserName DisplayString, 655 rlAAALocalUserPassword DisplayString, 656 rlAAALocalUserPrivilage INTEGER, 657 rlAAALocalHostStatus RowStatus, 658 rlAAALocalLockedState INTEGER, 659 rlAAALocalConsFailedLogins Counter32, 660 rlAAALocalPasswordValidTime Unsigned32, 661 rlAAALocalPasswordExpieryDate DisplayString 662 663} 664 665rlAAALocalUserName OBJECT-TYPE 666 SYNTAX DisplayString (SIZE(1..20)) 667 MAX-ACCESS read-write 668 STATUS current 669 DESCRIPTION "Local User Name" 670 ::= { rlAAALocalUserEntry 1 } 671 672rlAAALocalUserPassword OBJECT-TYPE 673 SYNTAX DisplayString (SIZE(0..160)) 674 MAX-ACCESS read-write 675 STATUS current 676 DESCRIPTION "Local User Password .The password can be null" 677 ::= { rlAAALocalUserEntry 2 } 678 679rlAAALocalUserPrivilage OBJECT-TYPE 680 SYNTAX INTEGER (1..15) 681 MAX-ACCESS read-write 682 STATUS current 683 DESCRIPTION "Local User Privilage" 684 ::= { rlAAALocalUserEntry 3 } 685 686rlAAALocalHostStatus OBJECT-TYPE 687 SYNTAX RowStatus 688 MAX-ACCESS read-write 689 STATUS current 690 DESCRIPTION "Local User status" 691 ::= { rlAAALocalUserEntry 4 } 692 693rlAAALocalLockedState OBJECT-TYPE 694 SYNTAX INTEGER { 695 locked(0), 696 usable(1) 697 } 698 MAX-ACCESS read-only 699 STATUS current 700 DESCRIPTION "Local User locked status" 701 ::= { rlAAALocalUserEntry 5 } 702 703rlAAALocalConsFailedLogins OBJECT-TYPE 704 SYNTAX Counter32 705 MAX-ACCESS read-only 706 STATUS current 707 DESCRIPTION "Number of last consecutive failed logins" 708 ::= { rlAAALocalUserEntry 6 } 709 710rlAAALocalPasswordValidTime OBJECT-TYPE 711 SYNTAX Unsigned32 712 MAX-ACCESS read-write 713 STATUS current 714 DESCRIPTION 715 "The period of time in days, during which the password, 716 is considered valid for login. Value of 0 means never expired. 717 The actual range is product specific. 718 After this time the system may allow limited number of logins 719 to change the password. " 720 DEFVAL { 0 } 721 ::= { rlAAALocalUserEntry 7 } 722 723rlAAALocalPasswordExpieryDate OBJECT-TYPE 724 SYNTAX DisplayString 725 MAX-ACCESS read-only 726 STATUS current 727 DESCRIPTION "If User password aging is active, the date on which 728 The current password will expire. 729 Otherwise zero size string" 730 ::= { rlAAALocalUserEntry 8 } 731 732-- 733-- system password 734-- 735 736rlAAASystemPasswordlevel1 OBJECT-TYPE 737 SYNTAX DisplayString (SIZE(0..160)) 738 MAX-ACCESS read-write 739 STATUS current 740 DESCRIPTION "system Password for level 1. " 741 ::= { rlAAA 18 } 742 743rlAAASystemPasswordlevel2 OBJECT-TYPE 744 SYNTAX DisplayString (SIZE(0..160)) 745 MAX-ACCESS read-write 746 STATUS current 747 DESCRIPTION "system Password for level 2" 748 ::= { rlAAA 19 } 749 750rlAAASystemPasswordlevel3 OBJECT-TYPE 751 SYNTAX DisplayString (SIZE(0..160)) 752 MAX-ACCESS read-write 753 STATUS current 754 DESCRIPTION "system Password for level 3" 755 ::= { rlAAA 20 } 756 757rlAAASystemPasswordlevel4 OBJECT-TYPE 758 SYNTAX DisplayString (SIZE(0..160)) 759 MAX-ACCESS read-write 760 STATUS current 761 DESCRIPTION "system Password for level 4" 762 ::= { rlAAA 21 } 763 764rlAAASystemPasswordlevel5 OBJECT-TYPE 765 SYNTAX DisplayString (SIZE(0..160)) 766 MAX-ACCESS read-write 767 STATUS current 768 DESCRIPTION "system Password for level 5" 769 ::= { rlAAA 22 } 770 771rlAAASystemPasswordlevel6 OBJECT-TYPE 772 SYNTAX DisplayString (SIZE(0..160)) 773 MAX-ACCESS read-write 774 STATUS current 775 DESCRIPTION "system Password for level 6" 776 ::= { rlAAA 23 } 777 778rlAAASystemPasswordlevel7 OBJECT-TYPE 779 SYNTAX DisplayString (SIZE(0..160)) 780 MAX-ACCESS read-write 781 STATUS current 782 DESCRIPTION "system Password for level 7" 783 ::= { rlAAA 24 } 784 785rlAAASystemPasswordlevel8 OBJECT-TYPE 786 SYNTAX DisplayString (SIZE(0..160)) 787 MAX-ACCESS read-write 788 STATUS current 789 DESCRIPTION "system Password for level 8" 790 ::= { rlAAA 25 } 791 792rlAAASystemPasswordlevel9 OBJECT-TYPE 793 SYNTAX DisplayString (SIZE(0..160)) 794 MAX-ACCESS read-write 795 STATUS current 796 DESCRIPTION "system Password for level 9" 797 ::= { rlAAA 26 } 798 799rlAAASystemPasswordlevel10 OBJECT-TYPE 800 SYNTAX DisplayString (SIZE(0..160)) 801 MAX-ACCESS read-write 802 STATUS current 803 DESCRIPTION "system Password for level 10" 804 ::= { rlAAA 27 } 805 806rlAAASystemPasswordlevel11 OBJECT-TYPE 807 SYNTAX DisplayString (SIZE(0..160)) 808 MAX-ACCESS read-write 809 STATUS current 810 DESCRIPTION "system Password for level 11" 811 ::= { rlAAA 28 } 812 813rlAAASystemPasswordlevel12 OBJECT-TYPE 814 SYNTAX DisplayString (SIZE(0..160)) 815 MAX-ACCESS read-write 816 STATUS current 817 DESCRIPTION "system Password for level 12" 818 ::= { rlAAA 29 } 819 820rlAAASystemPasswordlevel13 OBJECT-TYPE 821 SYNTAX DisplayString (SIZE(0..160)) 822 MAX-ACCESS read-write 823 STATUS current 824 DESCRIPTION "system Password for level 13" 825 ::= { rlAAA 30 } 826 827rlAAASystemPasswordlevel14 OBJECT-TYPE 828 SYNTAX DisplayString (SIZE(0..160)) 829 MAX-ACCESS read-write 830 STATUS current 831 DESCRIPTION "system Password for level 14" 832 ::= { rlAAA 31 } 833 834rlAAASystemPasswordlevel15 OBJECT-TYPE 835 SYNTAX DisplayString (SIZE(0..160)) 836 MAX-ACCESS read-write 837 STATUS current 838 DESCRIPTION "system Password for level 15" 839 ::= { rlAAA 32 } 840 841 842rlAAAUserTable OBJECT-TYPE 843 SYNTAX SEQUENCE OF RlAAAUserEntry 844 MAX-ACCESS not-accessible 845 STATUS current 846 DESCRIPTION "The table holds all current users that have been authenticated." 847 ::= { rlAAA 33 } 848 849rlAAAUserEntry OBJECT-TYPE 850 SYNTAX RlAAAUserEntry 851 MAX-ACCESS not-accessible 852 STATUS current 853 DESCRIPTION "The row definition for this table." 854 INDEX { rlAAAUserIndex} 855 ::= { rlAAAUserTable 1 } 856 857RlAAAUserEntry ::= SEQUENCE { 858 rlAAAUserIndex Unsigned32, 859 rlAAAUserServiceType RlAAAServiceType, 860 rlAAAUserRemoteIpAddress IpAddress, 861 rlAAAUserName DisplayString, 862 rlAAAUserLevel Unsigned32, 863 rlAAAUserIfIndex Unsigned32 864} 865 866rlAAAUserIndex OBJECT-TYPE 867 SYNTAX Unsigned32 868 MAX-ACCESS not-accessible 869 STATUS current 870 DESCRIPTION "User Index" 871 ::= { rlAAAUserEntry 1 } 872 873rlAAAUserServiceType OBJECT-TYPE 874 SYNTAX RlAAAServiceType 875 MAX-ACCESS read-only 876 STATUS current 877 DESCRIPTION "The service that the user uses. Service dont care is console 878 terminal." 879 ::= { rlAAAUserEntry 2 } 880 881rlAAAUserRemoteIpAddress OBJECT-TYPE 882 SYNTAX IpAddress 883 MAX-ACCESS read-only 884 STATUS current 885 DESCRIPTION "User remote IP address." 886 ::= { rlAAAUserEntry 3 } 887 888rlAAAUserName OBJECT-TYPE 889 SYNTAX DisplayString 890 MAX-ACCESS read-only 891 STATUS current 892 DESCRIPTION "User Name" 893 ::= { rlAAAUserEntry 4 } 894 895rlAAAUserLevel OBJECT-TYPE 896 SYNTAX Unsigned32 (1..15) 897 MAX-ACCESS read-only 898 STATUS current 899 DESCRIPTION "User level" 900 ::= { rlAAAUserEntry 5 } 901 902rlAAAUserIfIndex OBJECT-TYPE 903 SYNTAX Unsigned32 904 MAX-ACCESS read-only 905 STATUS current 906 DESCRIPTION "User if index." 907 ::= { rlAAAUserEntry 6 } 908 909rlAAATest OBJECT IDENTIFIER ::= { rlAAA 34 } 910 911rlAAATestPassword OBJECT-TYPE 912 SYNTAX INTEGER 913 MAX-ACCESS read-write 914 STATUS current 915 DESCRIPTION 916 "This variable enables the user supplying the correct code to use the 917 AAA test feature." 918 ::= {rlAAATest 1} 919 920rlAAATestUserTable OBJECT-TYPE 921 SYNTAX SEQUENCE OF RlAAATestUserEntry 922 MAX-ACCESS not-accessible 923 STATUS current 924 DESCRIPTION 925 "This table enables a user to perform a simulation of authentiction." 926 ::= { rlAAATest 2 } 927 928rlAAATestUserEntry OBJECT-TYPE 929 SYNTAX RlAAATestUserEntry 930 MAX-ACCESS not-accessible 931 STATUS current 932 DESCRIPTION 933 "The row definition for this table." 934 INDEX { rlAAATestUserIndex} 935 ::= { rlAAATestUserTable 1 } 936 937RlAAATestUserEntry ::= SEQUENCE { 938 rlAAATestUserIndex Unsigned32, 939 rlAAATestPortType RlAAALinePortType, 940 rlAAATestIfIndex INTEGER, 941 rlAAATestServiceType RlAAAServiceType, 942 rlAAATestUserAuthenticationStatus INTEGER, 943 rlAAATestUserAuthenticationAction INTEGER, 944 rlAAATestUserInput DisplayString, 945 rlAAATestUserStatus RowStatus 946} 947 948rlAAATestUserIndex OBJECT-TYPE 949 SYNTAX Unsigned32 950 MAX-ACCESS read-write 951 STATUS current 952 DESCRIPTION 953 "User entry index (the number is used just to identify the user)." 954 ::= { rlAAATestUserEntry 1 } 955 956rlAAATestPortType OBJECT-TYPE 957 SYNTAX RlAAALinePortType 958 MAX-ACCESS read-write 959 STATUS current 960 DESCRIPTION " the physical port type ." 961 ::= { rlAAATestUserEntry 2 } 962 963rlAAATestIfIndex OBJECT-TYPE 964 SYNTAX INTEGER 965 MAX-ACCESS read-write 966 STATUS current 967 DESCRIPTION " line ifIndex can configue to be zero witch means 968 Don't-care value" 969 ::= { rlAAATestUserEntry 3} 970 971rlAAATestServiceType OBJECT-TYPE 972 SYNTAX RlAAAServiceType 973 MAX-ACCESS read-write 974 STATUS current 975 DESCRIPTION "the service type" 976 ::= { rlAAATestUserEntry 4 } 977 978 979rlAAATestUserAuthenticationStatus OBJECT-TYPE 980 SYNTAX INTEGER { 981 needPassword(1), 982 needUsername(2), 983 success(3), 984 failure(4), 985 aborted(5), 986 deleted(6), 987 waiting(7), 988 usedNewMethod(8) 989 } 990 MAX-ACCESS read-only 991 STATUS current 992 DESCRIPTION 993 "Shows the ststus of the operation and what is expected from the 994 'user'." 995 ::= { rlAAATestUserEntry 5 } 996 997rlAAATestUserAuthenticationAction OBJECT-TYPE 998 SYNTAX INTEGER { 999 begin(1), 1000 receivePassword(2), 1001 receiveUsername(3), 1002 abort(4), 1003 delete(5), 1004 continue(6) 1005 } 1006 MAX-ACCESS read-write 1007 STATUS current 1008 DESCRIPTION 1009 "By setting this field the process moves from one state to another. On 1010 creation the value must be begin. 1011 When the value of rlAAATestUserAuthenticationStatus is needPassword 1012 the value can be set to receivePassword or abort. 1013 When the value of rlAAATestUserAuthenticationStatus is needUsername 1014 the value can be set to receiveUsername or abort. 1015 When the value of rlAAATestUserAuthenticationStatus is success or failure 1016 the value can be set to delete or abort. 1017 When the value of rlAAATestUserAuthenticationStatus is aborted the value 1018 can be set to delete. 1019 When the value of rlAAATestUserAuthenticationStatus is deleted the value 1020 can not be set to any value. 1021 When the value of rlAAATestUserAuthenticationStatus is waiting the value 1022 can be set or abort." 1023 ::= { rlAAATestUserEntry 6 } 1024 1025rlAAATestUserInput OBJECT-TYPE 1026 SYNTAX DisplayString (SIZE(0..160)) 1027 MAX-ACCESS read-write 1028 STATUS current 1029 DESCRIPTION 1030 "If the acion was set to receivePassword than this field should hold 1031 the value of the password. 1032 If the action was set to receiveUsername than this field should hold 1033 the value of the username. " 1034 ::= { rlAAATestUserEntry 7 } 1035 1036rlAAATestUserStatus OBJECT-TYPE 1037 SYNTAX RowStatus 1038 MAX-ACCESS read-write 1039 STATUS current 1040 DESCRIPTION 1041 "Entry status. The entry can not be deleted. It will be deleted if 1042 unchanged more than 2 minutes." 1043 ::= { rlAAATestUserEntry 8 } 1044 1045--- 1046--- rlRadius 1047--- 1048 1049rlRadiusMibVersion OBJECT-TYPE 1050 SYNTAX INTEGER 1051 MAX-ACCESS read-only 1052 STATUS current 1053 DESCRIPTION 1054 "MIB's version, the current version is 2. 1055 1 - original version. 1056 2 - field rlRadiusServerUsage was added to rlRadiusServerEntry" 1057 ::= { rlRadius 1 } 1058 1059rlRadiusGlobalDefaultTimeout OBJECT-TYPE 1060 SYNTAX INTEGER (1..30) 1061 MAX-ACCESS read-write 1062 STATUS current 1063 DESCRIPTION 1064 "The maximum time (in seconds) to wait for this RADIUS 1065 server to reply. This MIB is used if the value of the 1066 field rlRadiusServerUseGlobalDefaultTimeout is false." 1067 ::= { rlRadius 2 } 1068 1069rlRadiusGlobalDefaultRetries OBJECT-TYPE 1070 SYNTAX INTEGER (1..10) 1071 MAX-ACCESS read-write 1072 STATUS current 1073 DESCRIPTION 1074 "The number of times to try contacting this RADIUS server. This MIB 1075 is used if the value of the field 1076 rlRadiusServerUseGlobalDefaultRetries is false." 1077 ::= { rlRadius 3 } 1078 1079 1080rlRadiusGlobalDefaultDeadtime OBJECT-TYPE 1081 SYNTAX INTEGER (0..2000) 1082 MAX-ACCESS read-write 1083 STATUS current 1084 DESCRIPTION 1085 "Number of minutes that any RADIUS server is ignored after 1086 it has failed. This MIB is used if the value of the field 1087 rlRadiusServerUseGlobalDefaultDeadtime is false." 1088 ::= { rlRadius 4 } 1089 1090rlRadiusGlobalDefaultKey OBJECT-TYPE 1091 SYNTAX DisplayString (SIZE(0..128)) 1092 MAX-ACCESS read-write 1093 STATUS current 1094 DESCRIPTION 1095 "Secret key to be shared with this RADIUS server. This MIB is 1096 used if the value of the field rlRadiusServerUseGlobalDefaultKey 1097 is false." 1098 ::= { rlRadius 5 } 1099 1100 1101rlRadiusGlobalDefaultSource OBJECT-TYPE 1102 SYNTAX IpAddress 1103 MAX-ACCESS read-write 1104 STATUS current 1105 DESCRIPTION 1106 "IP address of the interface to use with this server. 1107 A value of 0.0.0.0 for this object disables source 1108 address specification. This MIB is used if the value of the 1109 field rlRadiusServerUseGlobalDefaultSource is false." 1110 ::= { rlRadius 6 } 1111 1112 1113rlRadiusServerTable OBJECT-TYPE 1114 SYNTAX SEQUENCE OF RlRadiusServerEntry 1115 MAX-ACCESS not-accessible 1116 STATUS current 1117 DESCRIPTION 1118 "The (conceptual) table listing the RADIUS 1119 servers with which the cliient shares a secret." 1120 ::= { rlRadius 7 } 1121 1122rlRadiusServerEntry OBJECT-TYPE 1123 SYNTAX RlRadiusServerEntry 1124 MAX-ACCESS not-accessible 1125 STATUS current 1126 DESCRIPTION 1127 "An entry (conceptual row) representing a RADIUS 1128 server with which the client shares 1129 a secret." 1130 INDEX { rlRadiusServerAddress, 1131 rlRadiusServerAuthPortNumber, 1132 rlRadiusServerAcctPortNumber} 1133 ::= { rlRadiusServerTable 1 } 1134 1135RlRadiusServerEntry ::= SEQUENCE { 1136 rlRadiusServerAddress IpAddress, 1137 rlRadiusServerAuthPortNumber INTEGER, 1138 rlRadiusServerAcctPortNumber INTEGER, 1139 rlRadiusServerTimeout INTEGER, 1140 rlRadiusServerRetries INTEGER, 1141 rlRadiusServerDeadtime INTEGER, 1142 rlRadiusServerUseGlobalDefaultKey TruthValue, 1143 rlRadiusServerKey DisplayString, 1144 rlRadiusServerSource IpAddress, 1145 rlRadiusServerPriority INTEGER, 1146 rlRadiusServerStatus RowStatus, 1147 rlRadiusServerUsage INTEGER 1148} 1149 1150rlRadiusServerAddress OBJECT-TYPE 1151 SYNTAX IpAddress 1152 MAX-ACCESS read-write 1153 STATUS current 1154 DESCRIPTION 1155 "The IP address of the RADIUS server 1156 referred to in this table entry." 1157 ::= { rlRadiusServerEntry 1 } 1158 1159rlRadiusServerAuthPortNumber OBJECT-TYPE 1160 SYNTAX INTEGER (0..65535) 1161 MAX-ACCESS read-write 1162 STATUS current 1163 DESCRIPTION 1164 "The UDP port the client is using to send authentication 1165 requests to this server." 1166 ::= { rlRadiusServerEntry 2 } 1167 1168rlRadiusServerAcctPortNumber OBJECT-TYPE 1169 SYNTAX INTEGER (0..65535) 1170 MAX-ACCESS read-write 1171 STATUS current 1172 DESCRIPTION 1173 "The UDP port the client is using to send accounting 1174 requests to this server." 1175 ::= { rlRadiusServerEntry 3 } 1176 1177rlRadiusServerTimeout OBJECT-TYPE 1178 SYNTAX INTEGER (0..30) 1179 MAX-ACCESS read-write 1180 STATUS current 1181 DESCRIPTION 1182 "The maximum time (in seconds) to wait for this RADIUS 1183 server to reply. Value of 0 means that rlRadiusGlobalDefaultTimeout." 1184 DEFVAL { 3 } 1185 ::= { rlRadiusServerEntry 4 } 1186 1187rlRadiusServerRetries OBJECT-TYPE 1188 SYNTAX INTEGER (0..10) 1189 MAX-ACCESS read-write 1190 STATUS current 1191 DESCRIPTION 1192 "The number of times to try contacting this RADIUS server. Value of 1193 0 means that rlRadiusGlobalDefaultRetries." 1194 DEFVAL { 3 } 1195 ::= { rlRadiusServerEntry 5 } 1196 1197rlRadiusServerDeadtime OBJECT-TYPE 1198 SYNTAX INTEGER (0..2001) 1199 MAX-ACCESS read-write 1200 STATUS current 1201 DESCRIPTION 1202 "Number of minutes that any RADIUS server is ignored after 1203 it has failed. Value of 2001 means that rlRadiusGlobalDefaultDeadtime 1204 will be used." 1205 DEFVAL { 0 } 1206 ::= { rlRadiusServerEntry 6 } 1207 1208rlRadiusServerUseGlobalDefaultKey OBJECT-TYPE 1209 SYNTAX TruthValue 1210 MAX-ACCESS read-write 1211 STATUS current 1212 DESCRIPTION 1213 "If this field is set to true the value in field rlRadiusServerKey 1214 is ignored and instead the value in the MIB 1215 rlRadiusGlobalDefaultKey is used. Otherwise the value in 1216 rlRadiusServerKey is used." 1217 DEFVAL { false } 1218 ::= { rlRadiusServerEntry 7 } 1219 1220rlRadiusServerKey OBJECT-TYPE 1221 SYNTAX DisplayString (SIZE(0..128)) 1222 MAX-ACCESS read-write 1223 STATUS current 1224 DESCRIPTION 1225 "Secret key to be shared with this RADIUS server." 1226 DEFVAL { "" } 1227 ::= { rlRadiusServerEntry 8 } 1228 1229rlRadiusServerSource OBJECT-TYPE 1230 SYNTAX IpAddress 1231 MAX-ACCESS read-write 1232 STATUS current 1233 DESCRIPTION 1234 "IP address of the interface to use with this server. 1235 A value of 0.0.0.0 for this object disables source 1236 address specification. Value of 255.255.255.255 means that 1237 rlRadiusGlobalDefaultSource will be used." 1238 DEFVAL { '00000000'H } 1239 ::= { rlRadiusServerEntry 9 } 1240 1241rlRadiusServerPriority OBJECT-TYPE 1242 SYNTAX INTEGER (0..65535) 1243 MAX-ACCESS read-write 1244 STATUS current 1245 DESCRIPTION 1246 "Determines the order in which the servers will be used, when 0 is 1247 the highest priority. If more than one server share the same 1248 priority - they will be used in lexicgoraphic order 1249 (the order of entries in this table)." 1250 DEFVAL { 0 } 1251 ::= { rlRadiusServerEntry 10 } 1252 1253rlRadiusServerStatus OBJECT-TYPE 1254 SYNTAX RowStatus 1255 MAX-ACCESS read-write 1256 STATUS current 1257 DESCRIPTION "" 1258 ::= { rlRadiusServerEntry 11 } 1259 1260rlRadiusServerUsage OBJECT-TYPE 1261 SYNTAX INTEGER { 1262 userAuthentication(1), 1263 portAuthentication(2), 1264 all(3) 1265 } 1266 MAX-ACCESS read-write 1267 STATUS current 1268 DESCRIPTION 1269 "Determines actions for which the radius server will be used." 1270 DEFVAL { 3 } 1271 ::= { rlRadiusServerEntry 12 } 1272 1273-- 1274-- rlAAAEap 1275-- 1276 1277RlAAAEapMethodtype ::= TEXTUAL-CONVENTION 1278 STATUS current 1279 DESCRIPTION "Method list type." 1280 SYNTAX INTEGER { 1281 rlAAAEapMethodDeny(0), 1282 rlAAAEapMethodRadius(1), 1283 rlAAAEapMethodSucceed(2) 1284} 1285 1286rlAAAEapMethodListTable OBJECT-TYPE 1287 SYNTAX SEQUENCE OF RlAAAEapMethodListEntry 1288 MAX-ACCESS not-accessible 1289 STATUS current 1290 DESCRIPTION "The table specifies all methods list per method name." 1291 ::= { rlAAAEap 1 } 1292 1293rlAAAEapMethodListEntry OBJECT-TYPE 1294 SYNTAX RlAAAEapMethodListEntry 1295 MAX-ACCESS not-accessible 1296 STATUS current 1297 DESCRIPTION "The row definition for this table." 1298 INDEX { rlAAAEapMethodListName} 1299 ::= { rlAAAEapMethodListTable 1 } 1300 1301RlAAAEapMethodListEntry ::= SEQUENCE { 1302 rlAAAEapMethodListName DisplayString, 1303 rlAAAEapMethodType1 RlAAAEapMethodtype, 1304 rlAAAEapMethodType2 RlAAAEapMethodtype, 1305 rlAAAEapMethodType3 RlAAAEapMethodtype, 1306 rlAAAEapMethodType4 RlAAAEapMethodtype, 1307 rlAAAEapMethodType5 RlAAAEapMethodtype, 1308 rlAAAEapMethodListStatus RowStatus 1309} 1310 1311rlAAAEapMethodListName OBJECT-TYPE 1312 SYNTAX DisplayString (SIZE(3..20)) 1313 MAX-ACCESS read-write 1314 STATUS current 1315 DESCRIPTION "Line Method List Name" 1316 ::= { rlAAAEapMethodListEntry 1 } 1317 1318rlAAAEapMethodType1 OBJECT-TYPE 1319 SYNTAX RlAAAEapMethodtype 1320 MAX-ACCESS read-write 1321 STATUS current 1322 DESCRIPTION " first method type that will be used in the method 1323 linked list." 1324 ::= { rlAAAEapMethodListEntry 2 } 1325 1326rlAAAEapMethodType2 OBJECT-TYPE 1327 SYNTAX RlAAAEapMethodtype 1328 MAX-ACCESS read-write 1329 STATUS current 1330 DESCRIPTION " second method type that will be used in the method 1331 linked list." 1332 ::= { rlAAAEapMethodListEntry 3 } 1333 1334rlAAAEapMethodType3 OBJECT-TYPE 1335 SYNTAX RlAAAEapMethodtype 1336 MAX-ACCESS read-write 1337 STATUS current 1338 DESCRIPTION "3th method type that will be used in the method 1339 linked list." 1340 ::= { rlAAAEapMethodListEntry 4 } 1341 1342rlAAAEapMethodType4 OBJECT-TYPE 1343 SYNTAX RlAAAEapMethodtype 1344 MAX-ACCESS read-write 1345 STATUS current 1346 DESCRIPTION " 4th method type that will be used in the method 1347 linked list." 1348 ::= { rlAAAEapMethodListEntry 5 } 1349 1350rlAAAEapMethodType5 OBJECT-TYPE 1351 SYNTAX RlAAAEapMethodtype 1352 MAX-ACCESS read-write 1353 STATUS current 1354 DESCRIPTION "5th method type that will be used in the method 1355 linked list." 1356 ::= { rlAAAEapMethodListEntry 6 } 1357 1358rlAAAEapMethodListStatus OBJECT-TYPE 1359 SYNTAX RowStatus 1360 MAX-ACCESS read-write 1361 STATUS current 1362 DESCRIPTION "method list status can be destroy or createAndGo" 1363 ::= { rlAAAEapMethodListEntry 7 } 1364 1365rlAAAEapCurrentMethodList OBJECT-TYPE 1366 SYNTAX DisplayString (SIZE(3..20)) 1367 MAX-ACCESS read-write 1368 STATUS current 1369 DESCRIPTION "Specifies the method list that will be used for authentication." 1370 ::= { rlAAAEap 2 } 1371 1372 1373--- rlTacacs 1374 1375RlTacacsConnectionType ::= TEXTUAL-CONVENTION 1376 STATUS current 1377 DESCRIPTION "Specifies TCP connection type between device and TACACS+ server" 1378 SYNTAX INTEGER { 1379 rlTacacsSingleConnection(0), 1380 rlTacacsPerSessionConnection(1) 1381} 1382 1383RlTacacsConnectionStatus ::= TEXTUAL-CONVENTION 1384 STATUS current 1385 DESCRIPTION "Specifies the status of TCP connection 1386 between device and TACACS+ server." 1387 SYNTAX INTEGER { 1388 rlTacacsConnected(0), 1389 rlTacacsNotConnected(1) 1390} 1391 1392rlTacacs OBJECT IDENTIFIER ::= { rlAAA 40 } 1393 1394rlTacacsMibVersion OBJECT-TYPE 1395 SYNTAX INTEGER 1396 MAX-ACCESS read-only 1397 STATUS current 1398 DESCRIPTION 1399 "MIB's version, the current version is 1." 1400 ::= { rlTacacs 1 } 1401 1402rlTacacsGlobalDefaultTimeout OBJECT-TYPE 1403 SYNTAX INTEGER (1..30) 1404 MAX-ACCESS read-write 1405 STATUS current 1406 DESCRIPTION 1407 "The maximum time (in seconds) to wait for TACACS+ 1408 server to reply. This MIB is used if the value of the 1409 field rlTacacsServerTimeout is 0." 1410 DEFVAL { 5 } 1411 ::= { rlTacacs 2 } 1412 1413rlTacacsGlobalDefaultKey OBJECT-TYPE 1414 SYNTAX DisplayString (SIZE(0..128)) 1415 MAX-ACCESS read-write 1416 STATUS current 1417 DESCRIPTION 1418 "Secret key to be shared with TACACS+ server. This MIB is 1419 used if the value of the field rlTacacsServerUseGlobalDefaultKey 1420 is false." 1421 DEFVAL { "" } 1422 ::= { rlTacacs 3 } 1423 1424rlTacacsGlobalDefaultSourceIpInterface OBJECT-TYPE 1425 SYNTAX IpAddress 1426 MAX-ACCESS read-write 1427 STATUS current 1428 DESCRIPTION 1429 "IP address of the interface to use with TACACS+ server. 1430 A value of 0.0.0.0 for this object disables source 1431 address specification. This MIB is used if the value of the 1432 field rlTacacsServerSource is 255.255.255.255." 1433 DEFVAL { '00000000'H } 1434 ::= { rlTacacs 6 } 1435 1436rlTacacsServerTable OBJECT-TYPE 1437 SYNTAX SEQUENCE OF RlTacacsServerEntry 1438 MAX-ACCESS not-accessible 1439 STATUS current 1440 DESCRIPTION 1441 "The (conceptual) table listing the TACACS+ 1442 servers with which the cliient shares a secret." 1443 ::= { rlTacacs 7 } 1444 1445rlTacacsServerEntry OBJECT-TYPE 1446 SYNTAX RlTacacsServerEntry 1447 MAX-ACCESS not-accessible 1448 STATUS current 1449 DESCRIPTION 1450 "An entry (conceptual row) representing a TACACS+ 1451 server with which the client shares 1452 a secret." 1453 INDEX { rlTacacsServerAddress } 1454 ::= { rlTacacsServerTable 1 } 1455 1456RlTacacsServerEntry ::= SEQUENCE { 1457 rlTacacsServerAddress IpAddress, 1458 rlTacacsServerPortNumber INTEGER, 1459 rlTacacsServerConnectionType RlTacacsConnectionType, 1460 rlTacacsServerConnectionStatus RlTacacsConnectionStatus, 1461 rlTacacsServerTimeout INTEGER, 1462 rlTacacsServerUseGlobalDefaultKey TruthValue, 1463 rlTacacsServerKey DisplayString, 1464 rlTacacsServerSourceIpInterface IpAddress, 1465 rlTacacsServerPriority INTEGER, 1466 rlTacacsServerRowStatus RowStatus 1467} 1468 1469rlTacacsServerAddress OBJECT-TYPE 1470 SYNTAX IpAddress 1471 MAX-ACCESS read-write 1472 STATUS current 1473 DESCRIPTION 1474 "The IP address of the TACACS+ server 1475 referred to in this table entry." 1476 ::= { rlTacacsServerEntry 1 } 1477 1478rlTacacsServerPortNumber OBJECT-TYPE 1479 SYNTAX INTEGER (0..65535) 1480 MAX-ACCESS read-write 1481 STATUS current 1482 DESCRIPTION 1483 "The TCP port the client establishes connections with this server." 1484 DEFVAL { 49 } 1485 ::= { rlTacacsServerEntry 2 } 1486 1487rlTacacsServerConnectionType OBJECT-TYPE 1488 SYNTAX RlTacacsConnectionType 1489 MAX-ACCESS read-write 1490 STATUS current 1491 DESCRIPTION 1492 "Specifies TCP connection type between device and TACACS+ server. 1493 Either a single open connection between device and server 1494 (rlTacacsSingleConnection), or open/close connection per 1495 communication session (rlTacacsPerSessionConnection)." 1496 DEFVAL { rlTacacsPerSessionConnection } 1497 ::= { rlTacacsServerEntry 3 } 1498 1499rlTacacsServerConnectionStatus OBJECT-TYPE 1500 SYNTAX RlTacacsConnectionStatus 1501 MAX-ACCESS read-only 1502 STATUS current 1503 DESCRIPTION 1504 "Specifies status TCP connection type between device and TACACS+ server." 1505 DEFVAL { rlTacacsConnected } 1506 ::= { rlTacacsServerEntry 4 } 1507 1508rlTacacsServerTimeout OBJECT-TYPE 1509 SYNTAX INTEGER (0..30) 1510 MAX-ACCESS read-write 1511 STATUS current 1512 DESCRIPTION 1513 "The maximum time (in seconds) to wait for this TACACS+ server to reply. 1514 Value of 0 means that rlTacacsGlobalDefaultTimeout value is used." 1515 DEFVAL { 5 } 1516 ::= { rlTacacsServerEntry 5 } 1517 1518rlTacacsServerUseGlobalDefaultKey OBJECT-TYPE 1519 SYNTAX TruthValue 1520 MAX-ACCESS read-write 1521 STATUS current 1522 DESCRIPTION 1523 "If this field is set to true the value in field rlTacacsServerKey 1524 is ignored and instead the value in the MIB 1525 rlTacacsGlobalDefaultKey is used. Otherwise the value in 1526 rlTacacsServerKey is used." 1527 DEFVAL { false } 1528 ::= { rlTacacsServerEntry 6 } 1529 1530rlTacacsServerKey OBJECT-TYPE 1531 SYNTAX DisplayString (SIZE(0..128)) 1532 MAX-ACCESS read-write 1533 STATUS current 1534 DESCRIPTION 1535 "Secret key to be shared with this TACACS+ server." 1536 DEFVAL { "" } 1537 ::= { rlTacacsServerEntry 7 } 1538 1539rlTacacsServerSourceIpInterface OBJECT-TYPE 1540 SYNTAX IpAddress 1541 MAX-ACCESS read-write 1542 STATUS current 1543 DESCRIPTION 1544 "IP address of the interface to use with this server. 1545 A value of 0.0.0.0 for this object disables source 1546 address specification. Value of 255.255.255.255 means that 1547 rlTacacsGlobalDefaultSource will be used." 1548 DEFVAL { '00000000'H } 1549 ::= { rlTacacsServerEntry 8 } 1550 1551rlTacacsServerPriority OBJECT-TYPE 1552 SYNTAX INTEGER (0..65535) 1553 MAX-ACCESS read-write 1554 STATUS current 1555 DESCRIPTION 1556 "Determines the order in which the TACACS+ servers will be used, 1557 when 0 is the highest priority. If more than one server share the 1558 same priority - they will be used in lexicgoraphic order 1559 (the order of entries in this table)." 1560 DEFVAL { 0 } 1561 ::= { rlTacacsServerEntry 9 } 1562 1563rlTacacsServerRowStatus OBJECT-TYPE 1564 SYNTAX RowStatus 1565 MAX-ACCESS read-write 1566 STATUS current 1567 DESCRIPTION "" 1568 ::= { rlTacacsServerEntry 10 } 1569 1570 1571--- AAA Login auditing control (SysLog) 1572 1573rlAAAAuditingEnable OBJECT-TYPE 1574 SYNTAX TruthValue 1575 MAX-ACCESS read-write 1576 STATUS current 1577 DESCRIPTION 1578 "Controls whether SysLog messages 1579 should be issued on login events" 1580 DEFVAL { true } 1581 ::= { rlAAA 41 } 1582 1583rlAAAMinPasswordLength OBJECT-TYPE 1584 SYNTAX INTEGER (0..64) 1585 MAX-ACCESS read-write 1586 STATUS current 1587 DESCRIPTION 1588 "The minimum length of password for local user authentication 1589 defined in field rlAAALocalUserPassword in rlAAALocalUserTable. 1590 The value applies only to new or updated user passwords. 1591 In actual implementation the range may be reduced to (0 | N-64), 1592 where N is a platform dependent (for TIC compatibility N=8) " 1593 DEFVAL { 0 } 1594 ::= { rlAAA 42 } 1595 1596--- Password history size 1597rlAAAPasswordHistSize OBJECT-TYPE 1598 SYNTAX Unsigned32 1599 MAX-ACCESS read-write 1600 STATUS current 1601 DESCRIPTION 1602 "The number of most recent password, 1603 previously defined for Local User Table, Line Table, 1604 System Password Table for specific entity. 1605 This list used for password reusing prevention. 1606 Value of 0 means none. Changing the value 1607 does not cause the loss of history. 1608 History Max size is product specific." 1609 DEFVAL { 0 } 1610 ::= { rlAAA 43 } 1611 1612--- Password history hold time 1613 1614rlAAAPasswordHistHoldTime OBJECT-TYPE 1615 SYNTAX Unsigned32 1616 MAX-ACCESS read-write 1617 STATUS current 1618 DESCRIPTION 1619 "The time in day, which an old password 1620 may be used in password history check. 1621 Changing the value does not cause the 1622 loss of history." 1623 1624 DEFVAL { 0 } 1625 ::= { rlAAA 44 } 1626 1627--- controls wether successful logins are written to file 1628 1629rlAAASuccLoginWriteToFile OBJECT-TYPE 1630 SYNTAX TruthValue 1631 MAX-ACCESS read-write 1632 STATUS current 1633 DESCRIPTION 1634 "Controls whether successful logins are 1635 written to login file" 1636 DEFVAL { true } 1637 ::= { rlAAA 45 } 1638 1639 1640--- Read-only table for successful login history - Local Users 1641 1642rlAAALocalLoginHistTable OBJECT-TYPE 1643 SYNTAX SEQUENCE OF RlAAALocalLoginHistEntry 1644 MAX-ACCESS not-accessible 1645 STATUS current 1646 DESCRIPTION "The table holds successful login history 1647 for all users. This table is read-only." 1648 ::= { rlAAA 46 } 1649 1650rlAAALocalLoginHistEntry OBJECT-TYPE 1651 SYNTAX RlAAALocalLoginHistEntry 1652 MAX-ACCESS not-accessible 1653 STATUS current 1654 DESCRIPTION "The row definition for this table." 1655 INDEX { rlAAALocalLoginHistName, 1656 rlAAALocalLoginHistIndex} 1657 ::= { rlAAALocalLoginHistTable 1 } 1658 1659RlAAALocalLoginHistEntry ::= SEQUENCE { 1660 rlAAALocalLoginHistName DisplayString, 1661 rlAAALocalLoginHistIndex Unsigned32, 1662 rlAAALocalLoginHistServiceType RlAAAServiceType, 1663 rlAAALocalLoginHistRemoteIpAddress IpAddress, 1664 rlAAALocalLoginHistLocalIpAddress IpAddress, 1665 rlAAALocalLoginDateTime DisplayString 1666} 1667 1668rlAAALocalLoginHistName OBJECT-TYPE 1669 SYNTAX DisplayString 1670 MAX-ACCESS read-only 1671 STATUS current 1672 DESCRIPTION "User Name" 1673 ::= { rlAAALocalLoginHistEntry 1 } 1674 1675rlAAALocalLoginHistIndex OBJECT-TYPE 1676 SYNTAX Unsigned32 (1..10) 1677 MAX-ACCESS not-accessible 1678 STATUS current 1679 DESCRIPTION "Index in History for specific user. 1680 Lower number means more recent login." 1681 ::= { rlAAALocalLoginHistEntry 2 } 1682 1683rlAAALocalLoginHistServiceType OBJECT-TYPE 1684 SYNTAX RlAAAServiceType 1685 MAX-ACCESS read-only 1686 STATUS current 1687 DESCRIPTION "The service that the user uses. 1688 Service don't care is console terminal." 1689 ::= { rlAAALocalLoginHistEntry 3 } 1690 1691rlAAALocalLoginHistRemoteIpAddress OBJECT-TYPE 1692 SYNTAX IpAddress 1693 MAX-ACCESS read-only 1694 STATUS current 1695 DESCRIPTION "User remote IP address." 1696 ::= { rlAAALocalLoginHistEntry 4 } 1697 1698rlAAALocalLoginHistLocalIpAddress OBJECT-TYPE 1699 SYNTAX IpAddress 1700 MAX-ACCESS read-only 1701 STATUS current 1702 DESCRIPTION "local Ip Address on login." 1703 ::= { rlAAALocalLoginHistEntry 5 } 1704 1705rlAAALocalLoginDateTime OBJECT-TYPE 1706 SYNTAX DisplayString 1707 MAX-ACCESS read-only 1708 STATUS current 1709 DESCRIPTION "Date and time in the SysLog Format: 1710 DD-MMM-YYYY HH:MM:SS" 1711 ::= { rlAAALocalLoginHistEntry 6 } 1712 1713 1714--- Read-only table for successful login history - Line passwords 1715 1716rlAAALinePassLoginHistTable OBJECT-TYPE 1717 SYNTAX SEQUENCE OF RlAAALinePassLoginHistEntry 1718 MAX-ACCESS not-accessible 1719 STATUS current 1720 DESCRIPTION "The table holds successful login history 1721 for Line passwords. This table is read-only." 1722 ::= { rlAAA 47 } 1723 1724rlAAALinePassLoginHistEntry OBJECT-TYPE 1725 SYNTAX RlAAALinePassLoginHistEntry 1726 MAX-ACCESS not-accessible 1727 STATUS current 1728 DESCRIPTION "The row definition for this table." 1729 INDEX {rlAAALinePassLoginHistPortType, 1730 rlAAALinePassLoginHistIfIndex, 1731 rlAAALinePassLoginHistServiceType, 1732 rlAAALinePassLoginHistIndex } 1733 ::= { rlAAALinePassLoginHistTable 1 } 1734 1735RlAAALinePassLoginHistEntry ::= SEQUENCE { 1736 rlAAALinePassLoginHistPortType RlAAALinePortType, 1737 rlAAALinePassLoginHistIfIndex Unsigned32, 1738 rlAAALinePassLoginHistServiceType RlAAAServiceType, 1739 rlAAALinePassLoginHistIndex Unsigned32, 1740 rlAAALinePassLoginHistActServiceType RlAAAServiceType, 1741 rlAAALinePassLoginHistRemoteIpAddress IpAddress, 1742 rlAAALinePassLoginHistLocalIpAddress IpAddress, 1743 rlAAALinePassLoginDateTime DisplayString 1744} 1745 1746 1747rlAAALinePassLoginHistPortType OBJECT-TYPE 1748 SYNTAX RlAAALinePortType 1749 MAX-ACCESS read-write 1750 STATUS current 1751 DESCRIPTION " the physical port type." 1752 ::= { rlAAALinePassLoginHistEntry 1 } 1753 1754rlAAALinePassLoginHistIfIndex OBJECT-TYPE 1755 SYNTAX Unsigned32 1756 MAX-ACCESS read-write 1757 STATUS current 1758 DESCRIPTION "Identifies the ifindex for which this entry can be used. 1759 If index 0 means don't care 1760 (can be used for all if indices). 1761 For port type console the value could be only 0." 1762 ::= { rlAAALinePassLoginHistEntry 2} 1763 1764rlAAALinePassLoginHistServiceType OBJECT-TYPE 1765 SYNTAX RlAAAServiceType 1766 MAX-ACCESS read-write 1767 STATUS current 1768 DESCRIPTION "the service type" 1769 ::= { rlAAALinePassLoginHistEntry 3 } 1770 1771rlAAALinePassLoginHistIndex OBJECT-TYPE 1772 SYNTAX Unsigned32 (1..10) 1773 MAX-ACCESS not-accessible 1774 STATUS current 1775 DESCRIPTION "Index in History for specific user. 1776 Lower number means more recent login." 1777 ::= { rlAAALinePassLoginHistEntry 4 } 1778 1779rlAAALinePassLoginHistActServiceType OBJECT-TYPE 1780 SYNTAX RlAAAServiceType 1781 MAX-ACCESS read-only 1782 STATUS current 1783 DESCRIPTION "The service that the user uses. 1784 Service don't care is console terminal." 1785 ::= { rlAAALinePassLoginHistEntry 5 } 1786 1787rlAAALinePassLoginHistRemoteIpAddress OBJECT-TYPE 1788 SYNTAX IpAddress 1789 MAX-ACCESS read-only 1790 STATUS current 1791 DESCRIPTION "User remote IP address." 1792 ::= { rlAAALinePassLoginHistEntry 6 } 1793 1794rlAAALinePassLoginHistLocalIpAddress OBJECT-TYPE 1795 SYNTAX IpAddress 1796 MAX-ACCESS read-only 1797 STATUS current 1798 DESCRIPTION "local Ip Address on login." 1799 ::= { rlAAALinePassLoginHistEntry 7 } 1800 1801rlAAALinePassLoginDateTime OBJECT-TYPE 1802 SYNTAX DisplayString 1803 MAX-ACCESS read-only 1804 STATUS current 1805 DESCRIPTION "Date and time in the SysLog Format: 1806 DD-MMM-YYYY HH:MM:SS" 1807 ::= { rlAAALinePassLoginHistEntry 8 } 1808 1809 1810--- Read-only table for successful login history - System Passwords 1811 1812rlAAASystemLoginHistTable OBJECT-TYPE 1813 SYNTAX SEQUENCE OF RlAAASystemLoginHistEntry 1814 MAX-ACCESS not-accessible 1815 STATUS current 1816 DESCRIPTION "The table holds successful login history 1817 for system passwords. This table is read-only." 1818 ::= { rlAAA 48 } 1819 1820rlAAASystemLoginHistEntry OBJECT-TYPE 1821 SYNTAX RlAAASystemLoginHistEntry 1822 MAX-ACCESS not-accessible 1823 STATUS current 1824 DESCRIPTION "The row definition for this table." 1825 INDEX { rlAAASystemLoginHistLevel, 1826 rlAAASystemLoginHistIndex} 1827 ::= { rlAAASystemLoginHistTable 1 } 1828 1829RlAAASystemLoginHistEntry ::= SEQUENCE { 1830 rlAAASystemLoginHistLevel INTEGER, 1831 rlAAASystemLoginHistIndex Unsigned32, 1832 rlAAASystemLoginHistServiceType RlAAAServiceType, 1833 rlAAASystemLoginHistRemoteIpAddress IpAddress, 1834 rlAAASystemLoginHistLocalIpAddress IpAddress, 1835 rlAAASystemLoginDateTime DisplayString 1836} 1837 1838rlAAASystemLoginHistLevel OBJECT-TYPE 1839 SYNTAX INTEGER (1..15) 1840 MAX-ACCESS read-only 1841 STATUS current 1842 DESCRIPTION "User Name" 1843 ::= { rlAAASystemLoginHistEntry 1 } 1844 1845rlAAASystemLoginHistIndex OBJECT-TYPE 1846 SYNTAX Unsigned32 (1..10) 1847 MAX-ACCESS not-accessible 1848 STATUS current 1849 DESCRIPTION "Index in History for specific user. 1850 Lower number means more recent login." 1851 ::= { rlAAASystemLoginHistEntry 2 } 1852 1853rlAAASystemLoginHistServiceType OBJECT-TYPE 1854 SYNTAX RlAAAServiceType 1855 MAX-ACCESS read-only 1856 STATUS current 1857 DESCRIPTION "The service that the user uses. 1858 Service don't care is console terminal." 1859 ::= { rlAAASystemLoginHistEntry 3 } 1860 1861rlAAASystemLoginHistRemoteIpAddress OBJECT-TYPE 1862 SYNTAX IpAddress 1863 MAX-ACCESS read-only 1864 STATUS current 1865 DESCRIPTION "User remote IP address." 1866 ::= { rlAAASystemLoginHistEntry 4 } 1867 1868rlAAASystemLoginHistLocalIpAddress OBJECT-TYPE 1869 SYNTAX IpAddress 1870 MAX-ACCESS read-only 1871 STATUS current 1872 DESCRIPTION "local Ip Address on login." 1873 ::= { rlAAASystemLoginHistEntry 5 } 1874 1875rlAAASystemLoginDateTime OBJECT-TYPE 1876 SYNTAX DisplayString 1877 MAX-ACCESS read-only 1878 STATUS current 1879 DESCRIPTION "Date and time in the SysLog Format: 1880 DD-MMM-YYYY HH:MM:SS" 1881 ::= { rlAAASystemLoginHistEntry 6 } 1882 1883 1884-- 1885-- System Passwords status table 1886-- 1887rlAAASysPassStatTable OBJECT-TYPE 1888 SYNTAX SEQUENCE OF RlAAASysPassStatEntry 1889 MAX-ACCESS not-accessible 1890 STATUS current 1891 DESCRIPTION "The table specifies all system password and 1892 their security properties: is password locked 1893 due to wrong password, when and how it was locked 1894 or last unsuccessful login information, expiry date 1895 of the password." 1896 ::= { rlAAA 49 } 1897 1898rlAAASysPassStatEntry OBJECT-TYPE 1899 SYNTAX RlAAASysPassStatEntry 1900 MAX-ACCESS not-accessible 1901 STATUS current 1902 DESCRIPTION "The row definition for this table." 1903 INDEX { rlAAASysPassStatLevel} 1904::= { rlAAASysPassStatTable 1 } 1905 1906RlAAASysPassStatEntry ::= SEQUENCE { 1907 rlAAASysPassStatLevel INTEGER, 1908 rlAAASysPassStatLockedState INTEGER, 1909 rlAAASysPassStatConsFailedLogins Counter32, 1910 rlAAASysPassStatPasswordValidTime Unsigned32, 1911 rlAAASysPassStatPasswordExpieryDate DisplayString 1912} 1913 1914rlAAASysPassStatLevel OBJECT-TYPE 1915 SYNTAX INTEGER (1..15) 1916 MAX-ACCESS read-only 1917 STATUS current 1918 DESCRIPTION "System password level" 1919 ::= { rlAAASysPassStatEntry 1 } 1920 1921rlAAASysPassStatLockedState OBJECT-TYPE 1922 SYNTAX INTEGER { 1923 locked(0), 1924 usable(1) 1925 } 1926 MAX-ACCESS read-only 1927 STATUS current 1928 DESCRIPTION "System password locked status" 1929 ::= { rlAAASysPassStatEntry 2 } 1930 1931rlAAASysPassStatConsFailedLogins OBJECT-TYPE 1932 SYNTAX Counter32 1933 MAX-ACCESS read-only 1934 STATUS current 1935 DESCRIPTION "Number of last consecutive failed logins" 1936 ::= { rlAAASysPassStatEntry 3 } 1937 1938 1939rlAAASysPassStatPasswordValidTime OBJECT-TYPE 1940 SYNTAX Unsigned32 1941 MAX-ACCESS read-write 1942 STATUS current 1943 DESCRIPTION 1944 "The period of time in days, during which the password, 1945 is considered valid for login. Value of 0 means never expired. 1946 The actual range is product specific. 1947 After this time the system may allow limited number of logins 1948 to change the password. " 1949 DEFVAL { 0 } 1950 ::= { rlAAASysPassStatEntry 4 } 1951 1952rlAAASysPassStatPasswordExpieryDate OBJECT-TYPE 1953 SYNTAX DisplayString 1954 MAX-ACCESS read-only 1955 STATUS current 1956 DESCRIPTION "If System password aging is active, the date, 1957 on which the current password will expire. 1958 Otherwise zero size string" 1959 ::= { rlAAASysPassStatEntry 5 } 1960 1961 1962--- Number of failures before lock-out (1-5, 0 for disable) 1963 1964 1965rlAAAMaxNumLogAttmpts OBJECT-TYPE 1966 SYNTAX INTEGER 1967 MAX-ACCESS read-write 1968 STATUS current 1969 DESCRIPTION 1970 "The number of consecutive unsuccessful login attempts 1971 before user is locked. Value of 0 means no limit. The actual range is 1972 product specific. TIC requirement is 3." 1973 DEFVAL { 0 } 1974 ::= { rlAAA 50 } 1975 1976 1977-- 1978-- Unlock user action scalar 1979-- 1980 1981rlAAAUnlockUserName OBJECT-TYPE 1982 SYNTAX DisplayString (SIZE(0..20)) 1983 MAX-ACCESS read-write 1984 STATUS current 1985 DESCRIPTION "An action MIB variable setting with value 1986 of Local User Name will unlock this user. 1987 The value of this variable is not saved to 1988 non volatile storage. Read of this variable 1989 always returns zero length display string." 1990 ::= { rlAAA 51 } 1991 1992 1993 1994-- 1995-- Unlock user system passwords 1996-- 1997 1998rlAAAUnlockSystemPassword OBJECT-TYPE 1999 SYNTAX INTEGER (0..15) 2000 MAX-ACCESS read-write 2001 STATUS current 2002 DESCRIPTION "An action MIB variable setting with value 2003 of Level will unlock the system password 2004 for this level. The value of this variable 2005 is not saved to non volatile storage. 2006 Read of this variable always returns zero. 2007 Zero (0) does no action." 2008 ::= { rlAAA 52 } 2009 2010-- 2011-- Locked lines table 2012-- 2013 2014rlAAALockedLineTable OBJECT-TYPE 2015 SYNTAX SEQUENCE OF RlAAALockedLineEntry 2016 MAX-ACCESS not-accessible 2017 STATUS current 2018 DESCRIPTION "The table specifies lines statuses. 2019 Users cannot access the product from 2020 remote based on a password of the locked line. 2021 This table enables to unlock lines." 2022 ::= { rlAAA 53 } 2023 2024 2025rlAAALockedLineEntry OBJECT-TYPE 2026 SYNTAX RlAAALockedLineEntry 2027 MAX-ACCESS not-accessible 2028 STATUS current 2029 DESCRIPTION "The row definition for this table." 2030 INDEX { rlAAALockedLinePortType, 2031 rlAAALockedLineIfIndex, 2032 rlAAALockedLineServiceType} 2033::= { rlAAALockedLineTable 1 } 2034 2035RlAAALockedLineEntry ::= SEQUENCE { 2036 rlAAALockedLinePortType RlAAALinePortType, 2037 rlAAALockedLineIfIndex Unsigned32, 2038 rlAAALockedLineServiceType RlAAAServiceType, 2039 rlAAALockedLineStatus INTEGER 2040} 2041 2042rlAAALockedLinePortType OBJECT-TYPE 2043 SYNTAX RlAAALinePortType 2044 MAX-ACCESS read-write 2045 STATUS current 2046 DESCRIPTION " the physical port type ." 2047 ::= { rlAAALockedLineEntry 1 } 2048 2049rlAAALockedLineIfIndex OBJECT-TYPE 2050 SYNTAX Unsigned32 2051 MAX-ACCESS read-write 2052 STATUS current 2053 DESCRIPTION "Identifies the ifindex for which this entry can be used. 2054 If index 0 means don't care (can be used for all if indices). 2055 For port type console the value could be only 0." 2056 ::= { rlAAALockedLineEntry 2} 2057 2058rlAAALockedLineServiceType OBJECT-TYPE 2059 SYNTAX RlAAAServiceType 2060 MAX-ACCESS read-write 2061 STATUS current 2062 DESCRIPTION "the service type" 2063 ::= { rlAAALockedLineEntry 3 } 2064 2065rlAAALockedLineStatus OBJECT-TYPE 2066 SYNTAX INTEGER { 2067 locked(0), 2068 usable(1) 2069 } 2070 MAX-ACCESS read-write 2071 STATUS current 2072 DESCRIPTION "The entry exists only if a line exist. 2073 Setting this field to value usable results in 2074 resetting the password failure counter, 2075 and unlock a locked user." 2076 ::= { rlAAALockedLineEntry 4 } 2077 2078 2079 2080END 2081