ENTERASYS-8021X-EXTENSIONS-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE, Counter32, Counter64, Unsigned32,
TimeTicks
FROM SNMPv2-SMI
TruthValue, MacAddress
FROM SNMPv2-TC
MODULE-COMPLIANCE, OBJECT-GROUP
FROM SNMPv2-CONF
InterfaceIndex
FROM IF-MIB
SnmpAdminString
FROM SNMP-FRAMEWORK-MIB
PaeControlledDirections, PaeControlledPortStatus,
PaeControlledPortControl
FROM IEEE8021-PAE-MIB
etsysModules
FROM ENTERASYS-MIB-NAMES;
etsys8021xExtensionsMIB MODULE-IDENTITY
LAST-UPDATED "200203072010Z" ORGANIZATION "Enterasys Networks, Inc"
CONTACT-INFO
"Postal: Enterasys Networks
35 Industrial Way, P.O. Box 5005
Rochester, NH 03867-0505
Phone: +1 603 332 9400
E-mail: support@enterasys.com
WWW: http://www.enterasys.com"
DESCRIPTION
"This MIB module defines a portion of the SNMP enterprise
MIBs under Enterasys Networks' enterprise OID pertaining to
IEEE 802.1x authentication.
This MIB is designed to supplement and be used in connection
with the standard IEEE 802.1x MIB. It provides a convenient
way to retrieve authentication status for Supplicants living
on shared-media ports that use station-based access control.
(Here, a MAC address is a much more natural table index than
a port or interface number.)"
REVISION "200203072010Z" DESCRIPTION
"The initial version of this MIB module."
::= { etsysModules 18 }
etsysDot1xExtensionsObjects
OBJECT IDENTIFIER ::= { etsys8021xExtensionsMIB 1 }
etsysDot1xSystemBranch
OBJECT IDENTIFIER ::= { etsysDot1xExtensionsObjects 1 }
etsysDot1xAuthenticatorBranch
OBJECT IDENTIFIER ::= { etsysDot1xExtensionsObjects 2 }
etsysDot1xSupplicantBranch
OBJECT IDENTIFIER ::= { etsysDot1xExtensionsObjects 3 }
etsysDot1xAuthStationBranch
OBJECT IDENTIFIER ::= { etsysDot1xAuthenticatorBranch 1 }
etsysDot1xAuthStationTable OBJECT-TYPE
SYNTAX SEQUENCE OF EtsysDot1xAuthStationEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains basic status information for the
Authenticator PAEs associated with station-based virtual
ports."
::= { etsysDot1xAuthStationBranch 1 }
etsysDot1xAuthStationEntry OBJECT-TYPE
SYNTAX EtsysDot1xAuthStationEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each conceptual row contains basic information about a
station-based Authenticator PAE (such as a wireless access
point Authenticator PAE that manages a particular station
in a wireless workgroup).
The most natural label for such a PAE is the MAC address
of the Supplicant that it manages, and that, in some sense,
called the PAE into existence. So we index the table by
the Supplicant MAC address."
INDEX { etsysDot1xAuthStationAddress }
::= { etsysDot1xAuthStationTable 1 }
EtsysDot1xAuthStationEntry ::=
SEQUENCE {
etsysDot1xAuthStationAddress MacAddress,
etsysDot1xAuthStationPaePort InterfaceIndex,
etsysDot1xAuthStationPaeState INTEGER,
etsysDot1xAuthStationBackendAuthState INTEGER,
etsysDot1xAuthStationUserName SnmpAdminString
}
etsysDot1xAuthStationAddress OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The 48-bit IEEE media access control address of the
Supplicant associated with the logical station-based
access control port."
::= { etsysDot1xAuthStationEntry 1 }
etsysDot1xAuthStationPaePort OBJECT-TYPE
SYNTAX InterfaceIndex
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The dot1xPaePortNumber of the shared-media port that
is associated with this Authenticator PAE."
::= { etsysDot1xAuthStationEntry 2 }
etsysDot1xAuthStationPaeState OBJECT-TYPE
SYNTAX INTEGER {
initialize(1),
disconnected(2),
connecting(3),
authenticating(4),
authenticated(5),
aborting(6),
held(7),
forceAuth(8),
forceUnauth(9)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current value of the Authenticator PAE state machine."
REFERENCE "IEEE 802.1x Section 9.4.1, Authenticator PAE state"
::= { etsysDot1xAuthStationEntry 3 }
etsysDot1xAuthStationBackendAuthState OBJECT-TYPE
SYNTAX INTEGER {
request(1),
response(2),
success(3),
fail(4),
timeout(5),
idle(6),
initialize(7)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current state of the Backend Authentication state
machine."
REFERENCE "IEEE 802.1x Section 9.4.1, Backend Authentication state"
::= { etsysDot1xAuthStationEntry 4 }
etsysDot1xAuthStationUserName OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The User-Name representing the identity of the
Supplicant PAE."
REFERENCE "IEEE 802.1x Section 9.4.4, Session User Name"
::= { etsysDot1xAuthStationEntry 5 }
etsysDot1xAuthConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF EtsysDot1xAuthConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains configuration objects for the
Authenticator PAE associated with each station-based virtual
port.
Station-based configuration management poses several rather
major inconveniences, including a large number of rows, rows
indexed by MAC address (rather than by user), and rows that
come and go.
Port-level and Authentication-Server-based management are
quite a bit more convenient. Thus, most of the objects in
this table are read-only; a way to see how other settings
have interacted if you need this information for
troubleshooting purposes."
::= { etsysDot1xAuthStationBranch 2 }
etsysDot1xAuthConfigEntry OBJECT-TYPE
SYNTAX EtsysDot1xAuthConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Configuration information for a station-based Authenticator
PAE."
INDEX { etsysDot1xAuthStationAddress }
::= { etsysDot1xAuthConfigTable 1 }
EtsysDot1xAuthConfigEntry ::=
SEQUENCE {
etsysDot1xAuthInitialize TruthValue,
etsysDot1xAuthReauthenticate TruthValue,
etsysDot1xAuthAdminControlledDirections PaeControlledDirections,
etsysDot1xAuthOperControlledDirections PaeControlledDirections,
etsysDot1xAuthAuthControlledPortStatus PaeControlledPortStatus,
etsysDot1xAuthAuthControlledPortControl PaeControlledPortControl,
etsysDot1xAuthQuietPeriod Unsigned32,
etsysDot1xAuthTxPeriod Unsigned32,
etsysDot1xAuthSuppTimeout Unsigned32,
etsysDot1xAuthServerTimeout Unsigned32,
etsysDot1xAuthMaxReq Unsigned32,
etsysDot1xAuthReAuthPeriod Unsigned32,
etsysDot1xAuthReAuthEnabled TruthValue,
etsysDot1xAuthKeyTxEnabled TruthValue
}
etsysDot1xAuthInitialize OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The initialization control for this Authenticator PAE.
Setting this attribute to TRUE causes the PAE to be
initialized. The attribute value reverts to FALSE
once initialization has completed."
REFERENCE "IEEE 802.1x Section 9.6.1.2, Initialize Port"
::= { etsysDot1xAuthConfigEntry 1 }
etsysDot1xAuthReauthenticate OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"The reauthentication control for this Authenticator
PAE. Setting this attribute to TRUE causes the
Authenticator PAE state machine to reauthenticate the
Supplicant. Setting this attribute FALSE has no
effect. This attribute always returns FALSE when it
is read."
REFERENCE "IEEE 802.1x Section 9.4.1.3 Reauthenticate"
::= { etsysDot1xAuthConfigEntry 2 }
etsysDot1xAuthAdminControlledDirections OBJECT-TYPE
SYNTAX PaeControlledDirections
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current value of the administrative controlled
directions parameter for the virtual port."
REFERENCE "IEEE 802.1x Section 9.4.1, Admin Control Mode"
::= { etsysDot1xAuthConfigEntry 3 }
etsysDot1xAuthOperControlledDirections OBJECT-TYPE
SYNTAX PaeControlledDirections
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current value of the operational controlled
directions parameter for the virtual port."
REFERENCE "IEEE 802.1x Section 9.4.1, Oper Control Mode"
::= { etsysDot1xAuthConfigEntry 4 }
etsysDot1xAuthAuthControlledPortStatus OBJECT-TYPE
SYNTAX PaeControlledPortStatus
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current value of the controlled Port
status parameter for the virtual port."
REFERENCE "IEEE 802.1x Section 9.4.1, AuthControlledPortStatus"
::= { etsysDot1xAuthConfigEntry 5 }
etsysDot1xAuthAuthControlledPortControl OBJECT-TYPE
SYNTAX PaeControlledPortControl
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The current value of the controlled Port
control parameter for the virtual port."
REFERENCE "IEEE 802.1x Section 9.4.1, AuthControlledPortControl"
::= { etsysDot1xAuthConfigEntry 6 }
etsysDot1xAuthQuietPeriod OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value, in seconds, of the quietPeriod constant
currently in use by the Authenticator PAE state
machine."
REFERENCE "IEEE 802.1x Section 9.4.1, quietPeriod"
::= { etsysDot1xAuthConfigEntry 7 }
etsysDot1xAuthTxPeriod OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value, in seconds, of the txPeriod constant
currently in use by the Authenticator PAE state
machine."
REFERENCE "IEEE 802.1x Section 9.4.1, txPeriod"
::= { etsysDot1xAuthConfigEntry 8 }
etsysDot1xAuthSuppTimeout OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value, in seconds, of the suppTimeout constant
currently in use by the Backend Authentication state
machine."
REFERENCE "IEEE 802.1x Section 9.4.1, suppTimeout"
::= { etsysDot1xAuthConfigEntry 9 }
etsysDot1xAuthServerTimeout OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value, in seconds, of the serverTimeout constant
currently in use by the Backend Authentication state
machine."
REFERENCE "IEEE 802.1x Section 9.4.1, serverTimeout"
::= { etsysDot1xAuthConfigEntry 10 }
etsysDot1xAuthMaxReq OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of the maxReq constant currently in use by
the Backend Authentication state machine."
REFERENCE "IEEE 802.1x Section 9.4.1, maxReq"
::= { etsysDot1xAuthConfigEntry 11 }
etsysDot1xAuthReAuthPeriod OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value, in seconds, of the reAuthPeriod constant
currently in use by the Reauthentication Timer state
machine."
REFERENCE "IEEE 802.1x Section 9.4.1, reAuthPeriod"
::= { etsysDot1xAuthConfigEntry 12 }
etsysDot1xAuthReAuthEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The enable/disable control used by the
Reauthentication Timer state machine (IEEE 802.1x
Section 8.5.5.1)."
REFERENCE "IEEE 802.1x Section 9.4.1, reAuthEnabled"
DEFVAL { false }
::= { etsysDot1xAuthConfigEntry 13 }
etsysDot1xAuthKeyTxEnabled OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The value of the keyTransmissionEnabled constant
currently in use by the Authenticator PAE state
machine."
REFERENCE "IEEE 802.1x Section 9.4.1, keyTransmissionEnabled"
::= { etsysDot1xAuthConfigEntry 14 }
etsysDot1xAuthStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF EtsysDot1xAuthStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains the statistics objects for the
Authenticator PAE associated with each Port.
An entry appears in this table for each port that may
authenticate access to itself."
REFERENCE "IEEE 802.1x Section 9.4.2 Authenticator Statistics"
::= { etsysDot1xAuthStationBranch 3 }
etsysDot1xAuthStatsEntry OBJECT-TYPE
SYNTAX EtsysDot1xAuthStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The statistics information for an Authenticator PAE."
INDEX { etsysDot1xAuthStationAddress }
::= { etsysDot1xAuthStatsTable 1 }
EtsysDot1xAuthStatsEntry ::=
SEQUENCE { etsysDot1xAuthEapolFramesRx Counter32,
etsysDot1xAuthEapolFramesTx Counter32,
etsysDot1xAuthEapolStartFramesRx Counter32,
etsysDot1xAuthEapolLogoffFramesRx Counter32,
etsysDot1xAuthEapolRespIdFramesRx Counter32,
etsysDot1xAuthEapolRespFramesRx Counter32,
etsysDot1xAuthEapolReqIdFramesTx Counter32,
etsysDot1xAuthEapolReqFramesTx Counter32,
etsysDot1xAuthInvalidEapolFramesRx Counter32,
etsysDot1xAuthEapLengthErrorFramesRx Counter32,
etsysDot1xAuthLastEapolFrameVersion Unsigned32,
etsysDot1xAuthLastEapolFrameSource MacAddress
}
etsysDot1xAuthEapolFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of valid EAPOL frames of any type
that have been received by this Authenticator."
REFERENCE "IEEE 802.1x Section 9.4.2, EAPOL frames received"
::= { etsysDot1xAuthStatsEntry 1 }
etsysDot1xAuthEapolFramesTx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAPOL frames of any type
that have been transmitted by this Authenticator."
REFERENCE "IEEE 802.1x Section 9.4.2, EAPOL frames transmitted"
::= { etsysDot1xAuthStatsEntry 2 }
etsysDot1xAuthEapolStartFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAPOL Start frames that have
been received by this Authenticator."
REFERENCE "IEEE 802.1x Section 9.4.2, EAPOL Start frames received"
::= { etsysDot1xAuthStatsEntry 3 }
etsysDot1xAuthEapolLogoffFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAPOL Logoff frames that have
been received by this Authenticator."
REFERENCE "IEEE 802.1x Section 9.4.2, EAPOL Logoff frames received"
::= { etsysDot1xAuthStatsEntry 4 }
etsysDot1xAuthEapolRespIdFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAP Resp/Id frames that have
been received by this Authenticator."
REFERENCE "IEEE 802.1x Section 9.4.2, EAPOL Resp/Id frames
received"
::= { etsysDot1xAuthStatsEntry 5 }
etsysDot1xAuthEapolRespFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of valid EAP Response frames
(other than Resp/Id frames) that have been
received by this Authenticator."
REFERENCE "IEEE 802.1x Section 9.4.2, EAPOL Response frames
received"
::= { etsysDot1xAuthStatsEntry 6 }
etsysDot1xAuthEapolReqIdFramesTx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAP Req/Id frames that have been
transmitted by this Authenticator."
REFERENCE "IEEE 802.1x Section 9.4.2, EAPOL Req/Id frames
transmitted"
::= { etsysDot1xAuthStatsEntry 7 }
etsysDot1xAuthEapolReqFramesTx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAP Request frames
(other than Rq/Id frames) that have been
transmitted by this Authenticator."
REFERENCE "IEEE 802.1x Section 9.4.2, EAPOL Request frames
transmitted"
::= { etsysDot1xAuthStatsEntry 8 }
etsysDot1xAuthInvalidEapolFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAPOL frames that have been
received by this Authenticator in which the
frame type is not recognized."
REFERENCE "IEEE 802.1x Section 9.4.2, Invalid EAPOL frames
received"
::= { etsysDot1xAuthStatsEntry 9 }
etsysDot1xAuthEapLengthErrorFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of EAPOL frames that have been received
by this Authenticator in which the Packet Body
Length field is invalid."
REFERENCE "IEEE 802.1x Section 9.4.2, EAP length error frames
received"
::= { etsysDot1xAuthStatsEntry 10 }
etsysDot1xAuthLastEapolFrameVersion OBJECT-TYPE
SYNTAX Unsigned32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The protocol version number carried in the
most recently received EAPOL frame."
REFERENCE "IEEE 802.1x Section 9.4.2, Last EAPOL frame version"
::= { etsysDot1xAuthStatsEntry 11 }
etsysDot1xAuthLastEapolFrameSource OBJECT-TYPE
SYNTAX MacAddress
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The source MAC address carried in the most
recently received EAPOL frame."
REFERENCE "IEEE 802.1x Section 9.4.2, Last EAPOL frame source"
::= { etsysDot1xAuthStatsEntry 12 }
etsysDot1xAuthDiagTable OBJECT-TYPE
SYNTAX SEQUENCE OF EtsysDot1xAuthDiagEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains the diagnostics objects for the
Authenticator PAE associated with each Port.
An entry appears in this table for each port that may
authenticate access to itself."
REFERENCE "IEEE 802.1x Section 9.4.3 Authenticator Diagnostics"
::= { etsysDot1xAuthStationBranch 4 }
etsysDot1xAuthDiagEntry OBJECT-TYPE
SYNTAX EtsysDot1xAuthDiagEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The diagnostics information for an Authenticator PAE."
INDEX { etsysDot1xAuthStationAddress }
::= { etsysDot1xAuthDiagTable 1 }
EtsysDot1xAuthDiagEntry ::=
SEQUENCE {
etsysDot1xAuthEntersConnecting Counter32,
etsysDot1xAuthEapLogoffsWhileConnecting Counter32,
etsysDot1xAuthEntersAuthenticating Counter32,
etsysDot1xAuthAuthSuccessWhileAuthenticating Counter32,
etsysDot1xAuthAuthTimeoutsWhileAuthenticating Counter32,
etsysDot1xAuthAuthFailWhileAuthenticating Counter32,
etsysDot1xAuthAuthReauthsWhileAuthenticating Counter32,
etsysDot1xAuthAuthEapStartsWhileAuthenticating Counter32,
etsysDot1xAuthAuthEapLogoffWhileAuthenticating Counter32,
etsysDot1xAuthAuthReauthsWhileAuthenticated Counter32,
etsysDot1xAuthAuthEapStartsWhileAuthenticated Counter32,
etsysDot1xAuthAuthEapLogoffWhileAuthenticated Counter32,
etsysDot1xAuthBackendResponses Counter32,
etsysDot1xAuthBackendAccessChallenges Counter32,
etsysDot1xAuthBackendOtherRequestsToSupplicant Counter32,
etsysDot1xAuthBackendNonNakResponsesFromSupplicant Counter32,
etsysDot1xAuthBackendAuthSuccesses Counter32,
etsysDot1xAuthBackendAuthFails Counter32
}
etsysDot1xAuthEntersConnecting OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions to the CONNECTING state from any other
state."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.4.2.1"
::= { etsysDot1xAuthDiagEntry 1 }
etsysDot1xAuthEapLogoffsWhileConnecting OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from CONNECTING to DISCONNECTED as a result
of receiving an EAPOL-Logoff message."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.4.2.2"
::= { etsysDot1xAuthDiagEntry 2 }
etsysDot1xAuthEntersAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from CONNECTING to AUTHENTICATING, as a
result of an EAP-Response/Identity message being
received from the Supplicant."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.4.2.3"
::= { etsysDot1xAuthDiagEntry 3 }
etsysDot1xAuthAuthSuccessWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to AUTHENTICATED, as a
result of the Backend Authentication state machine
indicating successful authentication of the Supplicant
(authSuccess = TRUE)."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.4.2.4"
::= { etsysDot1xAuthDiagEntry 4 }
etsysDot1xAuthAuthTimeoutsWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to ABORTING, as a
result of the Backend Authentication state machine
indicating authentication timeout (authTimeout =
TRUE)."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.4.2.5"
::= { etsysDot1xAuthDiagEntry 5 }
etsysDot1xAuthAuthFailWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to HELD, as a result
of the Backend Authentication state machine indicating
authentication failure (authFail = TRUE)."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.4.2.6"
::= { etsysDot1xAuthDiagEntry 6 }
etsysDot1xAuthAuthReauthsWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to ABORTING, as a
result of a reauthentication request (reAuthenticate
= TRUE)."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.4.2.7"
::= { etsysDot1xAuthDiagEntry 7 }
etsysDot1xAuthAuthEapStartsWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to ABORTING, as a
result of an EAPOL-Start message being received from
the Supplicant."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.4.2.8"
::= { etsysDot1xAuthDiagEntry 8 }
etsysDot1xAuthAuthEapLogoffWhileAuthenticating OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATING to ABORTING, as a result
of an EAPOL-Logoff message being received
from the Supplicant."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.4.2.9"
::= { etsysDot1xAuthDiagEntry 9 }
etsysDot1xAuthAuthReauthsWhileAuthenticated OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATED to CONNECTING, as a
result of a reauthentication request
(reAuthenticate = TRUE)."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.4.2.10"
::= { etsysDot1xAuthDiagEntry 10 }
etsysDot1xAuthAuthEapStartsWhileAuthenticated OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATED to CONNECTING, as a
result of an EAPOL-Start message being received from the
Supplicant."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.4.2.11"
::= { etsysDot1xAuthDiagEntry 11 }
etsysDot1xAuthAuthEapLogoffWhileAuthenticated OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
transitions from AUTHENTICATED to DISCONNECTED, as a
result of an EAPOL-Logoff message being received from
the Supplicant."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.4.2.12"
::= { etsysDot1xAuthDiagEntry 12 }
etsysDot1xAuthBackendResponses OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine sends
an initial Access-Request packet to the Authentication
server (i.e., executes sendRespToServer on entry to the
RESPONSE state). Indicates that the Authenticator
attempted communication with the Authentication Server."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.6.2.1"
::= { etsysDot1xAuthDiagEntry 13 }
etsysDot1xAuthBackendAccessChallenges OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
receives an initial Access-Challenge packet from the
Authentication server (i.e., aReq becomes TRUE,
causing exit from the RESPONSE state). Indicates that
the Authentication Server has communication with
the Authenticator."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.6.2.2"
::= { etsysDot1xAuthDiagEntry 14 }
etsysDot1xAuthBackendOtherRequestsToSupplicant OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
sends an EAP-Request packet (other than an Identity,
Notification, Failure or Success message) to the
Supplicant (i.e., executes txReq on entry to the
REQUEST state). Indicates that the Authenticator chose
an EAP-method."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.6.2.3"
::= { etsysDot1xAuthDiagEntry 15 }
etsysDot1xAuthBackendNonNakResponsesFromSupplicant OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
receives a response from the Supplicant to an initial
EAP-Request, and the response is something other than
EAP-NAK (i.e., rxResp becomes TRUE, causing the state
machine to transition from REQUEST to RESPONSE,
and the response is not an EAP-NAK). Indicates that
the Supplicant can respond to the Authenticator's
chosen EAP-method."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.6.2.4"
::= { etsysDot1xAuthDiagEntry 16 }
etsysDot1xAuthBackendAuthSuccesses OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
receives an EAP-Success message from the Authentication
Server (i.e., aSuccess becomes TRUE, causing a
transition from RESPONSE to SUCCESS). Indicates that
the Supplicant has successfully authenticated to
the Authentication Server."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.6.2.5"
::= { etsysDot1xAuthDiagEntry 17 }
etsysDot1xAuthBackendAuthFails OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"Counts the number of times that the state machine
receives an EAP-Failure message from the Authentication
Server (i.e., aFail becomes TRUE, causing a transition
from RESPONSE to FAIL). Indicates that the Supplicant
has not authenticated to the Authentication Server."
REFERENCE "IEEE 802.1x Sections 9.4.2, 8.5.6.2.6"
::= { etsysDot1xAuthDiagEntry 18 }
etsysDot1xAuthSessionStatsTable OBJECT-TYPE
SYNTAX SEQUENCE OF EtsysDot1xAuthSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"A table that contains the session statistics objects
for the Authenticator PAE associated with each Port.
An entry appears in this table for each port that may
authenticate access to itself."
REFERENCE "IEEE 802.1x Section 9.4.4"
::= { etsysDot1xAuthStationBranch 5 }
etsysDot1xAuthSessionStatsEntry OBJECT-TYPE
SYNTAX EtsysDot1xAuthSessionStatsEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"The session statistics information for an Authenticator
PAE. This shows the current values being collected for
each session that is still in progress, or the final
values for the last valid session on each port where
there is no session currently active."
INDEX { etsysDot1xAuthStationAddress }
::= { etsysDot1xAuthSessionStatsTable 1 }
EtsysDot1xAuthSessionStatsEntry ::=
SEQUENCE { etsysDot1xAuthSessionOctetsRx Counter64,
etsysDot1xAuthSessionOctetsTx Counter64,
etsysDot1xAuthSessionFramesRx Counter32,
etsysDot1xAuthSessionFramesTx Counter32,
etsysDot1xAuthSessionId SnmpAdminString,
etsysDot1xAuthSessionAuthenticMethod INTEGER,
etsysDot1xAuthSessionTime TimeTicks,
etsysDot1xAuthSessionTerminateCause INTEGER
}
etsysDot1xAuthSessionOctetsRx OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of octets received in user data
frames on this Port during the session."
REFERENCE "IEEE 802.1x Section 9.4.4, Session Octets Received"
::= { etsysDot1xAuthSessionStatsEntry 1 }
etsysDot1xAuthSessionOctetsTx OBJECT-TYPE
SYNTAX Counter64
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of octets transmitted in user data
frames on this Port during the session."
REFERENCE "IEEE 802.1x Section 9.4.4, Session Octets Transmitted"
::= { etsysDot1xAuthSessionStatsEntry 2 }
etsysDot1xAuthSessionFramesRx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of user data frames received
on this Port during the session."
REFERENCE "IEEE 802.1x Section 9.4.4, Session Frames Received"
::= { etsysDot1xAuthSessionStatsEntry 3 }
etsysDot1xAuthSessionFramesTx OBJECT-TYPE
SYNTAX Counter32
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The number of user data frames transmitted
on this Port during the session."
REFERENCE "IEEE 802.1x Section 9.4.4, Session Frames Transmitted"
::= { etsysDot1xAuthSessionStatsEntry 4 }
etsysDot1xAuthSessionId OBJECT-TYPE
SYNTAX SnmpAdminString
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"A unique identifier for the session, in the
form of a printable ASCII string of at least
three characters."
REFERENCE "IEEE 802.1x Section 9.4.4, Session Identifier"
::= { etsysDot1xAuthSessionStatsEntry 5 }
etsysDot1xAuthSessionAuthenticMethod OBJECT-TYPE
SYNTAX INTEGER { remoteAuthServer(1),
localAuthServer(2)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The authentication method used to establish the session."
REFERENCE "IEEE 802.1x Section 9.4.4, Session Authentication Method"
::= { etsysDot1xAuthSessionStatsEntry 6 }
etsysDot1xAuthSessionTime OBJECT-TYPE
SYNTAX TimeTicks
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The duration of the session in seconds."
REFERENCE "IEEE 802.1x Section 9.4.4, Session Time"
::= { etsysDot1xAuthSessionStatsEntry 7 }
etsysDot1xAuthSessionTerminateCause OBJECT-TYPE
SYNTAX INTEGER { supplicantLogoff(1),
portFailure(2),
supplicantRestart(3),
reauthFailed(4),
authControlForceUnauth(5),
portReInit(6),
portAdminDisabled(7),
notTerminatedYet(999)
}
MAX-ACCESS read-only
STATUS current
DESCRIPTION
"The reason for the session termination."
REFERENCE "IEEE 802.1x Section 9.4.4, Session Terminate Cause"
::= { etsysDot1xAuthSessionStatsEntry 8 }
etsysDot1xConformance
OBJECT IDENTIFIER ::= { etsys8021xExtensionsMIB 2 }
etsysDot1xGroups OBJECT IDENTIFIER ::= { etsysDot1xConformance 1 }
etsysDot1xCompliances OBJECT IDENTIFIER ::= { etsysDot1xConformance 2 }
etsysDot1xAuthStationGroup OBJECT-GROUP
OBJECTS {
etsysDot1xAuthStationPaePort,
etsysDot1xAuthStationPaeState,
etsysDot1xAuthStationBackendAuthState,
etsysDot1xAuthStationUserName
}
STATUS current
DESCRIPTION
"A collection of objects providing basic status information
about Authenticator PAEs running on ports that use station-
based access control."
::= { etsysDot1xGroups 1 }
etsysDot1xAuthConfigGroup OBJECT-GROUP
OBJECTS {
etsysDot1xAuthInitialize,
etsysDot1xAuthReauthenticate,
etsysDot1xAuthAdminControlledDirections,
etsysDot1xAuthOperControlledDirections,
etsysDot1xAuthAuthControlledPortStatus,
etsysDot1xAuthAuthControlledPortControl,
etsysDot1xAuthQuietPeriod,
etsysDot1xAuthTxPeriod,
etsysDot1xAuthSuppTimeout,
etsysDot1xAuthServerTimeout,
etsysDot1xAuthMaxReq,
etsysDot1xAuthReAuthPeriod,
etsysDot1xAuthReAuthEnabled,
etsysDot1xAuthKeyTxEnabled
}
STATUS current
DESCRIPTION
"A collection of objects providing configuration information
about Authenticator PAEs running on ports that use station-
based access control."
::= { etsysDot1xGroups 2 }
etsysDot1xAuthStatsGroup OBJECT-GROUP
OBJECTS {
etsysDot1xAuthEapolFramesRx,
etsysDot1xAuthEapolFramesTx,
etsysDot1xAuthEapolStartFramesRx,
etsysDot1xAuthEapolLogoffFramesRx,
etsysDot1xAuthEapolRespIdFramesRx,
etsysDot1xAuthEapolRespFramesRx,
etsysDot1xAuthEapolReqIdFramesTx,
etsysDot1xAuthEapolReqFramesTx,
etsysDot1xAuthInvalidEapolFramesRx,
etsysDot1xAuthEapLengthErrorFramesRx,
etsysDot1xAuthLastEapolFrameVersion,
etsysDot1xAuthLastEapolFrameSource
}
STATUS current
DESCRIPTION
"A collection of objects providing statistics about
Authenticator PAEs running on ports that use station-
based access control."
::= { etsysDot1xGroups 3 }
etsysDot1xAuthDiagGroup OBJECT-GROUP
OBJECTS {
etsysDot1xAuthEntersConnecting,
etsysDot1xAuthEapLogoffsWhileConnecting,
etsysDot1xAuthEntersAuthenticating,
etsysDot1xAuthAuthSuccessWhileAuthenticating,
etsysDot1xAuthAuthTimeoutsWhileAuthenticating,
etsysDot1xAuthAuthFailWhileAuthenticating,
etsysDot1xAuthAuthReauthsWhileAuthenticating,
etsysDot1xAuthAuthEapStartsWhileAuthenticating,
etsysDot1xAuthAuthEapLogoffWhileAuthenticating,
etsysDot1xAuthAuthReauthsWhileAuthenticated,
etsysDot1xAuthAuthEapStartsWhileAuthenticated,
etsysDot1xAuthAuthEapLogoffWhileAuthenticated,
etsysDot1xAuthBackendResponses,
etsysDot1xAuthBackendAccessChallenges,
etsysDot1xAuthBackendOtherRequestsToSupplicant,
etsysDot1xAuthBackendNonNakResponsesFromSupplicant,
etsysDot1xAuthBackendAuthSuccesses,
etsysDot1xAuthBackendAuthFails
}
STATUS current
DESCRIPTION
"A collection of objects providing diagnostic statistics
about Authenticator PAEs running on ports that use station-
based access control."
::= { etsysDot1xGroups 4 }
etsysDot1xAuthSessionStatsGroup OBJECT-GROUP
OBJECTS {
etsysDot1xAuthSessionOctetsRx,
etsysDot1xAuthSessionOctetsTx,
etsysDot1xAuthSessionFramesRx,
etsysDot1xAuthSessionFramesTx,
etsysDot1xAuthSessionId,
etsysDot1xAuthSessionAuthenticMethod,
etsysDot1xAuthSessionTime,
etsysDot1xAuthSessionTerminateCause
}
STATUS current
DESCRIPTION
"A collection of objects providing statistics about the
current or last sessions for Authenticator PAEs running
on ports that use station-based access control."
::= { etsysDot1xGroups 5 }
etsysDot1xCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for devices that support the
Enterasys IEEE 802.1x extensions MIB."
MODULE
GROUP etsysDot1xAuthStationGroup
DESCRIPTION
"This group is conditionally mandatory for systems that
support both station-based 802.1x access control and the
Authenticator functions of the PAE, and that implement
any of the objects in the etsysDot1xAuthStationBranch."
GROUP etsysDot1xAuthConfigGroup
DESCRIPTION
"This group is conditionally mandatory for systems that
support both station-based 802.1x access control and the
Authenticator functions of the PAE, and that implement
any of the objects in the etsysDot1xAuthStationBranch."
GROUP etsysDot1xAuthStatsGroup
DESCRIPTION
"This group is conditionally mandatory for systems that
support both station-based 802.1x access control and the
Authenticator functions of the PAE, and that implement
any of the objects in the etsysDot1xAuthStationBranch."
GROUP etsysDot1xAuthDiagGroup
DESCRIPTION
"This group is optional."
GROUP etsysDot1xAuthSessionStatsGroup
DESCRIPTION
"This group is optional."
OBJECT etsysDot1xAuthInitialize
MIN-ACCESS read-only
DESCRIPTION "Write access is not required."
OBJECT etsysDot1xAuthReauthenticate
MIN-ACCESS read-only
DESCRIPTION "Write access is not required."
::= { etsysDot1xCompliances 1 }
END