mirror of
https://github.com/librenms/librenms.git
synced 2024-10-07 16:52:45 +00:00
6b9d05653c
git-svn-id: http://www.observium.org/svn/observer/trunk@1569 61d68cd4-352d-0410-923a-c4978735b2b8
451 lines
17 KiB
Plaintext
451 lines
17 KiB
Plaintext
ENTERASYS-RADIUS-ACCT-CLIENT-EXT-MIB DEFINITIONS ::= BEGIN
|
|
|
|
--
|
|
-- Part Number: <TBD>
|
|
--
|
|
--
|
|
|
|
-- This module provides authoritative definitions for Enterasys
|
|
-- Network's RADIUS Accounting Client MIB.
|
|
|
|
--
|
|
-- This module will be extended, as needed.
|
|
|
|
-- Enterasys Networks reserves the right to make changes in this
|
|
-- specification and other information contained in this document
|
|
-- without prior notice. The reader should consult Enterasys Networks
|
|
-- to determine whether any such changes have been made.
|
|
--
|
|
-- In no event shall Enterasys Networks be liable for any incidental,
|
|
-- indirect, special, or consequential damages whatsoever (including
|
|
-- but not limited to lost profits) arising out of or related to this
|
|
-- document or the information contained in it, even if Enterasys
|
|
-- Networks has been advised of, known, or should have known, the
|
|
-- possibility of such damages.
|
|
--
|
|
-- Enterasys Networks grants vendors, end-users, and other interested
|
|
-- parties a non-exclusive license to use this Specification in
|
|
-- connection with the management of Enterasys Networks products.
|
|
|
|
-- Copyright July, 2002-2004 Enterasys Networks, Inc.
|
|
|
|
IMPORTS
|
|
MODULE-IDENTITY, OBJECT-TYPE FROM SNMPv2-SMI
|
|
Integer32 FROM SNMPv2-SMI
|
|
MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF
|
|
TruthValue, RowStatus FROM SNMPv2-TC
|
|
InetAddressType, InetAddress FROM INET-ADDRESS-MIB
|
|
etsysModules FROM ENTERASYS-MIB-NAMES;
|
|
|
|
etsysRadiusAcctClientMIB MODULE-IDENTITY
|
|
LAST-UPDATED "200411121523Z" -- Fri Nov 12 15:23 GMT 2004
|
|
ORGANIZATION "Enterasys Networks"
|
|
CONTACT-INFO
|
|
"Postal: Enterasys Networks
|
|
50 Minuteman Rd.
|
|
Andover, MA 01810-1008
|
|
USA
|
|
Phone: +1 978 684 1000
|
|
E-mail: support@enterasys.com
|
|
WWW: http://www.enterasys.com"
|
|
|
|
DESCRIPTION
|
|
"This MIB module defines a portion of the SNMP enterprise
|
|
MIBs under Enterasys Networks' enterprise OID pertaining to
|
|
the client side of the Remote Access Dialin User Service
|
|
(RADIUS) Accounting protocol (RFC2866).
|
|
|
|
This MIB provides read-write access to configuration objects
|
|
not provided in the standard RADIUS Accounting Client
|
|
MIB (RFC2620). However, the write capability must only
|
|
be supported for SNMPv3, or other SNMP versions with
|
|
adequately strong security.
|
|
|
|
Security concerns include Object ID verification, source
|
|
address verification and timeliness verification."
|
|
|
|
REVISION "200411121523Z" -- Fri Nov 12 15:23 GMT 2004
|
|
DESCRIPTION
|
|
"Removed the UNITS clause from the
|
|
etsysRadiusAcctClientServerRetries object."
|
|
|
|
REVISION "200409091437Z" -- Thu Sep 9 14:37 GMT 2004
|
|
DESCRIPTION
|
|
"Added UNITS clauses to a number of objects that are expressed
|
|
in seconds, and DEFVAL clauses for the
|
|
etsysRadiusAcctClientUpdateInterval and
|
|
etsysRadiusAcctClientIntervalMinimum objects."
|
|
|
|
REVISION "200408301555Z" -- Mon Aug 30 15:55 GMT 2004
|
|
DESCRIPTION
|
|
"In the columnar objects in etsysRadiusAcctClientServerTable,
|
|
changed the MAX-ACCESS clauses of the read-write objects to
|
|
read-create, added DEFVAL clauses to a number of the objects,
|
|
and modified the DESCRIPTION clause for the RowStatus object
|
|
to resolve a conflict between the syntax and the description.
|
|
Deprecated the etsysRadiusAcctClientServerClearTime object.
|
|
Changed a number of objects with SYNTAX clauses of INTEGER
|
|
to Integer32."
|
|
|
|
REVISION "200408251503Z" -- Wed Aug 25 15:03 GMT 2004
|
|
DESCRIPTION
|
|
"Changed etsysRadiusClientMIBCompliance to
|
|
etsysRadiusAcctClientMIBCompliance due to
|
|
a conflict with the etsysRadiusAcctClientMIB."
|
|
|
|
REVISION "200209131930Z" -- Fri Sep 13 19:30 GMT 2002
|
|
DESCRIPTION
|
|
"The Initial version of this MIB module."
|
|
|
|
::= { etsysModules 27 }
|
|
|
|
|
|
-- ------------------------------------
|
|
-- MIB Objects
|
|
-- ------------------------------------
|
|
|
|
etsysRadiusAcctClientMIBObjects
|
|
OBJECT IDENTIFIER ::= { etsysRadiusAcctClientMIB 1 }
|
|
|
|
etsysRadiusAcctClientEnable OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
enable(1),
|
|
disable(2)
|
|
}
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object indicates whether or not RADIUS Accounting
|
|
is enabled or disabled. This parameter value is maintained
|
|
across system reboots."
|
|
DEFVAL { disable }
|
|
::= { etsysRadiusAcctClientMIBObjects 1 }
|
|
|
|
etsysRadiusAcctClientUpdateInterval OBJECT-TYPE
|
|
SYNTAX Integer32 (0..2147483647)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This indicates how many seconds elapse between accounting
|
|
interim updates. This parameter value is maintained across
|
|
system reboots. A value of zero means no Interim Updates.
|
|
If the value is less than etsysRadiusAcctClientIntervalMinimum,
|
|
the etsysRadiusAcctClientIntervalMinimum value will be used
|
|
for the update interval time. If RADIUS Accounting is not
|
|
enabled, this object is ignored. Note that Accounting
|
|
Interim Updates are not issued by the RADIUS Accounting
|
|
Client, unless so requested by the RADIUS Server in an Access
|
|
Accept packet."
|
|
DEFVAL { 1800 }
|
|
::= { etsysRadiusAcctClientMIBObjects 2 }
|
|
|
|
etsysRadiusAcctClientIntervalMinimum OBJECT-TYPE
|
|
SYNTAX Integer32 (60..2147483647)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-write
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This indicates the minimum value in seconds between
|
|
accounting interim updates supported by the managed
|
|
entity. This parameter value is maintained across
|
|
system reboots. If RADIUS Accounting is not enabled,
|
|
this object is ignored."
|
|
DEFVAL { 600 }
|
|
::= { etsysRadiusAcctClientMIBObjects 3 }
|
|
|
|
etsysRadiusAcctClientServerTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF EtsysRadiusAcctClientServerEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The (conceptual) table listing the RADIUS Accounting
|
|
servers."
|
|
::= { etsysRadiusAcctClientMIBObjects 4 }
|
|
|
|
etsysRadiusAcctClientServerEntry OBJECT-TYPE
|
|
SYNTAX EtsysRadiusAcctClientServerEntry
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"An entry (conceptual row) representing a RADIUS
|
|
Accounting server with which the client shares
|
|
a secret. If RADIUS Accounting is not enabled, this
|
|
table is ignored.
|
|
|
|
All created conceptual rows are non-volatile and as such
|
|
must be maintained upon restart of the agent."
|
|
INDEX { etsysRadiusAcctClientServerIndex }
|
|
::= { etsysRadiusAcctClientServerTable 1 }
|
|
|
|
EtsysRadiusAcctClientServerEntry ::=
|
|
SEQUENCE {
|
|
etsysRadiusAcctClientServerIndex Integer32,
|
|
etsysRadiusAcctClientServerAddressType InetAddressType,
|
|
etsysRadiusAcctClientServerAddress InetAddress,
|
|
etsysRadiusAcctClientServerPortNumber Integer32,
|
|
etsysRadiusAcctClientServerSecret OCTET STRING,
|
|
etsysRadiusAcctClientServerSecretEntered TruthValue,
|
|
etsysRadiusAcctClientServerRetryTimeout Integer32,
|
|
etsysRadiusAcctClientServerRetries Integer32,
|
|
etsysRadiusAcctClientServerClearTime Integer32,
|
|
etsysRadiusAcctClientServerStatus RowStatus
|
|
}
|
|
|
|
etsysRadiusAcctClientServerIndex OBJECT-TYPE
|
|
SYNTAX Integer32 (1..2147483647)
|
|
MAX-ACCESS not-accessible
|
|
STATUS current
|
|
DESCRIPTION
|
|
"A number uniquely identifying each conceptual row
|
|
in the etsysRadiusAcctClientServerTable.
|
|
|
|
In the event of an agent restart, the same value
|
|
of etsysRadiusAcctClientServerIndex must be used to
|
|
identify each conceptual row in
|
|
etsysRadiusAcctClientServerTable as was used prior
|
|
to the restart."
|
|
::= { etsysRadiusAcctClientServerEntry 1 }
|
|
|
|
etsysRadiusAcctClientServerAddressType OBJECT-TYPE
|
|
SYNTAX InetAddressType
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The type of Internet address by which the
|
|
RADIUS Accounting server is reachable."
|
|
DEFVAL { ipv4 }
|
|
::= { etsysRadiusAcctClientServerEntry 2 }
|
|
|
|
etsysRadiusAcctClientServerAddress OBJECT-TYPE
|
|
SYNTAX InetAddress (SIZE(1..64))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The Internet address for the RADIUS Accounting
|
|
server. Note that implementations must limit
|
|
themselves to a single entry in this table per
|
|
reachable server.
|
|
|
|
The etsysRadiusAcctClientServerAddress may not be
|
|
empty due to the SIZE restriction. Also the size
|
|
of a DNS name is limited to 64 characters.
|
|
|
|
This parameter value is maintained across system
|
|
reboots."
|
|
::= { etsysRadiusAcctClientServerEntry 3 }
|
|
|
|
etsysRadiusAcctClientServerPortNumber OBJECT-TYPE
|
|
SYNTAX Integer32 (1..65535)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The UDP port number (1-65535) the client is using
|
|
to send requests to this server. The officially
|
|
assigned port number for RADIUS Accounting is 1813.
|
|
This parameter value is maintained across system
|
|
reboots."
|
|
DEFVAL { 1813 }
|
|
::= { etsysRadiusAcctClientServerEntry 4 }
|
|
|
|
etsysRadiusAcctClientServerSecret OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This object is the secret shared between the RADIUS
|
|
Accounting server and RADIUS client. This
|
|
parameter value is maintained across system reboots.
|
|
While the 'official' MAX-ACCESS for this object is
|
|
read-create, all security-conscious implementations
|
|
will 'lie' on a read, and return a null-string, or
|
|
something else that is fairly innocuous. The
|
|
ability to read back passwords and secret
|
|
encryption keys is generally a Bad Thing (tm)."
|
|
::= { etsysRadiusAcctClientServerEntry 5 }
|
|
|
|
etsysRadiusAcctClientServerSecretEntered OBJECT-TYPE
|
|
SYNTAX TruthValue
|
|
MAX-ACCESS read-only
|
|
STATUS current
|
|
DESCRIPTION
|
|
"This indicates the existence of a shared secret."
|
|
::= { etsysRadiusAcctClientServerEntry 6 }
|
|
|
|
etsysRadiusAcctClientServerRetryTimeout OBJECT-TYPE
|
|
SYNTAX Integer32 (2..10)
|
|
UNITS "seconds"
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of seconds to wait for a RADIUS Accounting
|
|
Server to respond to a request. This parameter value
|
|
is maintained across system reboots."
|
|
DEFVAL { 5 }
|
|
::= { etsysRadiusAcctClientServerEntry 7 }
|
|
|
|
etsysRadiusAcctClientServerRetries OBJECT-TYPE
|
|
SYNTAX Integer32 (0..20)
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The number of times to resend an accounting packet
|
|
if a RADIUS Accounting Server does not respond to a
|
|
request. This parameter value is maintained across
|
|
system reboots."
|
|
DEFVAL { 2 }
|
|
::= { etsysRadiusAcctClientServerEntry 8 }
|
|
|
|
etsysRadiusAcctClientServerClearTime OBJECT-TYPE
|
|
SYNTAX Integer32 (1..2147483647)
|
|
MAX-ACCESS read-create
|
|
STATUS deprecated
|
|
DESCRIPTION
|
|
"On a read, this value indicates the number of seconds
|
|
since the counters, as defined in the IETF standard
|
|
RADIUS Accounting Client MIB (RFC2618), were cleared.
|
|
|
|
On a write, the client counters will be cleared and
|
|
the clear time will be set to zero."
|
|
::= { etsysRadiusAcctClientServerEntry 9 }
|
|
|
|
etsysRadiusAcctClientServerStatus OBJECT-TYPE
|
|
SYNTAX RowStatus
|
|
MAX-ACCESS read-create
|
|
STATUS current
|
|
DESCRIPTION
|
|
"Lets users create and delete RADIUS Accounting
|
|
server entries on systems that support this
|
|
capability.
|
|
|
|
Rules
|
|
|
|
1. When creating a RADIUS Accounting Client, it
|
|
is up to the management station to determine a
|
|
suitable etsysRadiusAcctClientServerIndex.
|
|
To facilitate interoperability, agents should not
|
|
put any restrictions on the
|
|
etsysRadiusAcctClientServerIndex beyond the
|
|
obvious ones that it be valid and unused.
|
|
|
|
2. Before a new row can become 'active', values
|
|
must be supplied for the columnar objects
|
|
etsysRadiusAcctClientClientServerAddress,
|
|
and etsysRadiusAcctClientServerSecret.
|
|
|
|
3. The value of etsysRadiusAcctClientServerStatus
|
|
must be set to 'notInService' in order to modify
|
|
a writable object in the same conceptual row.
|
|
|
|
4. etsysRadiusAcctClientServer entries whose
|
|
status is 'notReady' or 'notInService' will
|
|
not be used for Accounting."
|
|
::= { etsysRadiusAcctClientServerEntry 10 }
|
|
|
|
|
|
-- ------------------------------------
|
|
-- Conformance information
|
|
-- ------------------------------------
|
|
|
|
etsysRadiusAcctClientMIBConformance
|
|
OBJECT IDENTIFIER ::= { etsysRadiusAcctClientMIB 2 }
|
|
|
|
etsysRadiusAcctClientMIBCompliances
|
|
OBJECT IDENTIFIER ::= { etsysRadiusAcctClientMIBConformance 1 }
|
|
|
|
etsysRadiusAcctClientMIBGroups
|
|
OBJECT IDENTIFIER ::= { etsysRadiusAcctClientMIBConformance 2 }
|
|
|
|
|
|
-- ------------------------------------
|
|
-- Units of conformance
|
|
-- ------------------------------------
|
|
|
|
etsysRadiusAcctClientMIBGroup OBJECT-GROUP
|
|
OBJECTS { etsysRadiusAcctClientEnable,
|
|
etsysRadiusAcctClientUpdateInterval,
|
|
etsysRadiusAcctClientIntervalMinimum,
|
|
etsysRadiusAcctClientServerAddressType,
|
|
etsysRadiusAcctClientServerAddress,
|
|
etsysRadiusAcctClientServerPortNumber,
|
|
etsysRadiusAcctClientServerSecret,
|
|
etsysRadiusAcctClientServerSecretEntered,
|
|
etsysRadiusAcctClientServerRetryTimeout,
|
|
etsysRadiusAcctClientServerRetries,
|
|
etsysRadiusAcctClientServerClearTime,
|
|
etsysRadiusAcctClientServerStatus
|
|
}
|
|
STATUS deprecated
|
|
DESCRIPTION
|
|
"The basic collection of objects providing a proprietary
|
|
extension to the standard RADIUS Client MIB.
|
|
|
|
This MIB provides read-write access to configuration
|
|
objects not provided in the standard RADIUS Accounting Client
|
|
MIB (RFC2618). However, the write capability must only
|
|
be supported for SNMPv3, or other SNMP versions with
|
|
adequately strong security."
|
|
::= { etsysRadiusAcctClientMIBGroups 1 }
|
|
|
|
etsysRadiusAcctClientMIBGroupV2 OBJECT-GROUP
|
|
OBJECTS { etsysRadiusAcctClientEnable,
|
|
etsysRadiusAcctClientUpdateInterval,
|
|
etsysRadiusAcctClientIntervalMinimum,
|
|
etsysRadiusAcctClientServerAddressType,
|
|
etsysRadiusAcctClientServerAddress,
|
|
etsysRadiusAcctClientServerPortNumber,
|
|
etsysRadiusAcctClientServerSecret,
|
|
etsysRadiusAcctClientServerSecretEntered,
|
|
etsysRadiusAcctClientServerRetryTimeout,
|
|
etsysRadiusAcctClientServerRetries,
|
|
etsysRadiusAcctClientServerStatus
|
|
}
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The basic collection of objects providing a proprietary
|
|
extension to the standard RADIUS Client MIB.
|
|
|
|
etsysRadiusAcctClientServerClearTime was deprecated in
|
|
this group."
|
|
::= { etsysRadiusAcctClientMIBGroups 2 }
|
|
|
|
|
|
-- ------------------------------------
|
|
-- Compliance statements
|
|
-- ------------------------------------
|
|
|
|
-- The following object name conflicts with one in the
|
|
-- etsysRadiusAuthClientMIB
|
|
--
|
|
-- etsysRadiusClientMIBCompliance MODULE-COMPLIANCE
|
|
-- STATUS current
|
|
-- DESCRIPTION
|
|
-- "The compliance statement for Accounting clients
|
|
-- implementing the RADIUS Accounting Client MIB."
|
|
-- MODULE - this module
|
|
-- MANDATORY-GROUPS { etsysRadiusAcctClientMIBGroup }
|
|
--
|
|
-- ::= { etsysRadiusAcctClientMIBCompliances 1 }
|
|
|
|
etsysRadiusAcctClientMIBCompliance MODULE-COMPLIANCE
|
|
STATUS deprecated
|
|
DESCRIPTION
|
|
"The compliance statement for Accounting clients
|
|
implementing the RADIUS Accounting Client MIB."
|
|
MODULE -- this module
|
|
MANDATORY-GROUPS { etsysRadiusAcctClientMIBGroup }
|
|
|
|
::= { etsysRadiusAcctClientMIBCompliances 2 }
|
|
|
|
etsysRadiusAcctClientMIBComplianceV2 MODULE-COMPLIANCE
|
|
STATUS current
|
|
DESCRIPTION
|
|
"The compliance statement for Accounting clients
|
|
implementing the RADIUS Accounting Client MIB."
|
|
MODULE -- this module
|
|
MANDATORY-GROUPS { etsysRadiusAcctClientMIBGroupV2 }
|
|
|
|
::= { etsysRadiusAcctClientMIBCompliances 3 }
|
|
|
|
END
|