BRCD-DOT1X-MIB

File: BRCD-DOT1X-MIB.mib (20682 bytes)

Imported modules

SNMPv2-SMI IF-MIB SNMPv2-TC
INET-ADDRESS-MIB P-BRIDGE-MIB SNMP-FRAMEWORK-MIB

Imported symbols

MODULE-IDENTITY OBJECT-TYPE Integer32
Counter32 Unsigned32 ifIndex
MacAddress InetAddressType InetAddress
EnabledStatus SnmpAdminString

Defined Types

VlanId  
TEXTUAL-CONVENTION    
  current INTEGER 1..4094

BrcdDot1xAuthPortStatEntry  
SEQUENCE    
  brcdDot1xAuthPortStatRxEAPFrames Counter32
  brcdDot1xAuthPortStatTxEAPFrames Counter32
  brcdDot1xAuthPortStatRxEAPStartFrames Counter32
  brcdDot1xAuthPortStatRxEAPLogOffFrames Counter32
  brcdDot1xAuthPortStatRxEAPRespIdFrames Counter32
  brcdDot1xAuthPortStatTxEAPReqIdFrames Counter32
  brcdDot1xAuthPortStatRxEAPInvalidFrames Counter32
  brcdDot1xAuthPortStatEAPLastFrameVersionRx Unsigned32
  brcdDot1xAuthPortStatRxEAPRespOrIdFrames Counter32
  brcdDot1xAuthPortStatRxLengthErrorFrame Integer32
  brcdDot1xAuthPortStatTxRequestFrames Counter32
  brcdDot1xAuthPortStatLastEAPFrameSource MacAddress

BrcdDot1xAuthPortStateEntry  
SEQUENCE    
  brcdDot1xAuthPortStateMacSessions Unsigned32
  brcdDot1xAuthPortStateAuthMacSessions Unsigned32
  brcdDot1xAuthPortStateOriginalPVID Unsigned32
  brcdDot1xAuthPortStatePVIDMacTotal Unsigned32
  brcdDot1xAuthPortStatePVIDMacAuthorized Unsigned32
  brcdDot1xAuthPortStatePortVlanState INTEGER
  brcdDot1xAuthPortStatePVID Unsigned32
  brcdDot1xAuthPortStateRestrictPVID Unsigned32
  brcdDot1xAuthPortStateRadiusAssignPVID Unsigned32

BrcdDot1xAuthPortConfigEntry  
SEQUENCE    
  brcdDot1xAuthPortConfigPortControl INTEGER
  brcdDot1xAuthPortConfigFilterStrictSec EnabledStatus
  brcdDot1xAuthPortConfigDot1xOnPort EnabledStatus

BrcdDot1xAuthMacSessionEntry  
SEQUENCE    
  brcdDot1xAuthMacSessionAuthMac MacAddress
  brcdDot1xAuthMacSessionUserName SnmpAdminString
  brcdDot1xAuthMacSessionIncomingVlanId VlanId
  brcdDot1xAuthMacSessionCurrentVlanId VlanId
  brcdDot1xAuthMacSessionAccessStatus INTEGER
  brcdDot1xAuthMacSessionMaxAge Unsigned32
  brcdDot1xAuthMacSessionAddrType InetAddressType
  brcdDot1xAuthMacSessionIpAddr InetAddress
  brcdDot1xAuthMacSessionAging INTEGER

Defined Values

brcdDot1xAuth 1.3.6.1.4.1.1991.1.1.3.38
Management Information for configuration /querying of 802.1x authentication It is grouped into five MIBs - 1. Global level configurable admin /status 802.1x information 2. Port level EAPOL statistics information 3. Port level configuration information 4. Different Port state information and 5. 802.1x mac session information Copyright 1996-2010 Brocade Communications Systems, Inc. All rights reserved. This Brocade Communications Systems SNMP Management Information Base Specification embodies Brocade Communications Systems' confidential and proprietary intellectual property. Brocade Communications Systems retains all title and ownership in the Specification, including any revisions. This Specification is supplied AS IS, and Brocade Communications Systems makes no warranty, either express or implied, as to the use, operation, condition, or performance of the specification, and any unintended consequence it may on the user environment.
MODULE-IDENTITY    

brcdDot1xAuthGlobalConfigGroup 1.3.6.1.4.1.1991.1.1.3.38.1
OBJECT IDENTIFIER    

brcdDot1xAuthPortStatistics 1.3.6.1.4.1.1991.1.1.3.38.2
OBJECT IDENTIFIER    

brcdDot1xAuthPortConfig 1.3.6.1.4.1.1991.1.1.3.38.3
OBJECT IDENTIFIER    

brcdDot1xAuthPortState 1.3.6.1.4.1.1991.1.1.3.38.4
OBJECT IDENTIFIER    

brcdDot1xAuthMacSession 1.3.6.1.4.1.1991.1.1.3.38.5
OBJECT IDENTIFIER    

brcdDot1xAuthGlobalAdminGroup 1.3.6.1.4.1.1991.1.1.3.38.6
OBJECT IDENTIFIER    

brcdDot1xAuthGlobalConfigQuietperiod 1.3.6.1.4.1.1991.1.1.3.38.1.1
When the Brocade device is unable to authenticate a Client, the amount of time the Brocade device waits before trying again.. The allowed range is from 0 to 4294967295
OBJECT-TYPE    
  Unsigned32 0..4294967295  

brcdDot1xAuthGlobalConfigTxPeriod 1.3.6.1.4.1.1991.1.1.3.38.1.2
When a Client does not send back an EAP(Extensible Authentication Protocol)-response/identity frame, the amount of time the Brocade device waits before retransmitting the EAP-request/identity frame to a Client The allowed range is from 1 to 4294967295
OBJECT-TYPE    
  Unsigned32 1..4294967295  

brcdDot1xAuthGlobalConfigSuppTimeOut 1.3.6.1.4.1.1991.1.1.3.38.1.3
When a supplicant (Client) does not respond to an EAP-request frame, the amount of time before the Brocade device retransmits the frame The allowed range is from 1 to 4294967295
OBJECT-TYPE    
  Unsigned32 1..4294967295  

brcdDot1xAuthGlobalConfigAuthServerTimeOut 1.3.6.1.4.1.1991.1.1.3.38.1.4
When the Authentication Server (RADIUS) does not respond to a message sent from the Client, the amount of time before the Brocade device retransmits the message. The allowed range is from 1 to 4294967295
OBJECT-TYPE    
  Unsigned32 1..4294967295  

brcdDot1xAuthGlobalConfigMaxReq 1.3.6.1.4.1.1991.1.1.3.38.1.5
The number of times the Brocade device retransmits an EAP-request/identity request frame if it does not receive an EAP-response/identity response frame from a Client
OBJECT-TYPE    
  Unsigned32  

brcdDot1xAuthGlobalConfigReAuthMax 1.3.6.1.4.1.1991.1.1.3.38.1.6
The number of re-authentication attempts that are permitted before the port becomes Unauthorized
OBJECT-TYPE    
  Unsigned32  

brcdDot1xAuthGlobalConfigReAuthPeriod 1.3.6.1.4.1.1991.1.1.3.38.1.7
How often the device automatically re-authenticates clients when periodic re-authentication is enabled The allowed range is from 1 to 4294967295
OBJECT-TYPE    
  Unsigned32 1..4294967295  

brcdDot1xAuthGlobalConfigProtocolVersion 1.3.6.1.4.1.1991.1.1.3.38.1.8
The EAP protocol version
OBJECT-TYPE    
  Unsigned32  

brcdDot1xAuthGlobalConfigTotalPortsEnabled 1.3.6.1.4.1.1991.1.1.3.38.1.9
The total number of ports that have 802.1x enabled
OBJECT-TYPE    
  Unsigned32  

brcdDot1xAuthGlobalConfigReauthStatus 1.3.6.1.4.1.1991.1.1.3.38.1.10
Used to enable / disable Reauthentication globally
OBJECT-TYPE    
  EnabledStatus  

brcdDot1xAuthGlobalConfigMacSessionMaxAge 1.3.6.1.4.1.1991.1.1.3.38.1.11
The Max-Age of the 802.1x mac session- A value between 1 and 65535
OBJECT-TYPE    
  Unsigned32  

brcdDot1xAuthGlobalConfigNoAgingDeniedSessions 1.3.6.1.4.1.1991.1.1.3.38.1.12
Enable / Disable Mac-Session-No Aging for Denied sessions
OBJECT-TYPE    
  EnabledStatus  

brcdDot1xAuthGlobalConfigNoAgingPermittedSessions 1.3.6.1.4.1.1991.1.1.3.38.1.13
Enable / Disable Mac-Session-No Aging for Permitted sessions
OBJECT-TYPE    
  EnabledStatus  

brcdDot1xAuthGlobalConfigAuthFailAction 1.3.6.1.4.1.1991.1.1.3.38.1.14
To Configure the action to take when the authentication fails
OBJECT-TYPE    
  INTEGER blockTraffic(1), restrictedVlan(2)  

brcdDot1xAuthPortStatTable 1.3.6.1.4.1.1991.1.1.3.38.2.1
A table that contains port EAP(Extensible Authentication Protocol) frames statistics for 802.1x authentication
OBJECT-TYPE    
  SEQUENCE OF  
    BrcdDot1xAuthPortStatEntry

brcdDot1xAuthPortStatEntry 1.3.6.1.4.1.1991.1.1.3.38.2.1.1
An entry of EAP frames statistics indexed by ifIndex
OBJECT-TYPE    
  BrcdDot1xAuthPortStatEntry  

brcdDot1xAuthPortStatRxEAPFrames 1.3.6.1.4.1.1991.1.1.3.38.2.1.1.1
The total number of EAPOL frames received on the port It includes EAP frames -
OBJECT-TYPE    
  Counter32  

brcdDot1xAuthPortStatTxEAPFrames 1.3.6.1.4.1.1991.1.1.3.38.2.1.1.2
The no of EAPOL frames transmitted on the port
OBJECT-TYPE    
  Counter32  

brcdDot1xAuthPortStatRxEAPStartFrames 1.3.6.1.4.1.1991.1.1.3.38.2.1.1.3
The number of EAPOL-Start frames received on the port
OBJECT-TYPE    
  Counter32  

brcdDot1xAuthPortStatRxEAPLogOffFrames 1.3.6.1.4.1.1991.1.1.3.38.2.1.1.4
The number of EAPOL-Logoff frames received on the port
OBJECT-TYPE    
  Counter32  

brcdDot1xAuthPortStatRxEAPRespIdFrames 1.3.6.1.4.1.1991.1.1.3.38.2.1.1.5
The number of EAP frames other than Response/Identity frames received on the port
OBJECT-TYPE    
  Counter32  

brcdDot1xAuthPortStatTxEAPReqIdFrames 1.3.6.1.4.1.1991.1.1.3.38.2.1.1.6
The number of EAP-Request/Identity frames transmitted on the port
OBJECT-TYPE    
  Counter32  

brcdDot1xAuthPortStatRxEAPInvalidFrames 1.3.6.1.4.1.1991.1.1.3.38.2.1.1.7
The number of invalid EAPOL frames received on the port
OBJECT-TYPE    
  Counter32  

brcdDot1xAuthPortStatEAPLastFrameVersionRx 1.3.6.1.4.1.1991.1.1.3.38.2.1.1.8
The version of last EAP frame received
OBJECT-TYPE    
  Unsigned32  

brcdDot1xAuthPortStatRxEAPRespOrIdFrames 1.3.6.1.4.1.1991.1.1.3.38.2.1.1.9
The number of received EAP response or Id frames on the port
OBJECT-TYPE    
  Counter32  

brcdDot1xAuthPortStatRxLengthErrorFrame 1.3.6.1.4.1.1991.1.1.3.38.2.1.1.10
The received EAP Length Error frame
OBJECT-TYPE    
  Integer32  

brcdDot1xAuthPortStatTxRequestFrames 1.3.6.1.4.1.1991.1.1.3.38.2.1.1.11
The number of transmitted EAP request frames on the port
OBJECT-TYPE    
  Counter32  

brcdDot1xAuthPortStatLastEAPFrameSource 1.3.6.1.4.1.1991.1.1.3.38.2.1.1.12
The MAC address of the source from which the last EAP frame came
OBJECT-TYPE    
  MacAddress  

brcdDot1xAuthPortStateTable 1.3.6.1.4.1.1991.1.1.3.38.4.1
A table that contains entries of port dot1x values
OBJECT-TYPE    
  SEQUENCE OF  
    BrcdDot1xAuthPortStateEntry

brcdDot1xAuthPortStateEntry 1.3.6.1.4.1.1991.1.1.3.38.4.1.1
An entry of 802.1x config values indexed by ifIndex to be able to have port values
OBJECT-TYPE    
  BrcdDot1xAuthPortStateEntry  

brcdDot1xAuthPortStateMacSessions 1.3.6.1.4.1.1991.1.1.3.38.4.1.1.1
Number of 802.1x MAC sessions per port
OBJECT-TYPE    
  Unsigned32  

brcdDot1xAuthPortStateAuthMacSessions 1.3.6.1.4.1.1991.1.1.3.38.4.1.1.2
Number of Authorized MAC sessions per port
OBJECT-TYPE    
  Unsigned32  

brcdDot1xAuthPortStateOriginalPVID 1.3.6.1.4.1.1991.1.1.3.38.4.1.1.3
Originally configured(not dynamically assigned) PVID(port's default VLAN ID) for the port
OBJECT-TYPE    
  Unsigned32  

brcdDot1xAuthPortStatePVIDMacTotal 1.3.6.1.4.1.1991.1.1.3.38.4.1.1.4
The number of devices transmitting untagged traffic on the port's PVID
OBJECT-TYPE    
  Unsigned32  

brcdDot1xAuthPortStatePVIDMacAuthorized 1.3.6.1.4.1.1991.1.1.3.38.4.1.1.5
The number of devices transmitting untagged traffic on the port's PVID as a result of dynamic VLAN assignment
OBJECT-TYPE    
  Unsigned32  

brcdDot1xAuthPortStatePortVlanState 1.3.6.1.4.1.1991.1.1.3.38.4.1.1.6
The Current Vlan state the port is in, which can be RADIUS -The port's PVID was dynamically assigned by a RADIUS server Restricted - The port's PVID is the restricted VLAN Normal - The port's PVID is not set by a RADIUS server, nor is it the restricted VLAN
OBJECT-TYPE    
  INTEGER radius(1), restricted(2), normal(3)  

brcdDot1xAuthPortStatePVID 1.3.6.1.4.1.1991.1.1.3.38.4.1.1.7
The Dot1x Authentication default Port VLAN Id
OBJECT-TYPE    
  Unsigned32  

brcdDot1xAuthPortStateRestrictPVID 1.3.6.1.4.1.1991.1.1.3.38.4.1.1.8
The number of MAC sessions on the port that failed authentication and are now in the restricted VLAN (which should be the port's current PVID)
OBJECT-TYPE    
  Unsigned32  

brcdDot1xAuthPortStateRadiusAssignPVID 1.3.6.1.4.1.1991.1.1.3.38.4.1.1.9
The number of times the port has changed PVIDs due to Radius VLAN assignment
OBJECT-TYPE    
  Unsigned32  

brcdDot1xAuthPortConfigTable 1.3.6.1.4.1.1991.1.1.3.38.3.1
A table that allows configuration of dot1x values for a given port
OBJECT-TYPE    
  SEQUENCE OF  
    BrcdDot1xAuthPortConfigEntry

brcdDot1xAuthPortConfigEntry 1.3.6.1.4.1.1991.1.1.3.38.3.1.1
An entry of 802.1x config values
OBJECT-TYPE    
  BrcdDot1xAuthPortConfigEntry  

brcdDot1xAuthPortConfigPortControl 1.3.6.1.4.1.1991.1.1.3.38.3.1.1.1
The configured port control type for the interface which can be 1. force-unauthorized - port's controlled port is placed unconditionally in the unauthorized state 2. control-auto - the controlled port is unauthorized until authentication takes place between client and RADIUS 3. force-authorized - the port's controlled port is placed unconditionally in the authorized state
OBJECT-TYPE    
  INTEGER forceUnauthorized(1), controlauto(2), forceAuthorized(3)  

brcdDot1xAuthPortConfigFilterStrictSec 1.3.6.1.4.1.1991.1.1.3.38.3.1.1.2
To configure filter strict security on the interface - enable(1) or disable(2)
OBJECT-TYPE    
  EnabledStatus  

brcdDot1xAuthPortConfigDot1xOnPort 1.3.6.1.4.1.1991.1.1.3.38.3.1.1.3
To Configure (enable / disable) 802.1x on an interface level
OBJECT-TYPE    
  EnabledStatus  

brcdDot1xAuthMacSessionTable 1.3.6.1.4.1.1991.1.1.3.38.5.1
A table that contains 802.1x MAC sessions
OBJECT-TYPE    
  SEQUENCE OF  
    BrcdDot1xAuthMacSessionEntry

brcdDot1xAuthMacSessionEntry 1.3.6.1.4.1.1991.1.1.3.38.5.1.1
An entry containing information applicable to a particular interface and client MAC ie., dot1x-mac-session
OBJECT-TYPE    
  BrcdDot1xAuthMacSessionEntry  

brcdDot1xAuthMacSessionAuthMac 1.3.6.1.4.1.1991.1.1.3.38.5.1.1.1
Mac address of the client - which basically represents the username used for RADIUS authentication
OBJECT-TYPE    
  MacAddress  

brcdDot1xAuthMacSessionUserName 1.3.6.1.4.1.1991.1.1.3.38.5.1.1.2
User name of the 802.1x mac session
OBJECT-TYPE    
  SnmpAdminString  

brcdDot1xAuthMacSessionIncomingVlanId 1.3.6.1.4.1.1991.1.1.3.38.5.1.1.3
Incoming VLAN ID
OBJECT-TYPE    
  VlanId  

brcdDot1xAuthMacSessionCurrentVlanId 1.3.6.1.4.1.1991.1.1.3.38.5.1.1.4
The VLAN to which the port is currently assigned
OBJECT-TYPE    
  VlanId  

brcdDot1xAuthMacSessionAccessStatus 1.3.6.1.4.1.1991.1.1.3.38.5.1.1.5
The authentication state of the dot1x-mac-session - which can be permitted, denied, restricted or in the Init state
OBJECT-TYPE    
  INTEGER permit(1), blocked(2), restrict(3), init(4)  

brcdDot1xAuthMacSessionMaxAge 1.3.6.1.4.1.1991.1.1.3.38.5.1.1.6
MAX Age of the mac session in which the MAC address is authenticated.
OBJECT-TYPE    
  Unsigned32  

brcdDot1xAuthMacSessionAddrType 1.3.6.1.4.1.1991.1.1.3.38.5.1.1.7
Client(supplicant) IP address Type. Supported address types are ipv4(1) and ipv6(2)
OBJECT-TYPE    
  InetAddressType  

brcdDot1xAuthMacSessionIpAddr 1.3.6.1.4.1.1991.1.1.3.38.5.1.1.8
The IP Address of the client
OBJECT-TYPE    
  InetAddress  

brcdDot1xAuthMacSessionAging 1.3.6.1.4.1.1991.1.1.3.38.5.1.1.9
The age's type - Hardware or Software aging, Ena in which case the aging hasn't started, or notapplicable when there is a fake 802.1x mac session
OBJECT-TYPE    
  INTEGER software(1), hardware(2), ena(3), notapplicable(4)  

brcdDot1xAuthGlobalAdminConfigStatus 1.3.6.1.4.1.1991.1.1.3.38.6.1
Used to enable /disable 802.1x authentication globally
OBJECT-TYPE    
  EnabledStatus