CISCO-AAA-SERVER-MIB

File: CISCO-AAA-SERVER-MIB.mib (28727 bytes)

Imported modules

SNMPv2-SMI SNMPv2-CONF SNMPv2-TC
CISCO-SMI

Imported symbols

MODULE-IDENTITY NOTIFICATION-TYPE OBJECT-TYPE
Counter32 IpAddress Unsigned32
MODULE-COMPLIANCE OBJECT-GROUP NOTIFICATION-GROUP
TimeInterval DisplayString TruthValue
RowStatus TEXTUAL-CONVENTION ciscoExperiment

Defined Types

CiscoAAAProtocol  
TEXTUAL-CONVENTION    
  current INTEGER tacacsplus(1), radius(2), ldap(3), kerberos(4), ntlm(5), sdi(6), other(7)

CasConfigEntry  
SEQUENCE    
  casProtocol CiscoAAAProtocol
  casIndex Unsigned32
  casAddress IpAddress
  casAuthenPort INTEGER
  casAcctPort INTEGER
  casKey DisplayString
  casPriority Unsigned32
  casConfigRowStatus RowStatus

CasStatisticsEntry  
SEQUENCE    
  casAuthenRequests Counter32
  casAuthenRequestTimeouts Counter32
  casAuthenUnexpectedResponses Counter32
  casAuthenServerErrorResponses Counter32
  casAuthenIncorrectResponses Counter32
  casAuthenResponseTime TimeInterval
  casAuthenTransactionSuccesses Counter32
  casAuthenTransactionFailures Counter32
  casAuthorRequests Counter32
  casAuthorRequestTimeouts Counter32
  casAuthorUnexpectedResponses Counter32
  casAuthorServerErrorResponses Counter32
  casAuthorIncorrectResponses Counter32
  casAuthorResponseTime TimeInterval
  casAuthorTransactionSuccesses Counter32
  casAuthorTransactionFailures Counter32
  casAcctRequests Counter32
  casAcctRequestTimeouts Counter32
  casAcctUnexpectedResponses Counter32
  casAcctServerErrorResponses Counter32
  casAcctIncorrectResponses Counter32
  casAcctResponseTime TimeInterval
  casAcctTransactionSuccesses Counter32
  casAcctTransactionFailures Counter32
  casState INTEGER
  casCurrentStateDuration TimeInterval
  casPreviousStateDuration TimeInterval
  casTotalDeadTime TimeInterval
  casDeadCount Counter32

Defined Values

ciscoAAAServerMIB 1.3.6.1.4.1.9.10.56
The MIB module for monitoring communications and status of AAA Server operation
MODULE-IDENTITY    

cAAAServerMIBObjects 1.3.6.1.4.1.9.10.56.1
OBJECT IDENTIFIER    

casConfig 1.3.6.1.4.1.9.10.56.1.1
OBJECT IDENTIFIER    

casStatistics 1.3.6.1.4.1.9.10.56.1.2
OBJECT IDENTIFIER    

casServerStateChangeEnable 1.3.6.1.4.1.9.10.56.1.1.1
This variable controls the generation of casServerStateChange notification. When this variable is true(1), generation of casServerStateChange notifications is enabled. When this variable is false(2), generation of casServerStateChange notifications is disabled. The default value is false(2).
OBJECT-TYPE    
  TruthValue  

casConfigTable 1.3.6.1.4.1.9.10.56.1.1.2
This table shows current configurations for each AAA server, allows existing servers to be removed and new ones to be created.
OBJECT-TYPE    
  SEQUENCE OF  
    CasConfigEntry

casConfigEntry 1.3.6.1.4.1.9.10.56.1.1.2.1
An AAA server configuration identified by its protocol and its index. An entry is created/removed when a server is defined or undefined with IOS configuration commands via CLI or by issuing appropriate sets to this table using snmp. A management station wishing to create an entry should first generate a random number to be used as the index to this sparse table. The station should then create the associated instance of the row status and row index objects. It must also, either in the same or in successive PDUs, create an instance of casAddress where casAddress is the IP address of the server to be added. It should also modify the default values for casAuthenPort, casAcctPort if the defaults are not appropriate. If casKey is a zero-length string or is not explicitly set, then the global key will be used. Otherwise, this value is used as the key for this server instance. Once the appropriate instance of all the configuration objects have been created, either by an explicit SNMP set request or by default, the row status should be set to active(1) to initiate the request. After the AAA server is made active, the entry can not be modified - the only allowed operation after this is to destroy the entry by setting casConfigRowStatus to destroy(6). casPriority is automatically assigned once the entry is made active and reflects the relative priority of the defined server with respect to already configured servers. Newly-created servers will be assigned the lowest priority. To reassign server priorities to existing server entries, it may be necessary to destroy and recreate entries in order of priority. Entries in this table with casConfigRowStatus equal to active(1) remain in the table until destroyed. Entries in this table with casConfigRowStatus equal to values other than active(1) will be destroyed after timeout (5 minutes). If a server address being created via SNMP exists already in another active casConfigEntry, then a newly created row can not be made active until the original row with the with the same server address value is destroyed. Upon reload, casIndex values may be changed, but the priorities that were saved before reload will be retained, with lowest priority number corresponding to the higher priority servers.
OBJECT-TYPE    
  CasConfigEntry  

casProtocol 1.3.6.1.4.1.9.10.56.1.1.2.1.1
The variable denotes the protocol used by the managed device with the AAA server corresponding to this entry in the table.
OBJECT-TYPE    
  CiscoAAAProtocol  

casIndex 1.3.6.1.4.1.9.10.56.1.1.2.1.2
A management station wishing to initiate a new AAA server configuration should use a random value for this object when creating an instance of casConfigEntry. The RowStatus semantics of the casConfigRowStatus object will prevent access conflicts. If the randomly chosen casIndex value for row creation is already in use by an existing entry, snmp set to the casIndex value will fail.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

casAddress 1.3.6.1.4.1.9.10.56.1.1.2.1.3
The IP address of the server.
OBJECT-TYPE    
  IpAddress  

casAuthenPort 1.3.6.1.4.1.9.10.56.1.1.2.1.4
UDP/TCP port used for authentication in the configuration For TACACS+, this object should be explictly set. Default value is the IOS default for radius: 1645.
OBJECT-TYPE    
  INTEGER 0..65535  

casAcctPort 1.3.6.1.4.1.9.10.56.1.1.2.1.5
UDP/TCP port used for accounting service in the configuration For TACACS+, the value of casAcctPort is ignored. casAuthenPort will be used instead. Default value is the IOS default for radius: 1646.
OBJECT-TYPE    
  INTEGER 0..65535  

casKey 1.3.6.1.4.1.9.10.56.1.1.2.1.6
The server key to be used with this server. Retrieving the value of this object via SNMP will return an empty string for security reasons.
OBJECT-TYPE    
  DisplayString  

casPriority 1.3.6.1.4.1.9.10.56.1.1.2.1.7
A number that indicates the priority of the server in this entry. Lower numbers indicate higher priority.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

casConfigRowStatus 1.3.6.1.4.1.9.10.56.1.1.2.1.8
The status of this table entry. Once the entry status is set to active, the associated entry cannot be modified except destroyed by setting this object to destroy(6).
OBJECT-TYPE    
  RowStatus  

casStatisticsTable 1.3.6.1.4.1.9.10.56.1.2.1
Table providing statistics for each server.
OBJECT-TYPE    
  SEQUENCE OF  
    CasStatisticsEntry

casStatisticsEntry 1.3.6.1.4.1.9.10.56.1.2.1.1
Statistical information about a particular server. Objects in this table are read-only and appear automatically whenever a row in the casConfigTable is made active. Objects in this table disappear when casConfigRowStatus for the corresponding casConfigEntry is set to the destroy(6) state.
OBJECT-TYPE    
  CasStatisticsEntry  

casAuthenRequests 1.3.6.1.4.1.9.10.56.1.2.1.1.1
The number of authentication requests sent to this server since it is made active. Retransmissions due to request timeouts are counted as distinct requests.
OBJECT-TYPE    
  Counter32  

casAuthenRequestTimeouts 1.3.6.1.4.1.9.10.56.1.2.1.1.2
The number of authentication requests which have timed out since it is made active. A timeout results in a retransmission of the request If the maximum number of attempts has been reached, no further retransmissions will be attempted.
OBJECT-TYPE    
  Counter32  

casAuthenUnexpectedResponses 1.3.6.1.4.1.9.10.56.1.2.1.1.3
The number of unexpected authentication responses received from this server since it is made active. An example is a delayed response to a request which had already timed out.
OBJECT-TYPE    
  Counter32  

casAuthenServerErrorResponses 1.3.6.1.4.1.9.10.56.1.2.1.1.4
The number of server ERROR authentication responses received from this server since it is made active. These are responses indicating that the server itself has identified an error with its authentication operation.
OBJECT-TYPE    
  Counter32  

casAuthenIncorrectResponses 1.3.6.1.4.1.9.10.56.1.2.1.1.5
The number of authentication responses which could not be processed since it is made active. Reasons include inability to decrypt the response, invalid fields, or the response is not valid based on the request.
OBJECT-TYPE    
  Counter32  

casAuthenResponseTime 1.3.6.1.4.1.9.10.56.1.2.1.1.6
Average response time for authentication requests sent to this server, excluding timeouts, since system re-initialization.
OBJECT-TYPE    
  TimeInterval  

casAuthenTransactionSuccesses 1.3.6.1.4.1.9.10.56.1.2.1.1.7
The number of authentication transactions with this server which succeeded since it is made active. A transaction may include multiple request retransmissions if timeouts occur. A transaction is successful if the server responds with either an authentication pass or fail.
OBJECT-TYPE    
  Counter32  

casAuthenTransactionFailures 1.3.6.1.4.1.9.10.56.1.2.1.1.8
The number of authentication transactions with this server which failed since it is made active. A transaction may include multiple request retransmissions if timeouts occur. A transaction failure occurs if maximum resends have been met or the server aborts the transaction.
OBJECT-TYPE    
  Counter32  

casAuthorRequests 1.3.6.1.4.1.9.10.56.1.2.1.1.9
The number of authorization requests sent to this server since it is made active. Retransmissions due to request timeouts are counted as distinct requests. This object is not instantiated for protocols which do not support a distinct authorization function.
OBJECT-TYPE    
  Counter32  

casAuthorRequestTimeouts 1.3.6.1.4.1.9.10.56.1.2.1.1.10
The number of authorization requests which have timed out since it is made active. A timeout results in a retransmission of the request If the maximum number of attempts has been reached, no further retransmissions will be attempted. This object is not instantiated for protocols which do not support a distinct authorization function.
OBJECT-TYPE    
  Counter32  

casAuthorUnexpectedResponses 1.3.6.1.4.1.9.10.56.1.2.1.1.11
The number of unexpected authorization responses received from this server since it is made active. An example is a delayed response to a request which had already timed out. This object is not instantiated for protocols which do not support a distinct authorization function.
OBJECT-TYPE    
  Counter32  

casAuthorServerErrorResponses 1.3.6.1.4.1.9.10.56.1.2.1.1.12
The number of server ERROR authorization responses received from this server since it is made active. These are responses indicating that the server itself has identified an error with its authorization operation. This object is not instantiated for protocols which do not support a distinct authorization function.
OBJECT-TYPE    
  Counter32  

casAuthorIncorrectResponses 1.3.6.1.4.1.9.10.56.1.2.1.1.13
The number of authorization responses which could not be processed since it is made active. Reasons include inability to decrypt the response, invalid fields, or the response is not valid based on the request. This object is not instantiated for protocols which do not support a distinct authorization function.
OBJECT-TYPE    
  Counter32  

casAuthorResponseTime 1.3.6.1.4.1.9.10.56.1.2.1.1.14
Average response time for authorization requests sent to this server, excluding timeouts, since system re-initialization. This object is not instantiated for protocols which do not support a distinct authorization function.
OBJECT-TYPE    
  TimeInterval  

casAuthorTransactionSuccesses 1.3.6.1.4.1.9.10.56.1.2.1.1.15
The number of authorization transactions with this server which succeeded since it is made active. A transaction may include multiple request retransmissions if timeouts occur. A transaction is successful if the server responds with either an authorization pass or fail. This object is not instantiated for protocols which do not support a distinct authorization function.
OBJECT-TYPE    
  Counter32  

casAuthorTransactionFailures 1.3.6.1.4.1.9.10.56.1.2.1.1.16
The number of authorization transactions with this server which failed since it is made active. A transaction may include multiple request retransmissions if timeouts occur. A transaction failure occurs if maximum resends have been met or the server aborts the transaction. This object is not instantiated for protocols which do not support a distinct authorization function.
OBJECT-TYPE    
  Counter32  

casAcctRequests 1.3.6.1.4.1.9.10.56.1.2.1.1.17
The number of accounting requests sent to this server since system re-initialization. Retransmissions due to request timeouts are counted as distinct requests.
OBJECT-TYPE    
  Counter32  

casAcctRequestTimeouts 1.3.6.1.4.1.9.10.56.1.2.1.1.18
The number of accounting requests which have timed out since system re-initialization. A timeout results in a retransmission of the request If the maximum number of attempts has been reached, no further retransmissions will be attempted.
OBJECT-TYPE    
  Counter32  

casAcctUnexpectedResponses 1.3.6.1.4.1.9.10.56.1.2.1.1.19
The number of unexpected accounting responses received from this server since system re-initialization. An example is a delayed response to a request which had already timed out.
OBJECT-TYPE    
  Counter32  

casAcctServerErrorResponses 1.3.6.1.4.1.9.10.56.1.2.1.1.20
The number of server ERROR accounting responses received from this server since system re-initialization. These are responses indicating that the server itself has identified an error with its accounting operation.
OBJECT-TYPE    
  Counter32  

casAcctIncorrectResponses 1.3.6.1.4.1.9.10.56.1.2.1.1.21
The number of accounting responses which could not be processed since system re-initialization. Reasons include inability to decrypt the response, invalid fields, or the response is not valid based on the request.
OBJECT-TYPE    
  Counter32  

casAcctResponseTime 1.3.6.1.4.1.9.10.56.1.2.1.1.22
Average response time for accounting requests sent to this server,, since system re-initialization excluding timeouts.
OBJECT-TYPE    
  TimeInterval  

casAcctTransactionSuccesses 1.3.6.1.4.1.9.10.56.1.2.1.1.23
The number of accounting transactions with this server which succeeded since system re-initialization. A transaction may include multiple request retransmissions if timeouts occur. A transaction is successful if the server responds with either an accounting pass or fail.
OBJECT-TYPE    
  Counter32  

casAcctTransactionFailures 1.3.6.1.4.1.9.10.56.1.2.1.1.24
The number of accounting transactions with this server which failed since system re-initialization. A transaction may include multiple request retransmissions if timeouts occur. A transaction failure occurs if maximum resends have been met or the server aborts the transaction.
OBJECT-TYPE    
  Counter32  

casState 1.3.6.1.4.1.9.10.56.1.2.1.1.25
Current state of this server. up(1) - Server responding to requests dead(2) - Server failed to respond A server is marked dead if it does not respond after maximum retransmissions. A server is marked up again either after a waiting period or if some response is received from it. The initial value of casState is 'up(1)' at system re-initialization. This will only transistion to 'dead(2)' if an attempt to communicate fails.
OBJECT-TYPE    
  INTEGER up(1), dead(2)  

casCurrentStateDuration 1.3.6.1.4.1.9.10.56.1.2.1.1.26
This object provides the elapsed time the server has been in its current state as shown in casState.
OBJECT-TYPE    
  TimeInterval  

casPreviousStateDuration 1.3.6.1.4.1.9.10.56.1.2.1.1.27
This object provides the elapsed time the server was been in its previous state prior to the most recent transistion of casState. This value is zero if the server has not changed state.
OBJECT-TYPE    
  TimeInterval  

casTotalDeadTime 1.3.6.1.4.1.9.10.56.1.2.1.1.28
The total elapsed time this server's casState has had the value 'dead(2)' since system re-initialization.
OBJECT-TYPE    
  TimeInterval  

casDeadCount 1.3.6.1.4.1.9.10.56.1.2.1.1.29
The number of times this server's casState has transitioned to 'dead(2)' since system re-initialization.
OBJECT-TYPE    
  Counter32  

cAAAServerMIBNotificationPrefix 1.3.6.1.4.1.9.10.56.2
OBJECT IDENTIFIER    

cAAAServerMIBNotifications 1.3.6.1.4.1.9.10.56.2.0
OBJECT IDENTIFIER    

casServerStateChange 1.3.6.1.4.1.9.10.56.2.0.1
An AAA server state change notification is generated whenever casState changes value.
NOTIFICATION-TYPE    

cAAAServerMIBConformance 1.3.6.1.4.1.9.10.56.3
OBJECT IDENTIFIER    

casMIBCompliances 1.3.6.1.4.1.9.10.56.3.1
OBJECT IDENTIFIER    

casMIBGroups 1.3.6.1.4.1.9.10.56.3.2
OBJECT IDENTIFIER    

casMIBCompliance 1.3.6.1.4.1.9.10.56.3.1.1
Create/Write access is not required.
MODULE-COMPLIANCE    

casStatisticsGroup 1.3.6.1.4.1.9.10.56.3.2.1
Objects for providing AAA server statistics and status.
OBJECT-GROUP    

casConfigGroup 1.3.6.1.4.1.9.10.56.3.2.2
Objects for configuring the AAA servers.
OBJECT-GROUP    

casServerNotificationGroup 1.3.6.1.4.1.9.10.56.3.2.3
The collection of notifications used for monitoring AAA server status
NOTIFICATION-GROUP