CISCO-NAC-NAD-MIB

File: CISCO-NAC-NAD-MIB.mib (94322 bytes)

Imported modules

SNMPv2-SMI SNMPv2-CONF SNMPv2-TC
IF-MIB INET-ADDRESS-MIB SNMP-FRAMEWORK-MIB
CISCO-TC CISCO-POLICY-GROUP-MIB CISCO-NAC-TC-MIB
CISCO-SMI

Imported symbols

MODULE-IDENTITY OBJECT-TYPE Unsigned32
Integer32 MODULE-COMPLIANCE OBJECT-GROUP
StorageType RowStatus TruthValue
MacAddress TimeStamp ifIndex
InterfaceIndex InterfaceIndexOrZero InetPortNumber
InetAddressType InetAddressPrefixLength InetAddress
SnmpAdminString CiscoURLString CpgPolicyNameOrEmpty
CnnEouPostureToken CnnEouPostureTokenString CnnEouState
CnnEouAuthType CnnEouDeviceType ciscoMgmt

Defined Types

CnnEouIfIpDevTrackConfigEntry  
SEQUENCE    
  cnnEouIfIpDevTrackEnabled TruthValue

CnnEouAuthIpEntry  
SEQUENCE    
  cnnEouAuthIpAddrType InetAddressType
  cnnEouAuthIpAddr InetAddress
  cnnEouAuthIpAddrMask InetAddressPrefixLength
  cnnEouAuthIpPolicy SnmpAdminString
  cnnEouAuthIpStorageType StorageType
  cnnEouAuthIpRowStatus RowStatus

CnnEouAuthMacEntry  
SEQUENCE    
  cnnEouAuthMacAddr MacAddress
  cnnEouAuthMacAddrMask MacAddress
  cnnEouAuthMacPolicy SnmpAdminString
  cnnEouAuthMacStorageType StorageType
  cnnEouAuthMacRowStatus RowStatus

CnnEouAuthDeviceTypeEntry  
SEQUENCE    
  cnnEouAuthDeviceType CnnEouDeviceType
  cnnEouAuthDeviceTypeStorageType StorageType
  cnnEouAuthDeviceTypeRowStatus RowStatus

CnnEouIfConfigEntry  
SEQUENCE    
  cnnEouIfAdminStatus INTEGER
  cnnEouIfMaxRetry Integer32
  cnnEouIfValidateAction INTEGER
  cnnEouIfTimeoutGlobalConfig BITS
  cnnEouIfTimeoutAAA Unsigned32
  cnnEouIfTimeoutHoldPeriod Unsigned32
  cnnEouIfTimeoutRetransmit Unsigned32
  cnnEouIfTimeoutRevalidation Unsigned32
  cnnEouIfTimeoutStatusQuery Unsigned32
  cnnEouIfAaaFailPolicy CpgPolicyNameOrEmpty
  cnnEouIfAllowClientless TruthValue
  cnnEouIfAllowIpStationId TruthValue

CnnEouHostQueryEntry  
SEQUENCE    
  cnnEouHostQueryIndex Unsigned32
  cnnEouHostQueryMask INTEGER
  cnnEouHostQueryInterface InterfaceIndexOrZero
  cnnEouHostQueryIpAddrType InetAddressType
  cnnEouHostQueryIpAddr InetAddress
  cnnEouHostQueryMacAddr MacAddress
  cnnEouHostQueryPostureToken CnnEouPostureToken
  cnnEouHostQuerySkipNHosts Unsigned32
  cnnEouHostQueryMaxResultRows Unsigned32
  cnnEouHostQueryTotalHosts Integer32
  cnnEouHostQueryRows Integer32
  cnnEouHostQueryCreateTime TimeStamp
  cnnEouHostQueryStatus RowStatus
  cnnEouHostQueryPostureTokenStr CnnEouPostureTokenString

CnnEouHostResultEntry  
SEQUENCE    
  cnnEouHostResultIndex Unsigned32
  cnnEouHostResultAssocIf InterfaceIndex
  cnnEouHostResultIpAddrType InetAddressType
  cnnEouHostResultIpAddr InetAddress
  cnnEouHostResultMacAddr MacAddress
  cnnEouHostResultAuthType CnnEouAuthType
  cnnEouHostResultPostureToken CnnEouPostureToken
  cnnEouHostResultAge Unsigned32
  cnnEouHostResultUrlRedir CiscoURLString
  cnnEouHostResultAclName SnmpAdminString
  cnnEouHostResultStatusQryPeriod Unsigned32
  cnnEouHostResultRevalidatePeriod Unsigned32
  cnnEouHostResultState CnnEouState
  cnnEouHostResultPostureTokenStr CnnEouPostureTokenString
  cnnEouHostResultUrlRedirectAcl SnmpAdminString
  cnnEouHostResultTagName SnmpAdminString
  cnnEouHostResultAuditSessionId SnmpAdminString
  cnnEouHostResultAaaFailPolicy SnmpAdminString

Defined Values

ciscoNacNadMIB 1.3.6.1.4.1.9.9.484
This MIB module is for the configuration of a Network Access Device (NAD) on the Cisco Network Admission Control (NAC) system. EndPoint -------------- NAD ------- AAA ------ PVS (SecurApp) EAPoUDP/802.1x RADIUS HCAP (Plugin) (PA) Cisco NAC system The Cisco Network Admission Control (NAC) security solution offers a systems approach to customers for ensuring endpoint device compliancy and vulnerability checks prior to production access to the network. Cisco refers to these compliancy checks as posture validations. The intent of this systems approach is to prevent the spread of works, viruses, and rogue applications across the network. This systems approach requires integration with third party end point security applications, as well as endpoint security servers. The Network Access Device (NAD) enforces network access control privileges by controlling which endpoint devices have access to network destinations and services reachable through that NAD. Endpoint devices that do not have the PA installed, enabled, or cannot otherwise respond to the NAD posture challenges are considered non-responsive hosts. Upon recognition of an incoming endpoint device at L2 or L3, the NAD issues a challenge to the endpoint device for posture credentials. Endpoint devices with a PA will recognize the challenge and respond with the necessary posture credentials. The NAD acts as a relay agent between the endpoint device and AAA server for all messages in the posture validation exchange. Once the validation is complete, the NAD enforces the access policy profile downloaded from the AAA Server, e.g. (i) provide full access (ii) deny all access through the NAD restrict access (quarantine) or (iii) some intermediate level of network access restriction or quarantine. Between posture revalidations, the NAD may issue periodic status queries to determine that the each endpoint device using the NAD is still the same device that was first postured, and that the endpoint device's posture credentials have not changed. This mechanism is a challenge response protocol that does not involve the AAA Server nor does it require the posture plugins to resend any credentials. It is used to trigger a full posture revalidation with the AAA Server when the endpoint device's credentials have changed (e.g. to revalidate the host endpoint device after remediation), or a new host endpoint device connects with a previously authorized IP address. The NAD supports a local exception list based on IP, MAC address or device type so that certain endpoint devices can bypass the posture validation process based on system administrator configuration. Also, the NAD may be configured to query the AAA server for access policies associated with endpoint devices that do not have a Posture Agent installed, clientless host endpoint devices. Posture Validation occurs when a NAC-enabled network access device (NAC) detects an endpoint device attempting to connect or use its network resources and it issues the endpoint device a posture challenge. An endpoint device with a resident posture agent will respond to the challenge with sets of posture credentials from one or more posture plugins which can detail the state of the various hardware and software components on the endpoint device. The posture agent response is forwarded by the network access device to an AAA server which may in turn delegate parts of the decision to posture validation server. Evaluation of the credentials against posture validation policies results in an authorization decision or posture token, representing the endpoint device's relative compliance to the network compliance policy. The AAA server then sends the respective network access profile to the network access device for enforcement of the endpoint device authorization. The Cisco Technology consists of the following: Endpoint Device - Any host attempting to connect or use the resource of a network. - e.g., a personal computer, personal data digital assistant, or data server, or other network attached device. NAD - Network Access Device that enforces network access control policies through layer 2 or layer 3 challenge-responses with a network enabled Endpoint device. PC - Posture Credentials that describe the state of an application and/or operating system that is running on an endpoint device at the time a layer 2 or layer 3 challenge response is issued by a NAD. PP - Posture Plugin. A module implemented by an application or agent provider that is responsible for supplying the relevant posture credentials for the application or agent. PA - Posture Agent. Host agent software that serves as a broker on the host for aggregating credential from potentially multiple posture plugins and communicating with the network. CTA - Cisco Trust Agent. Cisco's implementation of the posture agent. EAP - Extensible Authentication Protocol. An extension to PPP. EOU - Extensible Authentication Protocol over UDP. ACS/AAA - Cisco Secure Access Control Server. The primary authorization server that is the network policy decision point and is extended to support posture validation. PVS - Posture Validation Server. UCT - Un Conditional Transition. Clientless - Client without Cisco Posture Agent. Tag - Tag is a policy specifier which is mapped to a policy template based on specific rules. The Tag allows network administrators to define enforcement policies on local device and have a RADIUS server specify the policy Template to be enforced.
MODULE-IDENTITY    

ciscoNacNadMIBNotifs 1.3.6.1.4.1.9.9.484.0
OBJECT IDENTIFIER    

ciscoNacNadMIBObjects 1.3.6.1.4.1.9.9.484.1
OBJECT IDENTIFIER    

ciscoNacNadMIBConformance 1.3.6.1.4.1.9.9.484.2
OBJECT IDENTIFIER    

cnnEouGlobalObjects 1.3.6.1.4.1.9.9.484.1.1
OBJECT IDENTIFIER    

cnnEouAuthorizeLists 1.3.6.1.4.1.9.9.484.1.2
OBJECT IDENTIFIER    

cnnEouIfMIBObjects 1.3.6.1.4.1.9.9.484.1.3
OBJECT IDENTIFIER    

cnnEouHostMIBObjects 1.3.6.1.4.1.9.9.484.1.4
OBJECT IDENTIFIER    

cnnIpDeviceTrackingObjects 1.3.6.1.4.1.9.9.484.1.5
OBJECT IDENTIFIER    

cnnEouVersion 1.3.6.1.4.1.9.9.484.1.1.1
The version of EOU in use on the local system. Value zero indicates the version can not be determined.
OBJECT-TYPE    
  Unsigned32  

cnnEouEnabled 1.3.6.1.4.1.9.9.484.1.1.2
Indicates whether the posture validation via EOU is globally enabled or disabled in the device.
OBJECT-TYPE    
  TruthValue  

cnnEouAllowClientless 1.3.6.1.4.1.9.9.484.1.1.3
Indicates whether to allow authentication of clientless hosts (system that does not run Cisco Trust Agent).
OBJECT-TYPE    
  TruthValue  

cnnEouAllowIpStationId 1.3.6.1.4.1.9.9.484.1.1.4
It indicates whether to send the host IP address in the calling station ID field of RADIUS request.
OBJECT-TYPE    
  TruthValue  

cnnEouLoggingEnabled 1.3.6.1.4.1.9.9.484.1.1.5
To enable or disable EOU system logging events. Set to 'true' to enable syslog message at an informational level (syslog level 6).
OBJECT-TYPE    
  TruthValue  

cnnEouMaxRetry 1.3.6.1.4.1.9.9.484.1.1.6
The number of maximum retry attempts for EOU.
OBJECT-TYPE    
  Integer32  

cnnEouPort 1.3.6.1.4.1.9.9.484.1.1.7
The UDP port for EOU. The port cannot conflict with other UDP application.
OBJECT-TYPE    
  InetPortNumber  

cnnEouRateLimit 1.3.6.1.4.1.9.9.484.1.1.8
The number of clients that can be simultaneously validated. Set the rate limit to 0 (zero), rate limiting will be turned off. If the rate limit is set to 100 and there are 101 clients, validation will not occur until one drop off.
OBJECT-TYPE    
  Unsigned32  

cnnEouTimeoutAAA 1.3.6.1.4.1.9.9.484.1.1.9
Timeout period used by NAD with AAA (Authentication, Authorization and Accounting.
OBJECT-TYPE    
  Unsigned32  

cnnEouTimeoutHoldPeriod 1.3.6.1.4.1.9.9.484.1.1.10
Length of time that can elapse before the client sessions are purged from the system due to client inactivity.
OBJECT-TYPE    
  Unsigned32  

cnnEouTimeoutRetransmit 1.3.6.1.4.1.9.9.484.1.1.11
The timeout period for the EOU message retransmitted.
OBJECT-TYPE    
  Unsigned32  

cnnEouTimeoutRevalidation 1.3.6.1.4.1.9.9.484.1.1.12
The timeout period for the revalidation. Setting this object to 0 will globally disable periodic revalidation on this device.
OBJECT-TYPE    
  Unsigned32  

cnnEouTimeoutStatusQuery 1.3.6.1.4.1.9.9.484.1.1.13
The timeout period for the status query after revalidation.
OBJECT-TYPE    
  Unsigned32  

cnnEouCriticalRecoveryDelay 1.3.6.1.4.1.9.9.484.1.1.14
This object specifies the EOU critical recovery delay time for the device. A value of zero indicates that critical recovery delay feature is disabled.
OBJECT-TYPE    
  Unsigned32  

cnnEouRevalidationEnabled 1.3.6.1.4.1.9.9.484.1.1.15
Indicates whether the EOU revalidation is globally enabled or disabled in the device.
OBJECT-TYPE    
  TruthValue  

cnnIpDeviceTrackingEnabled 1.3.6.1.4.1.9.9.484.1.5.1
Specifies whether the IP device tracking feature is globally enabled or disabled on this device.
OBJECT-TYPE    
  TruthValue  

cnnIpDeviceTrackingProbeCount 1.3.6.1.4.1.9.9.484.1.5.2
Specifies the number of times that this device sends the ARP probe to an IP device before removing the IP device from the IP device tracking table.
OBJECT-TYPE    
  Unsigned32  

cnnIpDeviceTrackingProbeInterval 1.3.6.1.4.1.9.9.484.1.5.3
Specifies the number of the seconds that this device waits before resending the ARP probe.
OBJECT-TYPE    
  Unsigned32  

cnnEouIfIpDevTrackConfigTable 1.3.6.1.4.1.9.9.484.1.5.4
A table of IP Device Tracking configuration for EOU interfaces in the system.
OBJECT-TYPE    
  SEQUENCE OF  
    CnnEouIfIpDevTrackConfigEntry

cnnEouIfIpDevTrackConfigEntry 1.3.6.1.4.1.9.9.484.1.5.4.1
A set of EOU IP Device Tracking configuration information on an EOU interface.
OBJECT-TYPE    
  CnnEouIfIpDevTrackConfigEntry  

cnnEouIfIpDevTrackEnabled 1.3.6.1.4.1.9.9.484.1.5.4.1.1
Specifies if IP Device Tracking feature is enabled on this interface.
OBJECT-TYPE    
  TruthValue  

cnnEouAuthIpTable 1.3.6.1.4.1.9.9.484.1.2.1
A list of statically authorized IP devices in the system.
OBJECT-TYPE    
  SEQUENCE OF  
    CnnEouAuthIpEntry

cnnEouAuthIpEntry 1.3.6.1.4.1.9.9.484.1.2.1.1
An entry containing the associated policy information of the statically authorized IP device. An entry can be created, or deleted by using cnnEouAuthIpRowStatus. Each statically authorized IP device is associated with a policy. By creating, deleting or modifying an entry in this table, users can add, delete or modify a policy for a particular statically authorized IP device. In order to add the statically authorized IP device into exception-list and associate with the specific policy, user has to create an entry for the device.
OBJECT-TYPE    
  CnnEouAuthIpEntry  

cnnEouAuthIpAddrType 1.3.6.1.4.1.9.9.484.1.2.1.1.1
The type of Internet address by which the statically authorized IP device is reachable.
OBJECT-TYPE    
  InetAddressType  

cnnEouAuthIpAddr 1.3.6.1.4.1.9.9.484.1.2.1.1.2
The Internet address for the statically authorized IP device. The type of this address is determined by the value of the cnnEouAuthIpAddrType object.
OBJECT-TYPE    
  InetAddress Size(1..64)  

cnnEouAuthIpAddrMask 1.3.6.1.4.1.9.9.484.1.2.1.1.3
Using 'inverse mask' to support IP wildcards. The mask used with the source IP address will specify what traffic is exempted from EAP validation. e.g. cnnEouAuthIpAddr: 10.0.0.0 cnnEouAuthIpAddrMask: 0.255.255.255 This exempts any IP in the subnet at 10.x.x.x from posture validation. cnnEouAuthIpAddr: 10.1.2.1 cnnEouAuthIpAddrMask: 0.0.0.0 This exempts host IP 10.1.2.1 from posture validation. cnnEouAuthIpAddr: 10.0.0.0 cnnEouAuthIpAddrMask: 255.255.255.255 Mask value of 255.255.255.255 will exempt ALL hosts from posture validation.
OBJECT-TYPE    
  InetAddressPrefixLength  

cnnEouAuthIpPolicy 1.3.6.1.4.1.9.9.484.1.2.1.1.4
The policy associate with the statically authorized IP device. The policy needs to be present in the policy-database before an statically authorized IP device can be associated to it.
OBJECT-TYPE    
  SnmpAdminString  

cnnEouAuthIpStorageType 1.3.6.1.4.1.9.9.484.1.2.1.1.5
The storage type for this conceptual row.
OBJECT-TYPE    
  StorageType  

cnnEouAuthIpRowStatus 1.3.6.1.4.1.9.9.484.1.2.1.1.6
The status of this conceptual row. To create an entry, users set the value of this object to 'createAndGo'. The transition from 'active' to 'notInService' may not be supported. A row may be deleted by setting the RowStatus to 'destroy'. Once a row becomes active, values within the row cannot be modified, except by deleting and re-creating the row.
OBJECT-TYPE    
  RowStatus  

cnnEouAuthMacTable 1.3.6.1.4.1.9.9.484.1.2.2
A list of static authorized devices identified by MAC address.
OBJECT-TYPE    
  SEQUENCE OF  
    CnnEouAuthMacEntry

cnnEouAuthMacEntry 1.3.6.1.4.1.9.9.484.1.2.2.1
An entry containing the associated policy information of the statically authorized device identified by MAC address. The entry is created, and deleted by using cnnEouAuthMacRowStatus.
OBJECT-TYPE    
  CnnEouAuthMacEntry  

cnnEouAuthMacAddr 1.3.6.1.4.1.9.9.484.1.2.2.1.1
The MAC address of the static authorized device.
OBJECT-TYPE    
  MacAddress  

cnnEouAuthMacAddrMask 1.3.6.1.4.1.9.9.484.1.2.2.1.2
Using 'inverse mask' support MAC wildcards. The mask used with the source MAC address will specify what traffic is exempted from EAP validation. e.g. cnnEouAuthMacAddr: 00:0d:bc:ef:eb:bd cnnEouAuthMacAddrMask: 00:00:ff:ff:ff:ff This exempts any MAC in the range 00:0d:00:00:00:00 from posture validation. cnnEouAuthMacAddr: 00:0d:bc:ef:eb:bd cnnEouAuthMacAddrMask: 00:00:00:00:00:00 This exempts specific MAC 00:0d:bc:ef:eb:bd from posture validation. cnnEouAuthMacAddr: 00:0d:bc:ef:eb:bd cnnEouAuthMacAddrMask: ff:ff:ff:ff:ff:ff This exempts all MAC address from posture validation.
OBJECT-TYPE    
  MacAddress  

cnnEouAuthMacPolicy 1.3.6.1.4.1.9.9.484.1.2.2.1.3
The policy associate with the statically authorized device identified by MAC address. The policy needs to be present in the policy-database before an device can be associated to it.
OBJECT-TYPE    
  SnmpAdminString  

cnnEouAuthMacStorageType 1.3.6.1.4.1.9.9.484.1.2.2.1.4
The storage type for this conceptual row.
OBJECT-TYPE    
  StorageType  

cnnEouAuthMacRowStatus 1.3.6.1.4.1.9.9.484.1.2.2.1.5
The status of this conceptual row. To create an entry, users set the value of this object to 'createAndGo'. The transition from 'active' to 'notInService' may not be supported. A row may be deleted by setting the RowStatus to 'destroy'. Once a row becomes active, values within the row cannot be modified, except by deleting and re-creating the row.
OBJECT-TYPE    
  RowStatus  

cnnEouAuthDeviceTypeTable 1.3.6.1.4.1.9.9.484.1.2.3
A list of static authorized devices indexed by device type.
OBJECT-TYPE    
  SEQUENCE OF  
    CnnEouAuthDeviceTypeEntry

cnnEouAuthDeviceTypeEntry 1.3.6.1.4.1.9.9.484.1.2.3.1
An entry containing the information of the static authorized device indexed by device type.
OBJECT-TYPE    
  CnnEouAuthDeviceTypeEntry  

cnnEouAuthDeviceType 1.3.6.1.4.1.9.9.484.1.2.3.1.1
The static authorize device type.
OBJECT-TYPE    
  CnnEouDeviceType  

cnnEouAuthDeviceTypeStorageType 1.3.6.1.4.1.9.9.484.1.2.3.1.2
The storage type for this conceptual row.
OBJECT-TYPE    
  StorageType  

cnnEouAuthDeviceTypeRowStatus 1.3.6.1.4.1.9.9.484.1.2.3.1.3
This object is used to create or delete an entry in the cnnEouAuthDeviceTypeTable. A row may be created using the 'CreateAndGo' option. A row may be deleted by setting the RowStatus to 'destroy'. Once a row becomes active, values within the row cannot be modified, except by deleting and re-creating the row.
OBJECT-TYPE    
  RowStatus  

cnnEouIfConfigTable 1.3.6.1.4.1.9.9.484.1.3.1
A list of EOU configurations for the EOU capable interfaces.
OBJECT-TYPE    
  SEQUENCE OF  
    CnnEouIfConfigEntry

cnnEouIfConfigEntry 1.3.6.1.4.1.9.9.484.1.3.1.1
An entry containing the EOU configuration information for a particular EOU capable interface.
OBJECT-TYPE    
  CnnEouIfConfigEntry  

cnnEouIfAdminStatus 1.3.6.1.4.1.9.9.484.1.3.1.1.1
Setting this object to 'auto' means the Posture Validation via EOU ability at this interface would be enabled if a end point device is found. If the value of this object is 'disabled' then the interface will act as it would if it had no posture validation via EOU ability. Setting this object to 'bypass' allows the host connected to this interface this interface to bypass the Posture Validation and directly download the host network access policy from AAA server.
OBJECT-TYPE    
  INTEGER auto(1), disabled(2), bypass(3)  

cnnEouIfMaxRetry 1.3.6.1.4.1.9.9.484.1.3.1.1.2
The maximum number of retry by EOU for this interface.
OBJECT-TYPE    
  Integer32  

cnnEouIfValidateAction 1.3.6.1.4.1.9.9.484.1.3.1.1.3
An EOU validate action to the devices associated with the interface. This object always has the value 'none' when read. none(1) no operation is performed. initialize(2) Manually initiates reauthentication of all the endpoint devices associated with the interface. revalidate(3) Revalidate EOU posture credentials of the devices associated with a specify interface. noRevalidate(4) Disable the revalidation of all the device associated with the interface.
OBJECT-TYPE    
  INTEGER none(1), initialize(2), revalidate(3), noRevalidate(4)  

cnnEouIfTimeoutGlobalConfig 1.3.6.1.4.1.9.9.484.1.3.1.1.4
This object indicates whether the timeout configurations on this interface are based on the corresponding global timeout configurations or not. aaa(0) If this bit is set, the value of cnnEouIfTimeoutAAA is based on the value of cnnEouTimeoutAAA. holdPeriod(1) If this bit is set, the value of cnnEouIfTimeoutHoldPeriod is based on the value of cnnEouTimeoutHoldPeriod. retransmit(2) If this bit is set, the value of cnnEouIfTimeoutRetransmit is based on the value of cnnEouTimeoutRetransmit. revalidation(3) If this bit is set, the value of cnnEouIfTimeoutRevalidation is based on the value of cnnEouTimeoutRevalidation. statusQuery(4) If this bit is set, the value of cnnEouIfTimeoutStatusQuery is based on the value of cnnEouTimeoutStatusQuery. maxRetry(5) If this bit is set, the value of cnnEouIfMaxRetry is based on the value of cnnEouMaxRetry. clientless(6) If this bit is set, the value of cnnEouIfAllowClientless is based on the value of cnnEouAllowClientless. ipStationId(7) If this bit is set, the value of cnnEouIfAllowIpStationId is based on the value of cnnEouAllowIpStationId. If a bit is not set, the value of the corresponding object in the same conceptual row is not based on its corresponding global object. If users configure object which is covered by cnnEouIfTimeoutGlobalConfig in the same conceptual row while the corresponding bit is set, the corresponding bit will be unset in order to reflect that such configuration is not from its corresponding global object.
OBJECT-TYPE    
  BITS aaa(0), holdPeriod(1), retransmit(2), revalidation(3), statusQuery(4), maxRetry(5), clientless(6), ipStationId(7)  

cnnEouIfTimeoutAAA 1.3.6.1.4.1.9.9.484.1.3.1.1.5
The timeout period used by EOU for the AAA server connection on this interface.
OBJECT-TYPE    
  Unsigned32  

cnnEouIfTimeoutHoldPeriod 1.3.6.1.4.1.9.9.484.1.3.1.1.6
The hold period of this interface. The hold period is the length of the time that can elapse before the client session entries are purged from the system due to client inactivity.
OBJECT-TYPE    
  Unsigned32  

cnnEouIfTimeoutRetransmit 1.3.6.1.4.1.9.9.484.1.3.1.1.7
The timeout period for the EOU message retransmitted at this interface.
OBJECT-TYPE    
  Unsigned32  

cnnEouIfTimeoutRevalidation 1.3.6.1.4.1.9.9.484.1.3.1.1.8
The timeout period for the revalidation at this interface. Setting this object to 0 will disable periodic revalidation on this device.
OBJECT-TYPE    
  Unsigned32  

cnnEouIfTimeoutStatusQuery 1.3.6.1.4.1.9.9.484.1.3.1.1.9
The timeout period for the status query after revalidation at this interface.
OBJECT-TYPE    
  Unsigned32  

cnnEouIfAaaFailPolicy 1.3.6.1.4.1.9.9.484.1.3.1.1.10
Specified the name of the policy template to be applied when cnnEouHostResultState is 'aaaFail'. The specified policy name must exist in cpgPolicyTable if it is not empty string.
OBJECT-TYPE    
  CpgPolicyNameOrEmpty  

cnnEouIfAllowClientless 1.3.6.1.4.1.9.9.484.1.3.1.1.11
This object specifies whether to allow authentication of clientless hosts (system that does not run Cisco Trust Agent) on the interface.
OBJECT-TYPE    
  TruthValue  

cnnEouIfAllowIpStationId 1.3.6.1.4.1.9.9.484.1.3.1.1.12
This object specifies whether to send the host IP address in the calling station ID field of RADIUS request for hosts on the interface.
OBJECT-TYPE    
  TruthValue  

cnnEouHostValidateAction 1.3.6.1.4.1.9.9.484.1.4.1
An EOU validate action to the devices. Initialize: When a device is initialized, all previous state information about that host is deleted and the admission control process for that host will start with no state. Revalidate: When a host is revalidated, state information about that host is retained so that the host still has its' normal access during the revalidation process. This object always has the value 'none' when read. none(1) - no operation is performed. initializeAll(2) - to manually initiates reauthentication of all endpoint devices on the system. initializeAuthClientless(3) - to manually initiates reauthentication of all clientless endpoint devices. initializeAuthEap(4) - to manually initiates reauthentication of all the endpoint devices authorized by Extensive Authentication Protocol. initializeAuthStatic(5) - to manually initiates reauthentication of all the statically authorized endpoint devices. initializeIp(6) - to manually initiates reauthentication of a specific IP device. The value in cnnEouHostValidateIpAddrType and cnnEouHostValidateIpAddr are used by this operation. initializeMac(7) - to manually initiates reauthentication of the endpoint device identified by MAC address. The value in cnnEouHostValidateMacAddr is used by this operation. initializePostureToken(8) - to manually initiates reauthentication of the endpoint device(s) with a specify posture token assigned. The value in cnnEouHostValidatePostureToken is used by this operation. This enumerated integer is deprecated and replaced by initializePostureTokenStr. revalidateAll(9) - to revalidate EOU posture credentials of all devices on the system. revalidateAuthClientless(10) - to revalidate EOU posture credentials of all clientless devices on the system. revalidateAuthEap(11) - to revalidate EOU posture credentials of the devices authorized by EAP on the system. revalidateAuthStatic(12) - to revalidate EOU posture credentials of all statically authorized devices on the system. revalidateIp(13) - to revalidates EOU posture credentials of a specific IP device. The value in cnnEouHostValidateIpAddrType and cnnEouHostValidateIpAddr are used by this operation. revalidateMac(14) - to revalidates EOU posture credentials of a specific device identified by MAC address. The value in cnnEouHostValidateMacAddr is used by this operation. revalidatePostureToken(15) - to enable revalidates EOU posture credentials of the devices with the specific posture token assigned. The value in cnnEouHostValidatePostureToken is used by this operation. This enumerated integer is deprecated and replaced by revalidatePostureTokenStr. noRevalidateAll(16) - to disable revalidation of all devices on the system. noRevalidateAuthClientless(17) - to disable the revalidation of all clientless devices on the system. noRevalidateAuthEap(18) - to disable the revalidation of all devices authorized by EAP on the system. noRevalidateAuthStatic(19) - to disable the revalidation of all statically authorized devices on the system. noRevalidateIp(20) - to disable the revalidation of the specific IP device. The value in cnnEouHostValidateIpAddrType and cnnEouHostValidateIpAddr are used by this operation. noRevalidateMac(21) - to disable the revalidation of the specific device identified by MAC address. The value in cnnEouHostValidateMacAddr is used by this operation. noRevalidatePostureToken(22) - to disable the revalidation of all device with the specific posture token assigned. The value in cnnEouHostValidatePostureToken is used by this operation. This enumerated integer is deprecated and replaced by noRevalidatePostureTokenStr. initializePostureTokenStr(23) - to manually initiates reauthentication of the endpoint device(s) with a specify posture token assigned. The value in cnnEouHostValidatePostureTokenStr is used by this operation. revalidatePostureTokenStr(24) - to enable revalidates EOU posture credentials of the devices with the specific posture token assigned. The value in cnnEouHostValidatePostureTokenStr is used by this operation. noRevalidatePostureTokenStr(25) - to disable the revalidation of all device with the specific posture token assigned. The value in cnnEouHostValidatePostureTokenStr is used by this operation.
OBJECT-TYPE    
  INTEGER none(1), initializeAll(2), initializeAuthClientless(3), initializeAuthEap(4), initializeAuthStatic(5), initializeIp(6), initializeMac(7), initializePostureToken(8), revalidateAll(9), revalidateAuthClientless(10), revalidateAuthEap(11), revalidateAuthStatic(12), revalidateIp(13), revalidateMac(14), revalidatePostureToken(15), noRevalidateAll(16), noRevalidateAuthClientless(17), noRevalidateAuthEap(18), noRevalidateAuthStatic(19), noRevalidateIp(20), noRevalidateMac(21), noRevalidatePostureToken(22), initializePostureTokenStr(23), revalidatePostureTokenStr(24), noRevalidatePostureTokenStr(25)  

cnnEouHostValidateIpAddrType 1.3.6.1.4.1.9.9.484.1.4.2
The type of Internet address for a detected host.
OBJECT-TYPE    
  InetAddressType  

cnnEouHostValidateIpAddr 1.3.6.1.4.1.9.9.484.1.4.3
The Internet address for a detected host. The type of this address is determined by the value of the cnnEouHostValidateIpAddrType.
OBJECT-TYPE    
  InetAddress  

cnnEouHostValidateMacAddr 1.3.6.1.4.1.9.9.484.1.4.4
The Mac address for a detected host.
OBJECT-TYPE    
  MacAddress  

cnnEouHostValidatePostureToken 1.3.6.1.4.1.9.9.484.1.4.5
Type of posture token for a detected host. This object is deprecated and replaced by cnnEouHostValidatePostureTokenStr.
OBJECT-TYPE    
  CnnEouPostureToken  

cnnEouHostMaxQueries 1.3.6.1.4.1.9.9.484.1.4.6
Maximum number of query entries allowed to be outstanding at any time, in the cnnEouHostQueryTable.
OBJECT-TYPE    
  Unsigned32  

cnnEouHostQueryTable 1.3.6.1.4.1.9.9.484.1.4.7
A control table used to query the client host by specifying retrieval criteria for the EOU information. Each row instance in the table represents a query with its parameters. The resulting data for each instance of a query in this table is returned in the cnnHostQueryResultTable. The maximum number of entries (rows) in this table cannot exceed the value of cnnEouHostMaxQueries object.
OBJECT-TYPE    
  SEQUENCE OF  
    CnnEouHostQueryEntry

cnnEouHostQueryEntry 1.3.6.1.4.1.9.9.484.1.4.7.1
A conceptual row of the cnnEouHostQueryTable used to setup retrieval criteria to search for the EOU hosts on the system. The actual search is started by setting the value of cnnEouHostQueryStatus to 'active'. Once a row becomes active, values within the row cannot be modified, except by deleting and re-creating the row.
OBJECT-TYPE    
  CnnEouHostQueryEntry  

cnnEouHostQueryIndex 1.3.6.1.4.1.9.9.484.1.4.7.1.1
An arbitrary integer in the range of 1 to cnnEouHostMaxQueries to identify this control query.
OBJECT-TYPE    
  Unsigned32  

cnnEouHostQueryMask 1.3.6.1.4.1.9.9.484.1.4.7.1.2
Setting each value causes the appropriate action: authenClientless(1) - causes the creation of row(s) in the cnnHostQueryResultTable corresponding to the current EOU information for the clientless host(s) on the system. authenEap(2) - causes the creation of row(s) in the cnnHostQueryResultTable corresponding to the current EOU information for the hosts authorized by EAP on the system. authenStatic(3) - causes the creation of row(s) in the cnnHostQueryResultTable corresponding to the current EOU information for the statically authorized hosts on the system. interface(4) - causes the creation of row(s) in the cnnHostQueryResultTable corresponding to the current EOU information for the endpoint devices connected to the interface specified in cnnEouHostQueryInterface. ip(5) - causes the creation of row(s) in the cnnHostQueryResultTable corresponding to the current EOU information for the IP hosts specified in cnnEouHostQueryIpAddrType and cnnEouHostQueryIpAddr. mac(6) - causes the creation of row(s) in the cnnHostQueryResultTable corresponding to the current EOU information for the hosts matching the mac address specified in cnnEouHostQueryMacAddr. postureToken(7) - causes the creation of row(s) in the cnnHostQueryResultTable corresponding to the current EOU information for the hosts assigned posture token specified in cnnEouHostQueryPostureToken. This enumerated integer is deprecated and replaced by postureTokenString. all(8) - returns all rows corresponding to all the detected hosts in the system. postureTokenString(9) - causes the creation of row(s) in the cnnHostQueryResultTable corresponding to the current EOU information for the hosts assigned posture token string specified in cnnEouHostQueryPostureTokenStr.
OBJECT-TYPE    
  INTEGER authenClientless(1), authenEap(2), authenStatic(3), interface(4), ip(5), mac(6), postureToken(7), all(8), postureTokenString(9)  

cnnEouHostQueryInterface 1.3.6.1.4.1.9.9.484.1.4.7.1.3
An index value that uniquely identifies an interface where the end point device is connected. The interface identified by a particular value of this index is the same interface as identified by the same value of ifIndex.
OBJECT-TYPE    
  InterfaceIndexOrZero  

cnnEouHostQueryIpAddrType 1.3.6.1.4.1.9.9.484.1.4.7.1.4
The internet address type for the queried host.
OBJECT-TYPE    
  InetAddressType  

cnnEouHostQueryIpAddr 1.3.6.1.4.1.9.9.484.1.4.7.1.5
The Internet address for the queried host. The type of this address is determined by the value of the cnnEouHostQueryIpAddrType. If the 'ip' option of cnnEouHostQueryMask is selected, an appropriate IP address type is assigned to cnnEouHostQueryIpAddrType, and an appropriate IP address is assigned to cnnEouHostQueryIpAddr then only the IP host with the specified address will be containing in the result table.
OBJECT-TYPE    
  InetAddress  

cnnEouHostQueryMacAddr 1.3.6.1.4.1.9.9.484.1.4.7.1.6
The Mac address for the queried host. If the 'mac' option of cnnEouHostQueryMask is selected, an appropriate MAC address is assigned to this object then only the host with the specified MAC address will be containing in the result table.
OBJECT-TYPE    
  MacAddress  

cnnEouHostQueryPostureToken 1.3.6.1.4.1.9.9.484.1.4.7.1.7
The assigned posture token for the queried host. If the 'postureToken' option of cnnEouHostQueryMask is selected, an appropriate posture token is assigned to this object then only the host with the specified posture token will be containing in the result table. This object is deprecated and replaced by cnnEouHostQueryPostureTokenStr.
OBJECT-TYPE    
  CnnEouPostureToken  

cnnEouHostQuerySkipNHosts 1.3.6.1.4.1.9.9.484.1.4.7.1.8
The number of searched detected hosts to be skipped before storing any host in cnnEouHostResultTable. This object can be used along with cnnEouHostQueryTotalHosts object to skip previously found hosts by setting the variable equal to the number of the associated rows in cnnEouHostResultTable, and only query the remaining hosts in the table. Note that due to the dynamical nature of the EOU, the queried hosts may be missed or repeated by setting this object.
OBJECT-TYPE    
  Unsigned32  

cnnEouHostQueryMaxResultRows 1.3.6.1.4.1.9.9.484.1.4.7.1.9
This is the maximum number of rows in the cnnEouHostResultTable, resulting from this query. A value of zero (0) indicates no limit rows in cnnEouHostResultTable, resulting from this query.
OBJECT-TYPE    
  Unsigned32  

cnnEouHostQueryTotalHosts 1.3.6.1.4.1.9.9.484.1.4.7.1.10
Indicating the total number of the hosts matching the query criterion. -1 - Either the query has not been started or the agent is still processing this query instance. It is the default value when the row is instantiated. 0..2147483647 - The search has ended and this is the number of host matching the query criterion.
OBJECT-TYPE    
  Integer32 -1..2147483647  

cnnEouHostQueryRows 1.3.6.1.4.1.9.9.484.1.4.7.1.11
Indicating the status of the query by following values: -1 - Either the query has not been started or the agent is still processing this query instance. It is the default value when the row is instantiated. 0..2147483647 - The search has ended and this is the number of rows in the cnnEouHostResultTable, resulting from this query.
OBJECT-TYPE    
  Integer32 -1..2147483647  

cnnEouHostQueryCreateTime 1.3.6.1.4.1.9.9.484.1.4.7.1.12
Time when this query was last set to active.
OBJECT-TYPE    
  TimeStamp  

cnnEouHostQueryStatus 1.3.6.1.4.1.9.9.484.1.4.7.1.13
The status object used to manage rows in this table. When set to 'createAndGo', the query is initiated. The completion of the query is indicated by the value of cnnEouHostQueryRows as soon as it becomes greater than or equal to 0. Once a row becomes active, values within the row cannot be modified, except by deleting and re-creating it.
OBJECT-TYPE    
  RowStatus  

cnnEouHostQueryPostureTokenStr 1.3.6.1.4.1.9.9.484.1.4.7.1.14
The assigned posture token string for the queried host. If the 'postureTokenString' option of cnnEouHostQueryMask is selected, an appropriate posture token string is assigned to this object then only the host with the specified posture token string will be containing in the result table.
OBJECT-TYPE    
  CnnEouPostureTokenString  

cnnEouHostResultTable 1.3.6.1.4.1.9.9.484.1.4.8
A table containing current detected host information corresponding to all the completed queries set up in the cnnEouHostQueryTable, that were detected in the device. The query result will not become available until the current search completes.
OBJECT-TYPE    
  SEQUENCE OF  
    CnnEouHostResultEntry

cnnEouHostResultEntry 1.3.6.1.4.1.9.9.484.1.4.8.1
A conceptual row of cnnEouHostResultTable, containing posture validation information of an detected host that matches the search criteria set in the corresponding row of cnnEouHostQueryTable.
OBJECT-TYPE    
  CnnEouHostResultEntry  

cnnEouHostResultIndex 1.3.6.1.4.1.9.9.484.1.4.8.1.1
A number which uniquely identifies a result entry matching a particular query.
OBJECT-TYPE    
  Unsigned32  

cnnEouHostResultAssocIf 1.3.6.1.4.1.9.9.484.1.4.8.1.2
An index value that uniquely identifies an interface where the end point device is currently connected. The interface identified by a particular value of this index is the same interface as identified by the same value of ifIndex.
OBJECT-TYPE    
  InterfaceIndex  

cnnEouHostResultIpAddrType 1.3.6.1.4.1.9.9.484.1.4.8.1.3
The type of Internet address by which the detected host is reachable.
OBJECT-TYPE    
  InetAddressType  

cnnEouHostResultIpAddr 1.3.6.1.4.1.9.9.484.1.4.8.1.4
The internet address for the detected host. The type of this address is determined by the value of the cnnEouHostResultIpAddrType object.
OBJECT-TYPE    
  InetAddress  

cnnEouHostResultMacAddr 1.3.6.1.4.1.9.9.484.1.4.8.1.5
Indicates The MAC address of the detected host.
OBJECT-TYPE    
  MacAddress  

cnnEouHostResultAuthType 1.3.6.1.4.1.9.9.484.1.4.8.1.6
This object indicates the authentication type used in the posture validation process for this detected host.
OBJECT-TYPE    
  CnnEouAuthType  

cnnEouHostResultPostureToken 1.3.6.1.4.1.9.9.484.1.4.8.1.7
Indicates the posture token of the detected host. During the posture validation process, the host will be placed into a particular category and have a token assigned to it. This assignment will depend on the state of the software that is resident on the host. The host will have specific right to access network based on the token assigned. This object is deprecated and replaced by cnnEouHostResultPostureTokenStr
OBJECT-TYPE    
  CnnEouPostureToken  

cnnEouHostResultAge 1.3.6.1.4.1.9.9.484.1.4.8.1.8
Indicates the length of time, in minutes, that host has been connected.
OBJECT-TYPE    
  Unsigned32  

cnnEouHostResultUrlRedir 1.3.6.1.4.1.9.9.484.1.4.8.1.9
This object specifies the URL(Web page) where the latest Anti-Virus file can be downloaded or upgraded, if the detected host fails the credential validation then it may require remediation.
OBJECT-TYPE    
  CiscoURLString  

cnnEouHostResultAclName 1.3.6.1.4.1.9.9.484.1.4.8.1.10
The mapped ACL to this detected host. A character string for an ACL (Access Control List) name. Valid characters are a-z, A-Z, 0-9, ,'#', '-', '_' and '.'. Some devices may require that an ACL name contains at least one non-numeric character. ACL name is case sensitive.
OBJECT-TYPE    
  SnmpAdminString  

cnnEouHostResultStatusQryPeriod 1.3.6.1.4.1.9.9.484.1.4.8.1.11
The timeout period, in seconds, for the status query after revalidation at this interface.
OBJECT-TYPE    
  Unsigned32  

cnnEouHostResultRevalidatePeriod 1.3.6.1.4.1.9.9.484.1.4.8.1.12
The timeout period, in second, for the revalidation at this interface.
OBJECT-TYPE    
  Unsigned32  

cnnEouHostResultState 1.3.6.1.4.1.9.9.484.1.4.8.1.13
Indicates the current EOU state of this detected host.
OBJECT-TYPE    
  CnnEouState  

cnnEouHostResultPostureTokenStr 1.3.6.1.4.1.9.9.484.1.4.8.1.14
Indicates the posture token string of the detected host. During the posture validation process, the host will be placed into a particular category and have a token assigned to it. This assignment will depend on the state of the software that is resident on the host. The host will have specific right to access network based on the token assigned.
OBJECT-TYPE    
  CnnEouPostureTokenString  

cnnEouHostResultUrlRedirectAcl 1.3.6.1.4.1.9.9.484.1.4.8.1.15
Indicates the name of the access control list(ACL) for URL redirection. Any ingress HTTP from the host that matches this ACL will be subjected to redirection to the URL (Web page) specified in cnnEouHostResultUrlRedir.
OBJECT-TYPE    
  SnmpAdminString  

cnnEouHostResultTagName 1.3.6.1.4.1.9.9.484.1.4.8.1.16
Indicates the tag which is received as a policy response from the ACS server for the detected host.
OBJECT-TYPE    
  SnmpAdminString  

cnnEouHostResultAuditSessionId 1.3.6.1.4.1.9.9.484.1.4.8.1.17
This object uniquely identifies a host session. Session ID is included in access requests to AAA server and in Web requests to Audit server.
OBJECT-TYPE    
  SnmpAdminString  

cnnEouHostResultAaaFailPolicy 1.3.6.1.4.1.9.9.484.1.4.8.1.18
This object indicates the name of policy template to be applied when EouHostResultState is 'aaaFail'.
OBJECT-TYPE    
  SnmpAdminString  

cnnEouHostValidatePostureTokenStr 1.3.6.1.4.1.9.9.484.1.4.9
Posture token string for a detected host.
OBJECT-TYPE    
  CnnEouPostureTokenString  

ciscoNacNadMIBCompliances 1.3.6.1.4.1.9.9.484.2.1
OBJECT IDENTIFIER    

ciscoNacNadMIBGroups 1.3.6.1.4.1.9.9.484.2.2
OBJECT IDENTIFIER    

ciscoNacNadMIBCompliance 1.3.6.1.4.1.9.9.484.2.1.1
The compliance statement for the CISCO-NAC-NAD-MIB. OBJECT cnnEouAuthIpAddrType SYNTAX InetAddressType { ipv4(1) } DESCRIPTION An implementation is only required to support IPv4 addresses.
MODULE-COMPLIANCE    

ciscoNacNadMIBCompliance2 1.3.6.1.4.1.9.9.484.2.1.2
The compliance statement for the CISCO-NAC-NAD-MIB. OBJECT cnnEouAuthIpAddrType SYNTAX InetAddressType { ipv4(1) } DESCRIPTION An implementation is only required to support IPv4 addresses.
MODULE-COMPLIANCE    

ciscoNacNadMIBCompliance3 1.3.6.1.4.1.9.9.484.2.1.3
The compliance statement for the CISCO-NAC-NAD-MIB. OBJECT cnnEouAuthIpAddrType SYNTAX InetAddressType { ipv4(1) } DESCRIPTION An implementation is only required to support IPv4 addresses.
MODULE-COMPLIANCE    

ciscoNacNadMIBCompliance4 1.3.6.1.4.1.9.9.484.2.1.4
The compliance statement for the CISCO-NAC-NAD-MIB. OBJECT cnnEouAuthIpAddrType SYNTAX InetAddressType { ipv4(1) } DESCRIPTION An implementation is only required to support IPv4 addresses.
MODULE-COMPLIANCE    

ciscoNacNadEouGlobalGroup 1.3.6.1.4.1.9.9.484.2.2.1
A collection of objects providing the global configuration on the NAD.
OBJECT-GROUP    

ciscoNacNadEouAuthIpGroup 1.3.6.1.4.1.9.9.484.2.2.2
A collection of objects providing the configuration for the static authorization IP device with policy associated.
OBJECT-GROUP    

ciscoNacNadEouAuthMacGroup 1.3.6.1.4.1.9.9.484.2.2.3
A collection of objects providing the configuration for the static authorization MAC device with policy associated.
OBJECT-GROUP    

ciscoNacNadEouAuthDeviceTypeGrp 1.3.6.1.4.1.9.9.484.2.2.4
A collection of objects providing the configuration for the static authorization device identified by device type.
OBJECT-GROUP    

ciscoNacNadEouIfConfigGroup 1.3.6.1.4.1.9.9.484.2.2.5
A collection of objects providing the interface configuration on the NAD.
OBJECT-GROUP    

ciscoNacNadEouHostGroup 1.3.6.1.4.1.9.9.484.2.2.6
A collection of objects providing the host configuration on the NAD.
OBJECT-GROUP    

ciscoNacNadEouIfTimeoutGroup 1.3.6.1.4.1.9.9.484.2.2.7
A collection of objects providing the timeout configuration on the interface.
OBJECT-GROUP    

ciscoNacNadEouIfMaxRetryGroup 1.3.6.1.4.1.9.9.484.2.2.8
A collection of objects providing the max-retry configuration on the interface.
OBJECT-GROUP    

ciscoNacNadEouRateLimitGroup 1.3.6.1.4.1.9.9.484.2.2.9
A collection of objects providing the rate limit configuration.
OBJECT-GROUP    

ciscoNacNadEouIfAdminGroup 1.3.6.1.4.1.9.9.484.2.2.10
A collection of objects providing the administrative configuration on the interfaces.
OBJECT-GROUP    

ciscoNacNadEouHostAgeGroup 1.3.6.1.4.1.9.9.484.2.2.11
A collection of objects providing the age information on the interface.
OBJECT-GROUP    

ciscoNacNadEouHostUrlRedir 1.3.6.1.4.1.9.9.484.2.2.12
A collection of objects providing the redirect URL information on the interface.
OBJECT-GROUP    

ciscoNacNadEouHostAclGroup 1.3.6.1.4.1.9.9.484.2.2.13
A collection of objects providing the ACL(Access Control List) information on the interface.
OBJECT-GROUP    

ciscoNacNadEouIfAaaFailPolicyGrp 1.3.6.1.4.1.9.9.484.2.2.14
A collection of objects providing the AAA failed policy for the interface.
OBJECT-GROUP    

ciscoNacNadEouHostGrp 1.3.6.1.4.1.9.9.484.2.2.15
A collection of objects providing the host configuration on the NAD.
OBJECT-GROUP    

cnnIpDeviceTrackingConfigGrp 1.3.6.1.4.1.9.9.484.2.2.16
A collection of objects providing IP device tracking for the device.
OBJECT-GROUP    

cnnEouCriticalRecoveryDelayGrp 1.3.6.1.4.1.9.9.484.2.2.17
A collection of objects providing critical recovery delay for the device.
OBJECT-GROUP    

cnnEouIfIpDevTrackConfigGrp 1.3.6.1.4.1.9.9.484.2.2.18
A collection of objects providing EOU IP device tracking per interface in the device.
OBJECT-GROUP    

ciscoNacNadRevalidateConfigGrp 1.3.6.1.4.1.9.9.484.2.2.19
A collection of objects providing the globally configuration for the system.
OBJECT-GROUP    

ciscoNacNadEouHostGroup1 1.3.6.1.4.1.9.9.484.2.2.20
A collection of objects providing the host extension configuration on the NAD.
OBJECT-GROUP    

ciscoNacNadEouIfExtGroup 1.3.6.1.4.1.9.9.484.2.2.21
A collection of objects providing the interface extension configuration on the NAD.
OBJECT-GROUP