CISCO-PAE-MIB

File: CISCO-PAE-MIB.mib (141453 bytes)

Imported modules

SNMPv2-SMI SNMPv2-CONF SNMPv2-TC
SNMP-FRAMEWORK-MIB INET-ADDRESS-MIB IEEE8021-PAE-MIB
IF-MIB CISCO-VTP-MIB CISCO-TC
CISCO-NAC-TC-MIB CISCO-POLICY-GROUP-MIB CISCO-SMI

Imported symbols

OBJECT-TYPE MODULE-IDENTITY NOTIFICATION-TYPE
Unsigned32 OBJECT-GROUP MODULE-COMPLIANCE
NOTIFICATION-GROUP TruthValue MacAddress
RowStatus TEXTUAL-CONVENTION SnmpAdminString
InetAddress InetAddressType dot1xPaePortEntry
dot1xPaePortNumber dot1xAuthPaeState dot1xAuthConfigEntry
PaeControlledPortStatus InterfaceIndex VlanIndex
CiscoURLString CnnEouPostureToken CnnEouPostureTokenString
CpgPolicyNameOrEmpty ciscoMgmt

Defined Types

ReAuthPeriodSource  
Source of the reAuthPeriod constant, used by the 802.1x Reauthentication Timer state machine. local : local configured reauthentication period specified by the object dot1xAuthReAuthPeriod will be used. server: the reauthentication period will be received from the Authentication server. auto : source of reauthentication period will be decided by the system.
TEXTUAL-CONVENTION    
  INTEGER local(1), server(2), auto(3)  

CpaeAuthState  
The Authenticator PAE state machine value. other :None of the following states. initialize :The PAE state machine is being initialized. disconnected :An explicit logoff request is received from the Supplicant, or the number of permissible reauthentication attempts has been exceeded. connecting :Attempting to establish a communication with a Supplicant. authenticating:A Supplicant is being authenticated. authenticated :The Authenticator has successfully authenticated the Supplicant. aborting :The authentication process is prematurely aborted due to receipt of a reauthentication request, or an EAPOL-Start frame, or an EAPOL-Logoff frame, or an authTimeout. held :The state machine ignores and discards all EAPOL packets, so as to discourage brute force attacks. This state is entered from the 'authenticating' state following an authentication failure. At the expiration of the quietWhile timer, the state machine transitions to the 'connecting' state. forceAuth :The port is set to Authorized, and a canned EAP Success packet is sent to the Supplicant. forceUnauth :The port is set to Unauthorized, and a canned EAP Failure packet is sent to the Supplicant. If EAP-Start messages are received from the Supplicant, the state is re-entered and further EAP Failure messages are sent. guestVlan :The port has been moved to a configured Guest VLAN. authFailVlan :The port has been moved to a configured Authentication Failed VLAN. criticalAuth :The port has been authorized by Critical Authentication because RADIUS server is not reachable, or does not response. ipAwaiting :The port is waiting for an IP address from DHCP server. policyConfig :This state is entered from 'ipAwaiting' state if an IP address is received and the corresponding policies are being installed. authFinished :The port is set to Authorized by MAC Authentication Bypass feature. restart :The PAE state machine has been restarted. authFallback :Fallback mechanism is applied to the authentication process. authCResult :Authentication completed and the validity of the authorization features is checked. authZSuccess :Authorization policies based on the authentication result are applied. If the policies are applied successfully then the port is authorized otherwise unauthorized.
TEXTUAL-CONVENTION    
  INTEGER other(1), initialize(2), disconnected(3), connecting(4), authenticating(5), authenticated(6), aborting(7), held(8), forceAuth(9), forceUnauth(10), guestVlan(11), authFailVlan(12), criticalAuth(13), ipAwaiting(14), policyConfig(15), authFinished(16), restart(17), authFallback(18), authCResult(19), authZSuccess(20)  

CpaePortEntry  
SEQUENCE    
  cpaeMultipleHost TruthValue
  cpaePortMode INTEGER
  cpaeGuestVlanNumber VlanIndex
  cpaeInGuestVlan TruthValue
  cpaeShutdownTimeoutEnabled TruthValue
  cpaePortAuthFailVlan VlanIndex
  cpaePortOperVlan VlanIndex
  cpaePortOperVlanType INTEGER
  cpaeAuthFailVlanMaxAttempts Unsigned32
  cpaePortCapabilitiesEnabled BITS

CpaeUserGroupEntry  
SEQUENCE    
  cpaeUserGroupName SnmpAdminString
  cpaeUserGroupUserIndex Unsigned32
  cpaeUserGroupUserName SnmpAdminString
  cpaeUserGroupUserAddrType InetAddressType
  cpaeUserGroupUserAddr InetAddress
  cpaeUserGroupUserInterface InterfaceIndex
  cpaeUserGroupUserVlan VlanIndex

CpaeAuthFailUserEntry  
SEQUENCE    
  cpaeAuthFailUserName SnmpAdminString

CpaeMacAuthBypassPortEntry  
SEQUENCE    
  cpaeMacAuthBypassPortEnabled TruthValue
  cpaeMacAuthBypassPortInitialize TruthValue
  cpaeMacAuthBypassPortReAuth TruthValue
  cpaeMacAuthBypassPortMacAddress MacAddress
  cpaeMacAuthBypassPortAuthState INTEGER
  cpaeMacAuthBypassPortTermAction INTEGER
  cpaeMacAuthBypassSessionTimeLeft Unsigned32
  cpaeMacAuthBypassPortAuthMethod INTEGER
  cpaeMacAuthBypassPortSessionId SnmpAdminString
  cpaeMacAuthBypassPortUrlRedirect SnmpAdminString
  cpaeMacAuthBypassPortPostureTok CnnEouPostureTokenString

CpaeMabPortIpDevTrackConfEntry  
SEQUENCE    
  cpaeMabPortIpDevTrackEnabled TruthValue

CpaeWebAuthPortEntry  
SEQUENCE    
  cpaeWebAuthPortEnabled TruthValue
  cpaeWebAuthPortInitialize TruthValue
  cpaeWebAuthPortAaaFailPolicy CpgPolicyNameOrEmpty
  cpaeWebAuthPortIpDevTrackEnabled TruthValue

CpaeWebAuthHostEntry  
SEQUENCE    
  cpaeWebAuthHostAddrType InetAddressType
  cpaeWebAuthHostAddress InetAddress
  cpaeWebAuthAaaSessionPeriod Unsigned32
  cpaeWebAuthHostSessionTimeLeft Unsigned32
  cpaeWebAuthHostState INTEGER
  cpaeWebAuthHostInitialize TruthValue

CpaeAuthConfigEntry  
SEQUENCE    
  cpaeAuthReAuthPeriodSrcAdmin ReAuthPeriodSource
  cpaeAuthReAuthPeriodSrcOper ReAuthPeriodSource
  cpaeAuthReAuthPeriodOper Unsigned32
  cpaeAuthTimeToNextReAuth Unsigned32
  cpaeAuthReAuthAction INTEGER
  cpaeAuthReAuthMax Unsigned32
  cpaeAuthIabEnabled TruthValue
  cpaeAuthPaeState CpaeAuthState

CpaeHostInfoEntry  
SEQUENCE    
  cpaeHostInfoHostIndex Unsigned32
  cpaeHostInfoMacAddress MacAddress
  cpaeHostInfoPostureToken CnnEouPostureToken
  cpaeHostInfoUserName SnmpAdminString
  cpaeHostInfoAddrType InetAddressType
  cpaeHostInfoAddr InetAddress
  cpaeHostPostureTokenStr CnnEouPostureTokenString
  cpaeHostUrlRedirection SnmpAdminString
  cpaeHostAuthPaeState CpaeAuthState
  cpaeHostBackendState INTEGER
  cpaeHostSessionId OCTET STRING

CpaePortEapolTestEntry  
SEQUENCE    
  cpaePortEapolTestResult INTEGER
  cpaePortEapolTestStatus RowStatus

CpaePortIpDevTrackConfigEntry  
SEQUENCE    
  cpaePortIpDevTrackEnabled TruthValue

CpaeSuppPortEntry  
SEQUENCE    
  cpaeSuppPortCredentialProfileName SnmpAdminString
  cpaeSuppPortEapProfileName SnmpAdminString

CpaeSuppHostInfoEntry  
SEQUENCE    
  cpaeSuppHostInfoSuppIndex Unsigned32
  cpaeSuppHostAuthMacAddress MacAddress
  cpaeSuppHostPaeState INTEGER
  cpaeSuppHostBackendState INTEGER
  cpaeSuppHostStatus PaeControlledPortStatus

Defined Values

ciscoPaeMIB 1.3.6.1.4.1.9.9.220
Cisco Port Access Entity (PAE) module for managing IEEE Std 802.1x. This MIB provides Port Access Entity information that are either excluded by IEEE8021-PAE-MIB or specific to Cisco products.
MODULE-IDENTITY    

cpaeMIBNotification 1.3.6.1.4.1.9.9.220.0
OBJECT IDENTIFIER    

cpaeMIBObject 1.3.6.1.4.1.9.9.220.1
OBJECT IDENTIFIER    

cpaeMIBConformance 1.3.6.1.4.1.9.9.220.2
OBJECT IDENTIFIER    

cpaePortTable 1.3.6.1.4.1.9.9.220.1.1
A table of system level information for each port supported by the Port Access Entity. An entry appears in this table for each PAE port of this system. This table contains additional objects for the dot1xPaePortTable.
OBJECT-TYPE    
  SEQUENCE OF  
    CpaePortEntry

cpaePortEntry 1.3.6.1.4.1.9.9.220.1.1.1
An entry containing additional management information applicable to a particular PAE port.
OBJECT-TYPE    
  CpaePortEntry  

cpaeMultipleHost 1.3.6.1.4.1.9.9.220.1.1.1.1
Specifies whether the port allows multiple-host connection or not.
OBJECT-TYPE    
  TruthValue  

cpaePortMode 1.3.6.1.4.1.9.9.220.1.1.1.2
Specifies the current mode of dot1x operation on the port. singleHost(1): port allows one host to connect and authenticate. multiHost(2) : port allows multiple hosts to connect. Once a host is authenticated, all remaining hosts are also authorized. multiAuth(3) : port allows multiple hosts to connect and each host is authenticated. other(4) : none of the above. This is a read-only value which can not be used in set operation. If the port security feature is enabled on the interface, the configuration of the port security (such as the number of the hosts allowed, the security violation action, etc) will apply to the interface.
OBJECT-TYPE    
  INTEGER singleHost(1), multiHost(2), multiAuth(3), other(4)  

cpaeGuestVlanNumber 1.3.6.1.4.1.9.9.220.1.1.1.3
Specifies the Guest Vlan of the interface. An interface with cpaePortMode value of 'singleHost' will be moved to its Guest Vlan if the supplicant on the interface is not capable of IEEE-802.1x authentication. A value of zero for this object indicates no Guest Vlan configured for the interface.
OBJECT-TYPE    
  VlanIndex  

cpaeInGuestVlan 1.3.6.1.4.1.9.9.220.1.1.1.4
Indicates whether the interface is in its Guest Vlan or not. The object is deprecated in favor of newly added object cpaePortOperVlanType.
OBJECT-TYPE    
  TruthValue  

cpaeShutdownTimeoutEnabled 1.3.6.1.4.1.9.9.220.1.1.1.5
Specifies whether shutdown timeout feature is enabled on the interface.
OBJECT-TYPE    
  TruthValue  

cpaePortAuthFailVlan 1.3.6.1.4.1.9.9.220.1.1.1.6
Specifies the Auth-Fail (Authentication Fail) Vlan of the port. A port is moved to Auth-Fail Vlan if the supplicant which support IEEE-802.1x authentication is unsuccessfully authenticated. A value of zero for this object indicates no Auth-Fail Vlan configured for the port.
OBJECT-TYPE    
  VlanIndex  

cpaePortOperVlan 1.3.6.1.4.1.9.9.220.1.1.1.7
The VlanIndex of the Vlan which is assigned to this port via IEEE-802.1x and related methods of authentication supported by the system. A value of zero for this object indicates that no Vlan is assigned to this port via IEEE-802.1x authentication.
OBJECT-TYPE    
  VlanIndex  

cpaePortOperVlanType 1.3.6.1.4.1.9.9.220.1.1.1.8
The type of the Vlan which is assigned to this port via IEEE-802.1x and related methods of authentication supported by the system. A value of 'other' for this object indicates type of Vlan assigned to this port; via IEEE-802.1x authentication; is other than the ones specified by listed enumerations for this object. A value of 'none' for this object indicates that there is no Vlan assigned to this port via IEEE-802.1x authentication. For such a case, corresponding value of cpaePortOperVlan object will be zero. A value of 'guest' for this object indicates that Vlan assigned to this port; via IEEE-802.1x authentication; is of type Guest Vlan and specified by the object cpaeGuestVlanNumber for this entry. A value of 'authFail' for this object indicates that Vlan assigned to this port; via IEEE-802.1x authentication; is of type Auth-Fail Vlan and specified by the object cpaePortAuthFailVlan for this entry.
OBJECT-TYPE    
  INTEGER other(1), none(2), guest(3), authFail(4)  

cpaeAuthFailVlanMaxAttempts 1.3.6.1.4.1.9.9.220.1.1.1.9
Specifies the maximum number of authentication attempts should be made before the port is moved into the Auth-Fail Vlan.
OBJECT-TYPE    
  Unsigned32  

cpaePortCapabilitiesEnabled 1.3.6.1.4.1.9.9.220.1.1.1.10
Specifies the type of PAE functionality of the port which are enabled. authenticator: PAE Authenticator functions are enabled. supplicant : PAE Supplicant functions are enabled. Only those supported PAE functions which are listed in the corresponding instance of dot1xPaePortCapabilities can be enabled.
OBJECT-TYPE    
  BITS authenticator(0), supplicant(1)  

cpaeGuestVlanId 1.3.6.1.4.1.9.9.220.1.2
Specifies the Guest Vlan of the system. An interface with cpaePortMode value of 'singleHost' will be moved to Guest Vlan if the supplicant on the interface is not IEEE-802.1x capable. A value of zero indicates no Guest Vlan configured in the system. If the platform supports per-port guest Vlan ID configuration, this object is not instantiated.
OBJECT-TYPE    
  VlanIndex  

cpaeShutdownTimeout 1.3.6.1.4.1.9.9.220.1.3
Specifies the shutdown timeout interval to enable the interface automatically in case it is shutdown due to security violation. If the value of this object is 0, the interfaces shutdown due to the security violation will not be enabled automatically. The value of this object is applicable to the interface only when cpaeShutdownTimeoutEnabled is 'true', and port security feature is disabled on the interface.
OBJECT-TYPE    
  Unsigned32 0..65535  

cpaeRadiusAccountingEnabled 1.3.6.1.4.1.9.9.220.1.4
Specifies if RADIUS accounting is enabled for 802.1x on this devices.
OBJECT-TYPE    
  TruthValue  

cpaeUserGroupTable 1.3.6.1.4.1.9.9.220.1.5
A table of Group Manager and authenticated users information on the device.
OBJECT-TYPE    
  SEQUENCE OF  
    CpaeUserGroupEntry

cpaeUserGroupEntry 1.3.6.1.4.1.9.9.220.1.5.1
Information about an 802.1x authenticated user on the devices.
OBJECT-TYPE    
  CpaeUserGroupEntry  

cpaeUserGroupName 1.3.6.1.4.1.9.9.220.1.5.1.1
Specifies the name of the group that the user belongs to.
OBJECT-TYPE    
  SnmpAdminString Size(1..100)  

cpaeUserGroupUserIndex 1.3.6.1.4.1.9.9.220.1.5.1.2
The index of an user within a group.
OBJECT-TYPE    
  Unsigned32  

cpaeUserGroupUserName 1.3.6.1.4.1.9.9.220.1.5.1.3
Specifies the name of the user authenticated on a port of the device.
OBJECT-TYPE    
  SnmpAdminString  

cpaeUserGroupUserAddrType 1.3.6.1.4.1.9.9.220.1.5.1.4
Specifies the type of address used to determine the address of the user.
OBJECT-TYPE    
  InetAddressType  

cpaeUserGroupUserAddr 1.3.6.1.4.1.9.9.220.1.5.1.5
Specifies the address of the host that the user logging from.
OBJECT-TYPE    
  InetAddress  

cpaeUserGroupUserInterface 1.3.6.1.4.1.9.9.220.1.5.1.6
Specifies the interface index that the user is authenticated on.
OBJECT-TYPE    
  InterfaceIndex  

cpaeUserGroupUserVlan 1.3.6.1.4.1.9.9.220.1.5.1.7
Specifies the vlan that the user belongs to.
OBJECT-TYPE    
  VlanIndex  

cpaeAuthFailUserTable 1.3.6.1.4.1.9.9.220.1.6
A table to list user information for each port on the system supported by the Port Access Entity and assigned to Auth-Fail Vlan.
OBJECT-TYPE    
  SEQUENCE OF  
    CpaeAuthFailUserEntry

cpaeAuthFailUserEntry 1.3.6.1.4.1.9.9.220.1.6.1
An entry appears in this table for each PAE port on the system which is assigned to Vlan of type 'authFail' via IEEE-802.1x authentication.
OBJECT-TYPE    
  CpaeAuthFailUserEntry  

cpaeAuthFailUserName 1.3.6.1.4.1.9.9.220.1.6.1.1
Indicates the name of the user who failed IEEE-802.1x authentication and hence now assigned to Auth-Fail Vlan. The Auth-Fail Vlan to which the user belongs is determined by the value of object cpaePortAuthFailVlan for this port.
OBJECT-TYPE    
  SnmpAdminString  

cpaeNotificationControl 1.3.6.1.4.1.9.9.220.1.7
OBJECT IDENTIFIER    

cpaeNoGuestVlanNotifEnable 1.3.6.1.4.1.9.9.220.1.7.1
This object specifies whether the system produces the cpaeNoGuestVlanNotif. A 'false' value will prevent cpaeNoGuestVlanNotif from being generated by this system.
OBJECT-TYPE    
  TruthValue  

cpaeNoAuthFailVlanNotifEnable 1.3.6.1.4.1.9.9.220.1.7.2
This object specifies whether the system produces the cpaeNoAuthFailVlanNotif. A 'false' value will prevent cpaeNoAuthFailVlanNotif from being generated by this system.
OBJECT-TYPE    
  TruthValue  

cpaeGuestVlanNotifEnable 1.3.6.1.4.1.9.9.220.1.7.3
This object specifies whether the system produces the cpaeGuestVlanNotif. A 'false' value will prevent cpaeGuestVlanNotif from being generated by this system.
OBJECT-TYPE    
  TruthValue  

cpaeAuthFailVlanNotifEnable 1.3.6.1.4.1.9.9.220.1.7.4
This object specifies whether the system produces the cpaeAuthFailVlanNotif. A 'false' value will prevent cpaeAuthFailVlanNotif from being generated by this system.
OBJECT-TYPE    
  TruthValue  

cpaeMacAuthBypass 1.3.6.1.4.1.9.9.220.1.8
OBJECT IDENTIFIER    

cpaeMacAuthBypassReAuthTimeout 1.3.6.1.4.1.9.9.220.1.8.1
Specifies the waiting time before reauthentication is triggered on all MAC Auth-bypass authenticated ports.
OBJECT-TYPE    
  Unsigned32  

cpaeMacAuthBypassReAuthEnabled 1.3.6.1.4.1.9.9.220.1.8.2
The reauthentication control for all MAC Auth-bypass ports. Setting this object to 'true' causes every MAC Auth-Bypass authenticated port to reauthenticate the device connecting to the port, after every period of time specified by the object cpaeMacAuthBypassReAuthTimeout. Setting this object to 'false' will disable the MAC Auth-Bypass global reauthentication.
OBJECT-TYPE    
  TruthValue  

cpaeMacAuthBypassViolation 1.3.6.1.4.1.9.9.220.1.8.3
Specifies the action upon reception of a security violation event. restrict(1): Packets from MAC address of the device causing security violation will be dropped. shutdown(2): The port that causes security violation will be shutdown.
OBJECT-TYPE    
  INTEGER restrict(1), shutdown(2)  

cpaeMacAuthBypassShutdownTimeout 1.3.6.1.4.1.9.9.220.1.8.4
Specifies time before a port is auto-enabled after being shutdown due to a MAC Auth-bypass security violation.
OBJECT-TYPE    
  Unsigned32  

cpaeMacAuthBypassAuthFailTimeout 1.3.6.1.4.1.9.9.220.1.8.5
Specifies the time a MAC Auth-bypass unauthenticated port waits before trying the authentication process again.
OBJECT-TYPE    
  Unsigned32  

cpaeMacAuthBypassPortTable 1.3.6.1.4.1.9.9.220.1.8.6
A table of MAC Authentication Bypass (MAC Auth-Bypass) configuration and information for ports in the device.
OBJECT-TYPE    
  SEQUENCE OF  
    CpaeMacAuthBypassPortEntry

cpaeMacAuthBypassPortEntry 1.3.6.1.4.1.9.9.220.1.8.6.1
An entry containing management information for MAC Auth-Bypass feature on a port.
OBJECT-TYPE    
  CpaeMacAuthBypassPortEntry  

cpaeMacAuthBypassPortEnabled 1.3.6.1.4.1.9.9.220.1.8.6.1.1
Specifies whether MAC Auth-Bypass is enabled on the port.
OBJECT-TYPE    
  TruthValue  

cpaeMacAuthBypassPortInitialize 1.3.6.1.4.1.9.9.220.1.8.6.1.2
The initialization control for this port. Setting this object to 'true' causes the MAC Auth-bypass state machine to be initialized on the port. Setting this object to 'false' has no effect. This object always returns 'false' when it is read.
OBJECT-TYPE    
  TruthValue  

cpaeMacAuthBypassPortReAuth 1.3.6.1.4.1.9.9.220.1.8.6.1.3
The reauthentication control for this port. Setting this object to 'true' causes the MAC address of the device connecting to the port to be reauthenticated. Setting this object to 'false' has no effect. This object always returns 'false' when it is read.
OBJECT-TYPE    
  TruthValue  

cpaeMacAuthBypassPortMacAddress 1.3.6.1.4.1.9.9.220.1.8.6.1.4
Indicates the MAC address of the device connecting to the port.
OBJECT-TYPE    
  MacAddress  

cpaeMacAuthBypassPortAuthState 1.3.6.1.4.1.9.9.220.1.8.6.1.5
Indicates the current state of the MAC Auth-Bypass state machine. other(1) : An unknown state. waiting(2) : Waiting to receive the MAC address that needs to be authenticated. authenticating(3): In authentication process. authenticated(4) : MAC address of the device connecting to the port is authenticated. fail(5) : MAC Auth-bypass authentication failed. Port waits for a period of time before moving to the 'waiting' state, if there is no other authentication features available in the system. finished(6) : MAC Auth-bypass authentication failed. Port is authenticated by another authentication feature. aaaFail(7) : AAA server is not reachable after sending the authentication request or after the expiration of re-authentication timeout, with IAB (Inaccessible Authentication Bypass) enabled on the port. ipAwaiting(8) : Corresponding QoS/Security ACLs and other Vendor Specific Attributes are being configured on the port, after which IP address will be obtained via DHCP snooping or ARP inspection. policyConfig(9) : Policy Groups or downloaded ACLs are being configured on the port.
OBJECT-TYPE    
  INTEGER other(1), waiting(2), authenticating(3), authenticated(4), fail(5), finished(6), aaaFail(7), ipAwaiting(8), policyConfig(9)  

cpaeMacAuthBypassPortTermAction 1.3.6.1.4.1.9.9.220.1.8.6.1.6
Indicates the termination action received from RADIUS server that will be applied on the port when the current session timeout expired. other : none of the following. init : current session will be terminated and a new authentication process will be initiated. reauth: reauthentication will be applied without terminating the current session.
OBJECT-TYPE    
  INTEGER other(1), init(2), reauth(3)  

cpaeMacAuthBypassSessionTimeLeft 1.3.6.1.4.1.9.9.220.1.8.6.1.7
Indicates the leftover time of the current MAC Auth-Bypass session on this port.
OBJECT-TYPE    
  Unsigned32  

cpaeMacAuthBypassPortAuthMethod 1.3.6.1.4.1.9.9.220.1.8.6.1.8
Specifies the authentication method used by MAC Authentication Bypass. radius(1) : communication with authentication server is performed via RADIUS messages. eap(2) : communication with authentication server is performed via EAP messages.
OBJECT-TYPE    
  INTEGER radius(1), eap(2)  

cpaeMacAuthBypassPortSessionId 1.3.6.1.4.1.9.9.220.1.8.6.1.9
Indicates the session ID of the MAC Auth-Bypass Audit session on the port. A zero length string will be returned for this object if value of the corresponding instance of cpaeMacAuthBypassPortEnabled is 'false'.
OBJECT-TYPE    
  SnmpAdminString  

cpaeMacAuthBypassPortUrlRedirect 1.3.6.1.4.1.9.9.220.1.8.6.1.10
Indicates the URL of an Audit server, provided by AAA server, to which a MAC auth-Bypass host will be redirected to when an Audit session starts off. A zero-length string indicates that the audit process will be performed via port scan instead, or value of the corresponding instance of cpaeMacAuthBypassPortEnabled is 'false'.
OBJECT-TYPE    
  SnmpAdminString  

cpaeMacAuthBypassPortPostureTok 1.3.6.1.4.1.9.9.220.1.8.6.1.11
Indicates the Posture Token assigned to the MAC Auth-Bypass host connected to this port. A zero length string will be returned for this object if value of the corresponding instance of cpaeMacAuthBypassPortEnabled is 'false'.
OBJECT-TYPE    
  CnnEouPostureTokenString Size(0..255)  

cpaeMacAuthBypassAcctEnable 1.3.6.1.4.1.9.9.220.1.8.7
Specifies if accounting is enabled for Mac Authentication Bypass feature on this device.
OBJECT-TYPE    
  TruthValue  

cpaeMabCriticalRecoveryDelay 1.3.6.1.4.1.9.9.220.1.8.8
This object specifies the critical recovery delay time for Mac Authentication Bypass in the system. A value of zero indicates that critical recovery delay for MAC Authentication Bypass is disabled.
OBJECT-TYPE    
  Unsigned32  

cpaeMabPortIpDevTrackConfTable 1.3.6.1.4.1.9.9.220.1.8.9
A table of IP Device Tracking configuration for MAC Auth-Bypass interfaces in the system.
OBJECT-TYPE    
  SEQUENCE OF  
    CpaeMabPortIpDevTrackConfEntry

cpaeMabPortIpDevTrackConfEntry 1.3.6.1.4.1.9.9.220.1.8.9.1
An entry of MAC Auth-Bypass configuration for IP Device Tracking on an MAC Auth-Bypass capable interface.
OBJECT-TYPE    
  CpaeMabPortIpDevTrackConfEntry  

cpaeMabPortIpDevTrackEnabled 1.3.6.1.4.1.9.9.220.1.8.9.1.1
Specifies whether IP Device Tracking is enabled or not on this port for the corresponding MAC Auth-bypass authenticated host.
OBJECT-TYPE    
  TruthValue  

cpaeWebAuth 1.3.6.1.4.1.9.9.220.1.9
OBJECT IDENTIFIER    

cpaeWebAuthEnabled 1.3.6.1.4.1.9.9.220.1.9.1
Specifies whether Web Proxy Authentication is enabled in the system.
OBJECT-TYPE    
  TruthValue  

cpaeWebAuthSessionPeriod 1.3.6.1.4.1.9.9.220.1.9.2
Specifies the Web Proxy Authentication session period for the system. Session period is the time after which an Web Proxy Authenticated session is terminated.
OBJECT-TYPE    
  Unsigned32  

cpaeWebAuthLoginPage 1.3.6.1.4.1.9.9.220.1.9.3
Specifies the customized login page for Web Proxy Authentication, in the format of an URL. A customized login page is required to support the same input fields as the default login page for users to input credentials. If this object contains a zero length string, the default login page will be used.
OBJECT-TYPE    
  CiscoURLString  

cpaeWebAuthLoginFailedPage 1.3.6.1.4.1.9.9.220.1.9.4
Specifies the customized login-failed page for Web Proxy Authentication, in the format of an URL. Login-failed page is sent back to the client upon an authentication failure. A login-failed page requires to have all the input fields of the login page, in addition to the authentication failure information. If this object contains a zero length string, the default login-failed page will be used.
OBJECT-TYPE    
  CiscoURLString  

cpaeWebAuthQuietPeriod 1.3.6.1.4.1.9.9.220.1.9.5
Specifies the time a Web Proxy Authentication state machine will be held in 'blackListed' state after maximum authentication attempts.
OBJECT-TYPE    
  Unsigned32  

cpaeWebAuthMaxRetries 1.3.6.1.4.1.9.9.220.1.9.6
Specifies the maximum number of unsuccessful login attempts a user is allowed to make.
OBJECT-TYPE    
  Unsigned32  

cpaeWebAuthPortTable 1.3.6.1.4.1.9.9.220.1.9.7
A table of Web Proxy Authentication configuration and information for the feature capable ports in the device.
OBJECT-TYPE    
  SEQUENCE OF  
    CpaeWebAuthPortEntry

cpaeWebAuthPortEntry 1.3.6.1.4.1.9.9.220.1.9.7.1
An entry containing management information for Web Proxy Authentication feature on a port.
OBJECT-TYPE    
  CpaeWebAuthPortEntry  

cpaeWebAuthPortEnabled 1.3.6.1.4.1.9.9.220.1.9.7.1.1
Specifies whether Web Proxy Authentication is enabled on the port.
OBJECT-TYPE    
  TruthValue  

cpaeWebAuthPortInitialize 1.3.6.1.4.1.9.9.220.1.9.7.1.2
The initialization control for this port. Setting this object to 'true' causes Web Proxy Authentication state machine to be initialized for all the hosts connecting to the port. Setting this object to 'false' has no effect. This object always returns 'false' when it is read.
OBJECT-TYPE    
  TruthValue  

cpaeWebAuthPortAaaFailPolicy 1.3.6.1.4.1.9.9.220.1.9.7.1.3
Specifies the policy name to be applied on the port when the corresponding cpaeWebAuthHostState is 'aaaFail'. The specified policy name must either be an existing entry in cpgPolicyTable defined in CISCO-POLICY-GROUP-MIB, or an empty string which indicates that there will be no policy name applied on the port when the corresponding cpaeWebAuthHostState is 'aaaFail'.
OBJECT-TYPE    
  CpgPolicyNameOrEmpty  

cpaeWebAuthPortIpDevTrackEnabled 1.3.6.1.4.1.9.9.220.1.9.7.1.4
Specifies whether IP Device Tracking is enabled or not on this port for the corresponding Web Proxy authenticated host.
OBJECT-TYPE    
  TruthValue  

cpaeWebAuthHostTable 1.3.6.1.4.1.9.9.220.1.9.8
A table of Web Proxy Authentication information for hosts currently managed by the feature. An entry is added to the table when a host is detected and Web Proxy Authentication state machine is initiated for the host.
OBJECT-TYPE    
  SEQUENCE OF  
    CpaeWebAuthHostEntry

cpaeWebAuthHostEntry 1.3.6.1.4.1.9.9.220.1.9.8.1
An entry containing management information for Web Proxy Authentication feature on a host.
OBJECT-TYPE    
  CpaeWebAuthHostEntry  

cpaeWebAuthHostAddrType 1.3.6.1.4.1.9.9.220.1.9.8.1.1
Indicates the Internet address type for the host.
OBJECT-TYPE    
  InetAddressType  

cpaeWebAuthHostAddress 1.3.6.1.4.1.9.9.220.1.9.8.1.2
Indicates the Internet address for the host. The type of this address is determined by the value of cpaeWebAuthHostAddrType.
OBJECT-TYPE    
  InetAddress Size(0..64)  

cpaeWebAuthAaaSessionPeriod 1.3.6.1.4.1.9.9.220.1.9.8.1.3
Indicates the session period for a Web Proxy Authenticated session on this host, supplied by the AAA server. If value of this object is none zero, it will take precedence over the period specified by cpaeWebAuthPortSessionPeriod.
OBJECT-TYPE    
  Unsigned32  

cpaeWebAuthHostSessionTimeLeft 1.3.6.1.4.1.9.9.220.1.9.8.1.4
Indicates the leftover time of the current Web Proxy Authenticated session for this host.
OBJECT-TYPE    
  Unsigned32  

cpaeWebAuthHostState 1.3.6.1.4.1.9.9.220.1.9.8.1.5
Indicates the current state of the Web Proxy Authentication state machine. initialize : Initial state of the Web Proxy Authentication state machine. connecting : Login page is sent to the client, waiting for response from the client. authenticating: Credentials are extracted from client's response and authenticating with the AAA server. authenticated : Web Proxy Authentication succeeded. Session timer is started, policies are applied, and success page is sent back to client. authFailed : Web Proxy Authentication failed. Login page is resent with authentication failure information embedded, if retry count has not exceeded the maximum number of retry attempts. Otherwise, move to 'blackListed' state. parseError : Failed to extract user's credentials from the client's response. sessionTimeout: Session timer expired, user's policies are removed, state machine will moves to 'initialize' state after that. blackListed : Web Proxy Authentication retry count has exceeded the maximum number of retry attempts. Only setting the state machine to 'initialize' will take it out of this state. aaaFail : AAA server is not reachable after sending the authentication request, or after host has been in 'blackListed' state for the period of time specified by cpaeWebAuthQuietPeriod, with IAB (Inaccessible Authentication Bypass) enabled on the corresponding port connected to the host.
OBJECT-TYPE    
  INTEGER initialize(1), connecting(2), authenticating(3), authenticated(4), authFailed(5), parseError(6), sessionTimeout(7), blackListed(8), aaaFail(9)  

cpaeWebAuthHostInitialize 1.3.6.1.4.1.9.9.220.1.9.8.1.6
The initialization control for this host. Setting this object to 'true' causes Web Proxy Authentication state machine to be initialized for the host. Setting this object to 'false' has no effect. This object always returns 'false' when it is read.
OBJECT-TYPE    
  TruthValue  

cpaeWebAuthCriticalRecoveryDelay 1.3.6.1.4.1.9.9.220.1.9.9
This object specifies the critical recovery delay time for Web Proxy Authentication in the system. A value of zero indicates that critical recovery delay for Web Proxy Authentication is disabled.
OBJECT-TYPE    
  Unsigned32  

cpaeWebAuthUnAuthStateTimeout 1.3.6.1.4.1.9.9.220.1.9.10
The authentication timeout period for Web Proxy Authentication. Once a host enters 'initialize' state as indicated by its corresponding cpaeWebAuthHostState, such host will be removed if it can not be authenticated within the timeout period.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

cpaeAuthConfigTable 1.3.6.1.4.1.9.9.220.1.10
A table containing the configuration objects for the Authenticator PAE associated with each port. An entry appears in this table for each PAE port that may authenticate access to itself. This table contain additional objects for the dot1xAuthConfigTable.
OBJECT-TYPE    
  SEQUENCE OF  
    CpaeAuthConfigEntry

cpaeAuthConfigEntry 1.3.6.1.4.1.9.9.220.1.10.1
An entry containing additional management information applicable to a particular Authenticator PAE.
OBJECT-TYPE    
  CpaeAuthConfigEntry  

cpaeAuthReAuthPeriodSrcAdmin 1.3.6.1.4.1.9.9.220.1.10.1.1
Specifies the source of the reAuthPeriod constant to be used by the Reauthentication Timer state machine.
OBJECT-TYPE    
  ReAuthPeriodSource  

cpaeAuthReAuthPeriodSrcOper 1.3.6.1.4.1.9.9.220.1.10.1.2
Indicates the source of the reAuthPeriod constant currently in use by the Reauthentication Timer state machine.
OBJECT-TYPE    
  ReAuthPeriodSource  

cpaeAuthReAuthPeriodOper 1.3.6.1.4.1.9.9.220.1.10.1.3
Indicates the operational reauthentication period for this port.
OBJECT-TYPE    
  Unsigned32  

cpaeAuthTimeToNextReAuth 1.3.6.1.4.1.9.9.220.1.10.1.4
Indicates the leftover time of the current session for this port.
OBJECT-TYPE    
  Unsigned32  

cpaeAuthReAuthAction 1.3.6.1.4.1.9.9.220.1.10.1.5
Indicates the reauthentication action for this port. terminate: Session will be terminated, with the corresponding Authenticator PAE state machine transits to 'disconnected'. reAuth : The port will be reauthenticated. noReAuth : The port will not be reauthenticated.
OBJECT-TYPE    
  INTEGER terminate(1), reAuth(2), noReAuth(3)  

cpaeAuthReAuthMax 1.3.6.1.4.1.9.9.220.1.10.1.6
This object specifies the number of reauthentication attempts that are permitted before the port becomes unauthorized. The value of this object is used as the reAuthMax constant by the Authenticator PAE state machine.
OBJECT-TYPE    
  Unsigned32  

cpaeAuthIabEnabled 1.3.6.1.4.1.9.9.220.1.10.1.7
Specifies whether the PAE port is declared as Inaccessible Authentication Bypass (IAB). IAB ports will be granted network access via the administrative configured VLAN if it failed to connect to the Authentication server. The only way to bring an IAB port back to the Backend Authentication state machine is through setting dot1xPaePortInitialize in the corresponding entry in dot1xPaePortTable to 'true'. 802.1x reauthentication will be temporary disabled on an authenticated IAB port if the connection to the Authentication server is broken, and enable again when the connection is resumed.
OBJECT-TYPE    
  TruthValue  

cpaeAuthPaeState 1.3.6.1.4.1.9.9.220.1.10.1.8
Indicates the current value of the Authenticator PAE state machine on the port.
OBJECT-TYPE    
  CpaeAuthState  

cpaeHostInfoTable 1.3.6.1.4.1.9.9.220.1.11
A table containing 802.1x authentication information for hosts connecting to PAE ports in the system.
OBJECT-TYPE    
  SEQUENCE OF  
    CpaeHostInfoEntry

cpaeHostInfoEntry 1.3.6.1.4.1.9.9.220.1.11.1
An entry appears in the table for each 802.1x capable host connecting to an PAE port, providing its authentication information.
OBJECT-TYPE    
  CpaeHostInfoEntry  

cpaeHostInfoHostIndex 1.3.6.1.4.1.9.9.220.1.11.1.1
An arbitrary index assigned by the agent to identify the host.
OBJECT-TYPE    
  Unsigned32  

cpaeHostInfoMacAddress 1.3.6.1.4.1.9.9.220.1.11.1.2
Indicates the Mac Address of the host.
OBJECT-TYPE    
  MacAddress  

cpaeHostInfoPostureToken 1.3.6.1.4.1.9.9.220.1.11.1.3
Indicates the posture token assigned to the host. This object has been obsoleted and replaced by cpaeHostPostureTokenStr.
OBJECT-TYPE    
  CnnEouPostureToken  

cpaeHostInfoUserName 1.3.6.1.4.1.9.9.220.1.11.1.4
Indicates the name of the authenticated user on the host.
OBJECT-TYPE    
  SnmpAdminString  

cpaeHostInfoAddrType 1.3.6.1.4.1.9.9.220.1.11.1.5
Indicates the type of Internet address of the host.
OBJECT-TYPE    
  InetAddressType  

cpaeHostInfoAddr 1.3.6.1.4.1.9.9.220.1.11.1.6
Indicates the Internet address of the host. The type of this address is determined by the value of cpaeHostInfoAddrType object.
OBJECT-TYPE    
  InetAddress  

cpaeHostPostureTokenStr 1.3.6.1.4.1.9.9.220.1.11.1.7
Indicates the posture token assigned to the host.
OBJECT-TYPE    
  CnnEouPostureTokenString  

cpaeHostUrlRedirection 1.3.6.1.4.1.9.9.220.1.11.1.8
Indicates the URL-redirection assigned for this host by AAA server.
OBJECT-TYPE    
  SnmpAdminString  

cpaeHostAuthPaeState 1.3.6.1.4.1.9.9.220.1.11.1.9
Indicates the current value of the Authenticator PAE state machine for the host.
OBJECT-TYPE    
  CpaeAuthState  

cpaeHostBackendState 1.3.6.1.4.1.9.9.220.1.11.1.10
Indicates the current state of the Backend Authentication state machine of the host.
OBJECT-TYPE    
  INTEGER request(1), response(2), success(3), fail(4), timeout(5), idle(6), initialize(7), ignore(8)  

cpaeHostSessionId 1.3.6.1.4.1.9.9.220.1.11.1.11
A unique identifier of the 802.1x session.
OBJECT-TYPE    
  OCTET STRING Size(1..64)  

cpaePortEapolTestLimits 1.3.6.1.4.1.9.9.220.1.12
Indicates the maximum number of entries allowed in cpaePortEapolTestTable.
OBJECT-TYPE    
  Unsigned32  

cpaePortEapolTestTable 1.3.6.1.4.1.9.9.220.1.13
A table for testing EAPOL (Extensible Authentication Protocol Over LAN) capable information of hosts connecting to PAE ports in the device.
OBJECT-TYPE    
  SEQUENCE OF  
    CpaePortEapolTestEntry

cpaePortEapolTestEntry 1.3.6.1.4.1.9.9.220.1.13.1
An entry containing EAPOL capable information for hosts connecting to a PAE port.
OBJECT-TYPE    
  CpaePortEapolTestEntry  

cpaePortEapolTestResult 1.3.6.1.4.1.9.9.220.1.13.1.1
Indicates the test result of whether there is EAPOL supporting host connecting to the port. inProgress: the test is in progress. notCapable: there is no EAPOL supporting host connecting to the port. capable : there is EAPOL supporting host connecting to the port.
OBJECT-TYPE    
  INTEGER inProgress(1), notCapable(2), capable(3)  

cpaePortEapolTestStatus 1.3.6.1.4.1.9.9.220.1.13.1.2
This object is used to manage the creation, and deletion of rows in the table. An entry can be created by setting the instance value of this object to 'createAndGo', and deleted by setting the instance value of this object to 'destroy'.
OBJECT-TYPE    
  RowStatus  

cpaeCriticalConfig 1.3.6.1.4.1.9.9.220.1.14
OBJECT IDENTIFIER    

cpaeCriticalEapolEnabled 1.3.6.1.4.1.9.9.220.1.14.1
Specifies if the device will send an EAPOL-Success message on successful Critical Authentication for a supplicant.
OBJECT-TYPE    
  TruthValue  

cpaeCriticalRecoveryDelay 1.3.6.1.4.1.9.9.220.1.14.2
This object specifies the critical recovery delay time for 802.1x in the system. A value of zero indicates that Critical Authentication recovery delay for 802.1x is disabled.
OBJECT-TYPE    
  Unsigned32  

cpaePortIpDevTrackConfigTable 1.3.6.1.4.1.9.9.220.1.15
A table of IP Device Tracking configuration for PAE ports in the system.
OBJECT-TYPE    
  SEQUENCE OF  
    CpaePortIpDevTrackConfigEntry

cpaePortIpDevTrackConfigEntry 1.3.6.1.4.1.9.9.220.1.15.1
An entry of IP Device Tracking configuration on a PAE port.
OBJECT-TYPE    
  CpaePortIpDevTrackConfigEntry  

cpaePortIpDevTrackEnabled 1.3.6.1.4.1.9.9.220.1.15.1.1
Specifies if IP Device Tracking is enabled on this port for the corresponding 802.1x authenticated host.
OBJECT-TYPE    
  TruthValue  

cpaeGlobalAuthFailMaxAttempts 1.3.6.1.4.1.9.9.220.1.16
A global configuration to specify the maximum number of authentication attempts that should be made before a port is moved into its Auth-Fail VLAN.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

cpaeGlobalSecViolationAction 1.3.6.1.4.1.9.9.220.1.17
A global configuration to specify the action that will be applied to a PAE port upon reception of a security violation event. restrict: Packets from MAC address of the device causing security violation will be dropped. shutdown: The port that causes security violation will be shutdown.
OBJECT-TYPE    
  INTEGER restrict(1), shutdown(2)  

cpaeDot1xSuppToGuestVlanAllowed 1.3.6.1.4.1.9.9.220.1.18
Specifies whether ports associated with 802.1x supplicants are allowed to move to Guest Vlan when they stop responding to EAPOL inquiries.
OBJECT-TYPE    
  TruthValue  

cpaeSupplicantObjects 1.3.6.1.4.1.9.9.220.1.19
OBJECT IDENTIFIER    

cpaeSuppPortTable 1.3.6.1.4.1.9.9.220.1.19.1
A list of objects providing information and configuration for the Supplicant PAE associated with each port. This table provides additional objects for the dot1xSuppConfigTable.
OBJECT-TYPE    
  SEQUENCE OF  
    CpaeSuppPortEntry

cpaeSuppPortEntry 1.3.6.1.4.1.9.9.220.1.19.1.1
An entry containing supplicant configuration information for a particular PAE port.
OBJECT-TYPE    
  CpaeSuppPortEntry  

cpaeSuppPortCredentialProfileName 1.3.6.1.4.1.9.9.220.1.19.1.1.1
Specifies the credentials profile of the Supplicant PAE. A zero length string for this object indicates that the Supplicant PAE does not have credential profile.
OBJECT-TYPE    
  SnmpAdminString  

cpaeSuppPortEapProfileName 1.3.6.1.4.1.9.9.220.1.19.1.1.2
Specifies the EAP profile of the Supplicant PAE. A zero length string for this object indicates that the Supplicant PAE does not have EAP profile.
OBJECT-TYPE    
  SnmpAdminString  

cpaeSuppHostInfoTable 1.3.6.1.4.1.9.9.220.1.19.2
A list of dot1x supplicants in the system.
OBJECT-TYPE    
  SEQUENCE OF  
    CpaeSuppHostInfoEntry

cpaeSuppHostInfoEntry 1.3.6.1.4.1.9.9.220.1.19.2.1
An entry containing dot1x supplicant information for a supplicant on a particular PAE port in the system.
OBJECT-TYPE    
  CpaeSuppHostInfoEntry  

cpaeSuppHostInfoSuppIndex 1.3.6.1.4.1.9.9.220.1.19.2.1.1
An arbitrary index assigned by the agent to identify the supplicant.
OBJECT-TYPE    
  Unsigned32 1..65535  

cpaeSuppHostAuthMacAddress 1.3.6.1.4.1.9.9.220.1.19.2.1.2
Indicates the MAC address of the authenticator, which authenticates the supplicant.
OBJECT-TYPE    
  MacAddress  

cpaeSuppHostPaeState 1.3.6.1.4.1.9.9.220.1.19.2.1.3
Indicates the current state of the Supplicant PAE State machine.
OBJECT-TYPE    
  INTEGER disconnected(1), logoff(2), connecting(3), authenticating(4), authenticated(5), acquired(6), held(7), restart(8), sForceAuth(9), sForceUnauth(10)  

cpaeSuppHostBackendState 1.3.6.1.4.1.9.9.220.1.19.2.1.4
Indicates the current state of the Supplicant Backend state machine.
OBJECT-TYPE    
  INTEGER initialize(1), idle(2), request(3), response(4), receive(5), fail(6), success(7), timeout(8)  

cpaeSuppHostStatus 1.3.6.1.4.1.9.9.220.1.19.2.1.5
Indicates the status of the supplicant.
OBJECT-TYPE    
  PaeControlledPortStatus  

cpaeNoGuestVlanNotif 1.3.6.1.4.1.9.9.220.0.1
A cpaeNoGuestVlanNotif is sent if a non-802.1x supplicant is detected on a PAE port for which the value of corresponding instance of dot1xAuthAuthControlledPortControl is 'auto' and the value of corresponding instance of cpaeGuestVlanNumber is zero.
NOTIFICATION-TYPE    

cpaeNoAuthFailVlanNotif 1.3.6.1.4.1.9.9.220.0.2
A cpaeNoAuthFailVlanNotif is sent if a 802.1x supplicant fails to authenticate on a PAE port for which the value of corresponding instance of dot1xAuthAuthControlledPortControl is 'auto' and the value of corresponding instance of cpaePortAuthFailVlan is zero.
NOTIFICATION-TYPE    

cpaeGuestVlanNotif 1.3.6.1.4.1.9.9.220.0.3
A cpaeGuestVlanNotif is sent if value of the instance of cpaeGuestVlanNotifEnable is set to 'true', and a PAE port is being moved to the VLAN specified by value of the corresponding instance of cpaeGuestVlanNumber.
NOTIFICATION-TYPE    

cpaeAuthFailVlanNotif 1.3.6.1.4.1.9.9.220.0.4
A cpaeAuthFailVlanNotif is sent if value of the instance of cpaeAuthFailVlanNotifEnable is set to 'true', and a PAE port is being moved to the VLAN specified by value of the corresponding instance of cpaePortAuthFailVlan.
NOTIFICATION-TYPE    

cpaeMIBCompliances 1.3.6.1.4.1.9.9.220.2.1
OBJECT IDENTIFIER    

cpaeMIBGroups 1.3.6.1.4.1.9.9.220.2.2
OBJECT IDENTIFIER    

cpaeCompliance 1.3.6.1.4.1.9.9.220.2.1.1
The compliance statement for devices that implement the CISCO-PAE-MIB.
MODULE-COMPLIANCE    

cpaeCompliance2 1.3.6.1.4.1.9.9.220.2.1.2
The compliance statement for devices that implement the CISCO-PAE-MIB.
MODULE-COMPLIANCE    

cpaeCompliance3 1.3.6.1.4.1.9.9.220.2.1.3
The compliance statement for devices that implement the CISCO-PAE-MIB.
MODULE-COMPLIANCE    

cpaeCompliance4 1.3.6.1.4.1.9.9.220.2.1.4
The compliance statement for devices that implement the CISCO-PAE-MIB.
MODULE-COMPLIANCE    

cpaeCompliance5 1.3.6.1.4.1.9.9.220.2.1.5
The compliance statement for devices that implement the CISCO-PAE-MIB.
MODULE-COMPLIANCE    

cpaeCompliance6 1.3.6.1.4.1.9.9.220.2.1.6
The compliance statement for devices that implement the CISCO-PAE-MIB.
MODULE-COMPLIANCE    

cpaeCompliance7 1.3.6.1.4.1.9.9.220.2.1.7
The compliance statement for devices that implement the CISCO-PAE-MIB.
MODULE-COMPLIANCE    

cpaeCompliance8 1.3.6.1.4.1.9.9.220.2.1.8
The compliance statement for devices that implement the CISCO-PAE-MIB.
MODULE-COMPLIANCE    

cpaeCompliance9 1.3.6.1.4.1.9.9.220.2.1.9
The compliance statement for devices that implement the CISCO-PAE-MIB.
MODULE-COMPLIANCE    

cpaeCompliance10 1.3.6.1.4.1.9.9.220.2.1.10
The compliance statement for devices that implement the CISCO-PAE-MIB.
MODULE-COMPLIANCE    

cpaeMultipleHostGroup 1.3.6.1.4.1.9.9.220.2.2.1
A collection of objects that provide the multiple host configuration information for a PAE port. These are additional to the IEEE Std 802.1x PAE MIB.
OBJECT-GROUP    

cpaePortEntryGroup 1.3.6.1.4.1.9.9.220.2.2.2
A collection of objects that provides the port-mode configuration for a PAE port.
OBJECT-GROUP    

cpaeGuestVlanGroup 1.3.6.1.4.1.9.9.220.2.2.3
A collection of objects that provides the Guest Vlan configuration information for the system.
OBJECT-GROUP    

cpaeGuestVlanGroup2 1.3.6.1.4.1.9.9.220.2.2.4
A collection of objects that provides the per-interface Guest Vlan configuration information for the system.
OBJECT-GROUP    

cpaeShutdownTimeoutGroup 1.3.6.1.4.1.9.9.220.2.2.5
A collection of objects that provides the dot1x shutdown timeout configuration information for the system.
OBJECT-GROUP    

cpaeRadiusConfigGroup 1.3.6.1.4.1.9.9.220.2.2.6
A collection of objects that provides the RADIUS configuration information for the system.
OBJECT-GROUP    

cpaeUserGroupGroup 1.3.6.1.4.1.9.9.220.2.2.7
A collection of objects that provides the group manager information of authenticated users in the system.
OBJECT-GROUP    

cpaeGuestVlanGroup3 1.3.6.1.4.1.9.9.220.2.2.8
A collection of objects that provides the per-interface Guest Vlan configuration information for the system.
OBJECT-GROUP    

cpaePortOperVlanGroup 1.3.6.1.4.1.9.9.220.2.2.9
A collection of object(s) that provides the information about Operational Vlan for each PAE port.
OBJECT-GROUP    

cpaePortAuthFailVlanGroup 1.3.6.1.4.1.9.9.220.2.2.10
A collection of object(s) that provides the Auth-Fail (Authentication Fail) Vlan configuration and Auth-Fail user information for the system.
OBJECT-GROUP    

cpaeNoGuestVlanNotifEnableGrp 1.3.6.1.4.1.9.9.220.2.2.11
A collection of object(s) that provides control over Guest Vlan related notification(s).
OBJECT-GROUP    

cpaeNoAuthFailVlanNotifEnableGrp 1.3.6.1.4.1.9.9.220.2.2.12
A collection of object(s) that provides control over Auth-Fail related notification(s).
OBJECT-GROUP    

cpaeNoGuestVlanNotifGroup 1.3.6.1.4.1.9.9.220.2.2.13
A collection of notification(s) providing the information for unconfigured Guest Vlan.
NOTIFICATION-GROUP    

cpaeNoAuthFailVlanNotifGroup 1.3.6.1.4.1.9.9.220.2.2.14
A collection of notifications providing the information for unconfigured Auth-Fail Vlan.
NOTIFICATION-GROUP    

cpaeMacAuthBypassGroup 1.3.6.1.4.1.9.9.220.2.2.15
A collection of object(s) that provides the MAC Auth-Bypass configuration and information for the system.
OBJECT-GROUP    

cpaeWebAuthGroup 1.3.6.1.4.1.9.9.220.2.2.16
A collection of object(s) that provides the Web Proxy Authentication configuration and information for the system.
OBJECT-GROUP    

cpaeAuthConfigGroup 1.3.6.1.4.1.9.9.220.2.2.17
A collection of object(s) that provides additional configuration information about an Authenticator PAE.
OBJECT-GROUP    

cpaeHostInfoGroup 1.3.6.1.4.1.9.9.220.2.2.18
A collection of object(s) that provides information about an host connecting to a PAE port.
OBJECT-GROUP    

cpaeWebAuthAaaFailGroup 1.3.6.1.4.1.9.9.220.2.2.19
A collection of object(s) that provides Inaccessible Authentication Bypass configuration and information for Web Proxy Authentication in the system.
OBJECT-GROUP    

cpaeMacAuthBypassGroup2 1.3.6.1.4.1.9.9.220.2.2.20
A collection of object(s) that provides additional information of MAC Auth-bypass feature in the system.
OBJECT-GROUP    

cpaePortEapolTestGroup 1.3.6.1.4.1.9.9.220.2.2.21
A collection of object(s) that provides information about if connecting hosts are EAPOL capable.
OBJECT-GROUP    

cpaeHostInfoGroup2 1.3.6.1.4.1.9.9.220.2.2.22
A collection of object(s) that provides information about an host connecting to a PAE port.
OBJECT-GROUP    

cpaeMacAuthBypassGroup3 1.3.6.1.4.1.9.9.220.2.2.23
A collection of object(s) that provides configuration for authentication method for MAC Auth-bypass feature in the system.
OBJECT-GROUP    

cpaePortAuthFailVlanGroup2 1.3.6.1.4.1.9.9.220.2.2.24
A collection of object(s) that provides configuration for maximum authentication attempts for Auth-Fail Vlan feature in the system.
OBJECT-GROUP    

cpaeAuthConfigGroup2 1.3.6.1.4.1.9.9.220.2.2.25
A collection of object(s) that provides additional states in the PAE state machine.
OBJECT-GROUP    

cpaeCriticalRecoveryDelayGroup 1.3.6.1.4.1.9.9.220.2.2.26
A collection of object(s) that provides recovery delay configuration for 802.1x Critical Authentication in the system.
OBJECT-GROUP    

cpaeAuthConfigGroup3 1.3.6.1.4.1.9.9.220.2.2.27
A collection of object(s) that provides configuration and information related to re-authentication of 802.1x ports in the system.
OBJECT-GROUP    

cpaeAuthConfigGroup4 1.3.6.1.4.1.9.9.220.2.2.28
A collection of object(s) that provides configuration of maximum reauthentication attempts of 802.1x ports in the system.
OBJECT-GROUP    

cpaeAuthIabConfigGroup 1.3.6.1.4.1.9.9.220.2.2.29
A collection of object(s) to enable/disable IAB feature on capable interface for the system.
OBJECT-GROUP    

cpaeGlobalAuthFailVlanGroup 1.3.6.1.4.1.9.9.220.2.2.30
A collection of object(s) that provides global configuration and information about maximum authentication attempts for Auth-Fail Vlan feature in the system.
OBJECT-GROUP    

cpaeMacAuthBypassCriticalGroup 1.3.6.1.4.1.9.9.220.2.2.31
A collection of object(s) that provides control over critical configuration for Mac Authentication Bypass.
OBJECT-GROUP    

cpaeWebAuthCriticalGroup 1.3.6.1.4.1.9.9.220.2.2.32
A collection of object(s) that provides control over critical configuration for Web Proxy Authentication.
OBJECT-GROUP    

cpaeCriticalEapolConfigGroup 1.3.6.1.4.1.9.9.220.2.2.33
A collection of object(s) that provides EAPOL configuration for 802.1x Critical Authentication in the system.
OBJECT-GROUP    

cpaeHostPostureTokenGroup 1.3.6.1.4.1.9.9.220.2.2.34
A collection of object(s) that provides information about Posture Token of an host connecting to a PAE port.
OBJECT-GROUP    

cpaeMabAuditInfoGroup 1.3.6.1.4.1.9.9.220.2.2.35
A collection of object(s) that provides information about MAC Auth-Bypass Audit sessions.
OBJECT-GROUP    

cpaeMabPortIpDevTrackConfGroup 1.3.6.1.4.1.9.9.220.2.2.36
A collection of object(s) that provides configuration and information about MAC Auth-Bypass IP Device Tracking feature.
OBJECT-GROUP    

cpaePortIpDevTrackConfGroup 1.3.6.1.4.1.9.9.220.2.2.37
A collection of object(s) that provides configuration and information about 802.1x IP Device Tracking feature.
OBJECT-GROUP    

cpaeHostUrlRedirectGroup 1.3.6.1.4.1.9.9.220.2.2.38
A collection of object(s) that provides information about URL-redirection of 802.1x authenticated hosts.
OBJECT-GROUP    

cpaeWebAuthIpDevTrackingGroup 1.3.6.1.4.1.9.9.220.2.2.39
A collection of object(s) that provides configuration and information about Web Proxy Authentication IP Device Tracking feature.
OBJECT-GROUP    

cpaeWebAuthUnAuthTimeoutGroup 1.3.6.1.4.1.9.9.220.2.2.40
A collection of object(s) that provides configuration and information about Init State Timeout of Web Proxy Authentication.
OBJECT-GROUP    

cpaeHostInfoGroup3 1.3.6.1.4.1.9.9.220.2.2.41
A collection of object(s) that provides user and the address information for 802.1x authenticated host.
OBJECT-GROUP    

cpaeGlobalSecViolationGroup 1.3.6.1.4.1.9.9.220.2.2.42
A collection of object(s) that provides global configuration and information about security violation action on PAE ports in the system.
OBJECT-GROUP    

cpaeMacAuthBypassPortEnableGroup 1.3.6.1.4.1.9.9.220.2.2.43
A collection of object(s) to enable/disable Mac Auth-Bypass on capable interfaces for the system.
OBJECT-GROUP    

cpaeMacAuthBypassGroup4 1.3.6.1.4.1.9.9.220.2.2.44
A collection of object(s) that provides the MAC Auth-Bypass configuration and information for the system.
OBJECT-GROUP    

cpaeHostSessionIdGroup 1.3.6.1.4.1.9.9.220.2.2.45
A collection of object(s) that provides session identification information for 802.1x hosts in the system.
OBJECT-GROUP    

cpaeHostAuthInfoGroup 1.3.6.1.4.1.9.9.220.2.2.46
A collection of object(s) that provides state machines and authentication information for 802.1x authenticated hosts in the system.
OBJECT-GROUP    

cpaePortCapabilitiesConfigGroup 1.3.6.1.4.1.9.9.220.2.2.47
A collection of object(s) that provides configuration and information about PAE functionalities of ports in the systems.
OBJECT-GROUP    

cpaeDot1xSuppToGuestVlanGroup 1.3.6.1.4.1.9.9.220.2.2.48
A collection of object(s) that provides configuration that allows moving ports with 802.1x supplicants to Guest Vlan.
OBJECT-GROUP    

cpaeGuestVlanNotifEnableGroup 1.3.6.1.4.1.9.9.220.2.2.49
A collection of object(s) that provides control over Guest Vlan related notification(s).
OBJECT-GROUP    

cpaeGuestVlanNotifGroup 1.3.6.1.4.1.9.9.220.2.2.50
A collection of notifications providing information for Guest Vlan.
NOTIFICATION-GROUP    

cpaeAuthFailVlanNotifEnableGrp 1.3.6.1.4.1.9.9.220.2.2.51
A collection of object(s) that provides control over Auth-Fail Vlan related notification(s).
OBJECT-GROUP    

cpaeAuthFailVlanNotifGroup 1.3.6.1.4.1.9.9.220.2.2.52
A collection of notifications providing information for Auth-Fail Vlan.
NOTIFICATION-GROUP    

cpaePortAuthFailVlanConfigGroup 1.3.6.1.4.1.9.9.220.2.2.53
A collection of object(s) that provides the Auth-Fail (Authentication Fail) Vlan configuration for the system.
OBJECT-GROUP    

cpaePortAuthFailUserInfoGroup 1.3.6.1.4.1.9.9.220.2.2.54
A collection of object(s) that provides the Auth-Fail user information for the system.
OBJECT-GROUP    

cpaeSuppPortProfileGroup 1.3.6.1.4.1.9.9.220.2.2.55
A collection of object(s) that provides Credential and EAP profiles configuration for a Supplicant PAE.
OBJECT-GROUP    

cpaeSuppHostInfoGroup 1.3.6.1.4.1.9.9.220.2.2.56
A collection of object(s) that provides information about supplicants in the system.
OBJECT-GROUP