GB15629dot11-WAPI-MIB

File: GB15629dot11-WAPI-MIB.mib (34488 bytes)

Imported modules

SNMPv2-SMI SNMPv2-TC SNMPv2-CONF
RFC1213-MIB

Imported symbols

MODULE-IDENTITY OBJECT-TYPE Counter32
Unsigned32 Integer32 MacAddress
TruthValue DisplayString MODULE-COMPLIANCE
OBJECT-GROUP ifIndex

Defined Types

Gb15629dot11wapiConfigEntry  
SEQUENCE    
  gb15629dot11wapiConfigVersion Integer32
  gb15629dot11wapiControlledAuthControl TruthValue
  gb15629dot11wapiControlledPortControl INTEGER
  gb15629dot11wapiOptionImplemented TruthValue
  gb15629dot11wapiPreauthenticationImplemented TruthValue
  gb15629dot11wapiEnabled TruthValue
  gb15629dot11wapiPreauthenticationEnabled TruthValue
  gb15629dot11wapiConfigUnicastKeysSupported Unsigned32
  gb15629dot11wapiConfigUnicastRekeyMethod INTEGER
  gb15629dot11wapiConfigUnicastRekeyTime Unsigned32
  gb15629dot11wapiConfigUnicastRekeyPackets Unsigned32
  gb15629dot11wapiConfigMulticastCipher OCTET STRING
  gb15629dot11wapiConfigMulticastRekeyMethod INTEGER
  gb15629dot11wapiConfigMulticastRekeyTime Unsigned32
  gb15629dot11wapiConfigMulticastRekeyPackets Unsigned32
  gb15629dot11wapiConfigMulticastRekeyStrict TruthValue
  gb15629dot11wapiConfigPSKValue OCTET STRING
  gb15629dot11wapiConfigPSKPassPhrase DisplayString
  gb15629dot11wapiConfigCertificateUpdateCount Unsigned32
  gb15629dot11wapiConfigMulticastUpdateCount Unsigned32
  gb15629dot11wapiConfigUnicastUpdateCount Unsigned32
  gb15629dot11wapiConfigMulticastCipherSize Unsigned32
  gb15629dot11wapiConfigBKLifetime Unsigned32
  gb15629dot11wapiConfigBKReauthThreshold Unsigned32
  gb15629dot11wapiConfigSATimeout Unsigned32
  gb15629dot11wapiAuthenticationSuiteSelected OCTET STRING
  gb15629dot11wapiUnicastCipherSelected OCTET STRING
  gb15629dot11wapiMulticastCipherSelected OCTET STRING
  gb15629dot11wapiBKIDUsed OCTET STRING
  gb15629dot11wapiAuthenticationSuiteRequested OCTET STRING
  gb15629dot11wapiUnicastCipherRequested OCTET STRING
  gb15629dot11wapiMulticastCipherRequested OCTET STRING

Gb15629dot11wapiConfigUnicastCiphersEntry  
SEQUENCE    
  gb15629dot11wapiConfigUnicastCipherIndex Unsigned32
  gb15629dot11wapiConfigUnicastCipher OCTET STRING
  gb15629dot11wapiConfigUnicastCipherEnabled TruthValue
  gb15629dot11wapiConfigUnicastCipherSize Unsigned32

Gb15629dot11wapiConfigAuthenticationSuitesEntry  
SEQUENCE    
  gb15629dot11wapiConfigAuthenticationSuiteIndex Unsigned32
  gb15629dot11wapiConfigAuthenticationSuite OCTET STRING
  gb15629dot11wapiConfigAuthenticationSuiteEnabled TruthValue

Gb15629dot11wapiStatsEntry  
SEQUENCE    
  gb15629dot11wapiStatsIndex Unsigned32
  gb15629dot11wapiStatsSTAAddress MacAddress
  gb15629dot11wapiStatsVersion Unsigned32
  gb15629dot11wapiStatsControlledPortStatus TruthValue
  gb15629dot11wapiStatsSelectedUnicastCipher OCTET STRING
  gb15629dot11wapiStatsWPIReplayCounters Counter32
  gb15629dot11wapiStatsWPIDecryptableErrors Counter32
  gb15629dot11wapiStatsWPIMICErrors Counter32
  gb15629dot11wapiStatsWAISignatureErrors Counter32
  gb15629dot11wapiStatsWAIHMACErrors Counter32
  gb15629dot11wapiStatsWAIAuthenticationResultFailures Counter32
  gb15629dot11wapiStatsWAIDiscardCounters Counter32
  gb15629dot11wapiStatsWAITimeoutCounters Counter32
  gb15629dot11wapiStatsWAIFormatErrors Counter32
  gb15629dot11wapiStatsWAICertificateHandshakeFailures Counter32
  gb15629dot11wapiStatsWAIUnicastHandshakeFailures Counter32
  gb15629dot11wapiStatsWAIMulticastHandshakeFailures Counter32

Defined Values

gb15629dot11wapiMIB 1.2.156.11235.15629.11.1.1
Manage WAPI module.
MODULE-IDENTITY    

member-body 1.2
OBJECT IDENTIFIER    

cn 1.2.156
OBJECT IDENTIFIER    

bwips 1.2.156.11235
OBJECT IDENTIFIER    

gb15629 1.2.156.11235.15629
OBJECT IDENTIFIER    

gb15629-11 1.2.156.11235.15629.11
OBJECT IDENTIFIER    

gb15629-11-mibs 1.2.156.11235.15629.11.1
OBJECT IDENTIFIER    

wapiMIBObjects 1.2.156.11235.15629.11.1.1.1
OBJECT IDENTIFIER    

gb15629dot11wapiConfigTable 1.2.156.11235.15629.11.1.1.1.1
The table containing WAPI configuration objects.
OBJECT-TYPE    
  SEQUENCE OF  
    Gb15629dot11wapiConfigEntry

gb15629dot11wapiConfigEntry 1.2.156.11235.15629.11.1.1.1.1.1
An entry in the gb15629dot11wapiConfigTable.
OBJECT-TYPE    
  Gb15629dot11wapiConfigEntry  

gb15629dot11wapiConfigVersion 1.2.156.11235.15629.11.1.1.1.1.1.1
The highest WAPI version this entity supports.
OBJECT-TYPE    
  Integer32  

gb15629dot11wapiControlledAuthControl 1.2.156.11235.15629.11.1.1.1.1.1.2
This object indicates whether the entity enables authentication. When the value is FALSE, it shall indicate that authentication is not enabled on this entity, and the status of the controlled port is 'authenticated'. When the value is TURE, it shall indicate that authentication is enabled, and the status of controlled port is decided by gb15629dot11wapiControlledPortControl.
OBJECT-TYPE    
  TruthValue  

gb15629dot11wapiControlledPortControl 1.2.156.11235.15629.11.1.1.1.1.1.3
This object indicates the controlling type of the entity's port. This object is available when gb15629dot11wapiControlledAuthControl is TURE. When the value is zero, it means 'automatic', and the status of the controlled port is decided by authentication result. When the value is one, it means 'forcible unauthenticated', and the status of the controlled port is 'unauthenticated'.
OBJECT-TYPE    
  INTEGER  

gb15629dot11wapiOptionImplemented 1.2.156.11235.15629.11.1.1.1.1.1.4
This object indicates whether the entity support WAPI. When the value is TURE, it shall indicate that the entity support WAPI. Otherwise, it shall indicate that the entity doesn't support WAPI.
OBJECT-TYPE    
  TruthValue  

gb15629dot11wapiPreauthenticationImplemented 1.2.156.11235.15629.11.1.1.1.1.1.5
This object indicates whether the entity support WAPI preauthentication. This object can't be set to TURE, unless gb15629dot11wapiOptionImplemented is TURE.
OBJECT-TYPE    
  TruthValue  

gb15629dot11wapiEnabled 1.2.156.11235.15629.11.1.1.1.1.1.6
When this object is set to TRUE, it shall indicate that WAPI is enabled on this entity. The entity will advertise the WAPI information element in its beacon and probe response frames.
OBJECT-TYPE    
  TruthValue  

gb15629dot11wapiPreauthenticationEnabled 1.2.156.11235.15629.11.1.1.1.1.1.7
When this object is set to TRUE, it shall indicate that WAPI preauthentication is enabled on this entity. Otherwise, it shall indicate that WAPI preauthentication is disabled on this entity. This object requires that gb15629dot11WAPIEnabled also be set to TRUE.
OBJECT-TYPE    
  TruthValue  

gb15629dot11wapiConfigUnicastKeysSupported 1.2.156.11235.15629.11.1.1.1.1.1.8
This object indicates how many unicast keys the entity supports for WAPI.
OBJECT-TYPE    
  Unsigned32  

gb15629dot11wapiConfigUnicastRekeyMethod 1.2.156.11235.15629.11.1.1.1.1.1.9
This object selects a mechanism for rekeying the WAPI USK. The default is time-based, once per day. Rekeying the USK is only applicable to an entity acting as a role of AE or ASUE.
OBJECT-TYPE    
  INTEGER disabled(1), timeBased(2), packetBased(3), timepacket-Based(4)  

gb15629dot11wapiConfigUnicastRekeyTime 1.2.156.11235.15629.11.1.1.1.1.1.10
The time in seconds after which the WAPI USK shall be refreshed. The timer shall start at the moment the USK was set using the MLME-SETWPIKEYS request primitive.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

gb15629dot11wapiConfigUnicastRekeyPackets 1.2.156.11235.15629.11.1.1.1.1.1.11
A packet count (in 1000s of packets) after which the WAPI USK shall be refreshed. The packet counter shall start at the moment the USK was set using the MLME-SETKEYS request primitive and it shall count all packets encrypted using the current USK.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

gb15629dot11wapiConfigMulticastCipher 1.2.156.11235.15629.11.1.1.1.1.1.12
This object indicates the multicast cipher suite selector the entity must use. The multicast cipher suite in the WAPI information element shall take its value from this variable. It consists of an OUI (the first 3 octets) and a cipher suite identifier (the last octet).
OBJECT-TYPE    
  OCTET STRING Size(4)  

gb15629dot11wapiConfigMulticastRekeyMethod 1.2.156.11235.15629.11.1.1.1.1.1.13
This object selects a mechanism for rekeying the WAPI MSK. The default is time-based, once per day. Rekeying the MSK is only applicable to an entity acting as a role of AE or ASUE.
OBJECT-TYPE    
  INTEGER disabled(1), timeBased(2), packetBased(3), timepacket-Based(4)  

gb15629dot11wapiConfigMulticastRekeyTime 1.2.156.11235.15629.11.1.1.1.1.1.14
The time in seconds after which the WAPI MSK shall be refreshed. The timer shall start at the moment the MSK was set using the MLME-SETWPIKEYS request primitive.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

gb15629dot11wapiConfigMulticastRekeyPackets 1.2.156.11235.15629.11.1.1.1.1.1.15
A packet count (in 1000s of packets) after which the WAPI MSK shall be refreshed. The packet counter shall start at the moment the MSK was set using the MLME-SETKEYS request primitive and it shall count all packets encrypted using the current MSK.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

gb15629dot11wapiConfigMulticastRekeyStrict 1.2.156.11235.15629.11.1.1.1.1.1.16
This object signals that the MSK shall be refreshed whenever a STA leaves the BSS that possesses the MSK.
OBJECT-TYPE    
  TruthValue  

gb15629dot11wapiConfigPSKValue 1.2.156.11235.15629.11.1.1.1.1.1.17
The PSK value when WAPI in PSK mode is the selected AKM suite. In that case, the BK will obtain its value from this object. This object is logically write-only. Reading this variable shall return unsuccessful status or null or zero.
OBJECT-TYPE    
  OCTET STRING Size(32)  

gb15629dot11wapiConfigPSKPassPhrase 1.2.156.11235.15629.11.1.1.1.1.1.18
The PSK value when WAPI in PSK mode is the selected AKM suite, is configured by gb15629dot11wapiConfigPSKValue. An alternative manner of setting the PSK uses the password-to-key algorithm. This variable provides a means to enter a pass-phrase. When this object is written, the WAPI entity shall use the password-to-key algorithm to derive a preshared and populate gb15629dot11wapiConfigPSKValue with this key. This object is logically write-only. Reading this variable shall return unsuccessful status or null or zero.
OBJECT-TYPE    
  DisplayString  

gb15629dot11wapiConfigCertificateUpdateCount 1.2.156.11235.15629.11.1.1.1.1.1.19
The number of times message in the WAPI certificate authenticating handshake will be retried per certificate authenticating handshake attempt.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

gb15629dot11wapiConfigMulticastUpdateCount 1.2.156.11235.15629.11.1.1.1.1.1.20
The number of times message in the WAPI multicast key handshake will be retried per MSK handshake attempt.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

gb15629dot11wapiConfigUnicastUpdateCount 1.2.156.11235.15629.11.1.1.1.1.1.21
The number of times message in the WAPI unicast key handshake will be retried per 3-way handshake attempt.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

gb15629dot11wapiConfigMulticastCipherSize 1.2.156.11235.15629.11.1.1.1.1.1.22
This object indicates the length in bits of the multicast cipher key. This should be 256 for SMS4. first 128 bits for encrypting, last 128 bits for integrity checking.
OBJECT-TYPE    
  Unsigned32 0..4294967295  

gb15629dot11wapiConfigBKLifetime 1.2.156.11235.15629.11.1.1.1.1.1.23
The maximum lifetime of a BK in the BK cache.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

gb15629dot11wapiConfigBKReauthThreshold 1.2.156.11235.15629.11.1.1.1.1.1.24
The percentage of the BK lifetime that should expire before an reauthentication occurs.
OBJECT-TYPE    
  Unsigned32 1..100  

gb15629dot11wapiConfigSATimeout 1.2.156.11235.15629.11.1.1.1.1.1.25
The maximum time a security association shall take to set up.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

gb15629dot11wapiAuthenticationSuiteSelected 1.2.156.11235.15629.11.1.1.1.1.1.26
The selector of the last AKM suite negotiated.
OBJECT-TYPE    
  OCTET STRING Size(4)  

gb15629dot11wapiUnicastCipherSelected 1.2.156.11235.15629.11.1.1.1.1.1.27
The selector of the last unicast cipher negotiated.
OBJECT-TYPE    
  OCTET STRING Size(4)  

gb15629dot11wapiMulticastCipherSelected 1.2.156.11235.15629.11.1.1.1.1.1.28
The selector of the last multicast cipher negotiated.
OBJECT-TYPE    
  OCTET STRING Size(4)  

gb15629dot11wapiBKIDUsed 1.2.156.11235.15629.11.1.1.1.1.1.29
The selector of the last BKID used in the last unicast cipher key handshake.
OBJECT-TYPE    
  OCTET STRING Size(16)  

gb15629dot11wapiAuthenticationSuiteRequested 1.2.156.11235.15629.11.1.1.1.1.1.30
The selector of the last AKM suite requested.
OBJECT-TYPE    
  OCTET STRING Size(4)  

gb15629dot11wapiUnicastCipherRequested 1.2.156.11235.15629.11.1.1.1.1.1.31
The selector of the last unicast cipher requested.
OBJECT-TYPE    
  OCTET STRING Size(4)  

gb15629dot11wapiMulticastCipherRequested 1.2.156.11235.15629.11.1.1.1.1.1.32
The selector of the last multicast cipher requested.
OBJECT-TYPE    
  OCTET STRING Size(4)  

gb15629dot11wapiConfigUnicastCiphersTable 1.2.156.11235.15629.11.1.1.1.2
This table lists the unicast ciphers supported by this entity. It allows enabling and disabling of each unicast cipher by network management. The unicast cipher suite list in the WAPI information element is formed using the information in this table.
OBJECT-TYPE    
  SEQUENCE OF  
    Gb15629dot11wapiConfigUnicastCiphersEntry

gb15629dot11wapiConfigUnicastCiphersEntry 1.2.156.11235.15629.11.1.1.1.2.1
The table entry, indexed by the interface index (or all interfaces) and the unicast cipher.
OBJECT-TYPE    
  Gb15629dot11wapiConfigUnicastCiphersEntry  

gb15629dot11wapiConfigUnicastCipherIndex 1.2.156.11235.15629.11.1.1.1.2.1.1
The auxiliary index into the gb15629dot11wapiConfigUnicastCiphersTable.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

gb15629dot11wapiConfigUnicastCipher 1.2.156.11235.15629.11.1.1.1.2.1.2
The selector of a supported unicast cipher. It consists of an OUI(the first 3 octets) and a cipher suite identifier (the last octet).
OBJECT-TYPE    
  OCTET STRING Size(4)  

gb15629dot11wapiConfigUnicastCipherEnabled 1.2.156.11235.15629.11.1.1.1.2.1.3
This object enables or disables the unicast cipher.
OBJECT-TYPE    
  TruthValue  

gb15629dot11wapiConfigUnicastCipherSize 1.2.156.11235.15629.11.1.1.1.2.1.4
This object indicates the length in bits of the unicast cipher key. This should be 256 for SMS4, first 128 bits for encrypting, last 128 bits for integrity checking.
OBJECT-TYPE    
  Unsigned32 0..4294967295  

gb15629dot11wapiConfigAuthenticationSuitesTable 1.2.156.11235.15629.11.1.1.1.3
This table lists the AKM suites supported by this entity. Each AKM suite can be individually enabled and disabled. The AKM suite list in the WAPI information element is formed using the information in this table.
OBJECT-TYPE    
  SEQUENCE OF  
    Gb15629dot11wapiConfigAuthenticationSuitesEntry

gb15629dot11wapiConfigAuthenticationSuitesEntry 1.2.156.11235.15629.11.1.1.1.3.1
An entry (row) in the gb15629dot11wapiConfigAuthenticationSuitesTable.
OBJECT-TYPE    
  Gb15629dot11wapiConfigAuthenticationSuitesEntry  

gb15629dot11wapiConfigAuthenticationSuiteIndex 1.2.156.11235.15629.11.1.1.1.3.1.1
The auxiliary variable used as an index into the gb15629dot11wapiConfigAuthenticationSuitesTable.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

gb15629dot11wapiConfigAuthenticationSuite 1.2.156.11235.15629.11.1.1.1.3.1.2
The selector of an AKM suite. It consists of an OUI (the first 3 octets) and a cipher suite identifier (the last octet).
OBJECT-TYPE    
  OCTET STRING Size(4)  

gb15629dot11wapiConfigAuthenticationSuiteEnabled 1.2.156.11235.15629.11.1.1.1.3.1.3
This variable indicates the corresponding AKM suite is enabled or disabled.
OBJECT-TYPE    
  TruthValue  

gb15629dot11wapiStatsTable 1.2.156.11235.15629.11.1.1.1.4
This table maintains per-STA statistics in an WAPI. The entry with gb15629dot11wapiStatsSTAAddress set to FF-FF-FF-FF-FF-FF shall contain statistics for broadcast/multicast traffic.
OBJECT-TYPE    
  SEQUENCE OF  
    Gb15629dot11wapiStatsEntry

gb15629dot11wapiStatsEntry 1.2.156.11235.15629.11.1.1.1.4.1
An entry in the gb15629dot11wapiStatsTable.
OBJECT-TYPE    
  Gb15629dot11wapiStatsEntry  

gb15629dot11wapiStatsIndex 1.2.156.11235.15629.11.1.1.1.4.1.1
An auxiliary index into the gb15629dot11wapiStatsTable.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

gb15629dot11wapiStatsSTAAddress 1.2.156.11235.15629.11.1.1.1.4.1.2
The MAC address of the STA to which the statistics in this conceptual row belong.
OBJECT-TYPE    
  MacAddress  

gb15629dot11wapiStatsVersion 1.2.156.11235.15629.11.1.1.1.4.1.3
The WAPI version with which the STA associated.
OBJECT-TYPE    
  Unsigned32 1..4294967295  

gb15629dot11wapiStatsControlledPortStatus 1.2.156.11235.15629.11.1.1.1.4.1.4
This object indicates the status of the authentication entity's controlled port. When the value is TURE, it means 'authenticated'. Otherwise, it means 'unauthenticated'.
OBJECT-TYPE    
  TruthValue  

gb15629dot11wapiStatsSelectedUnicastCipher 1.2.156.11235.15629.11.1.1.1.4.1.5
The unicast cipher suite selector used during association.
OBJECT-TYPE    
  OCTET STRING Size(4)  

gb15629dot11wapiStatsWPIReplayCounters 1.2.156.11235.15629.11.1.1.1.4.1.6
The number of WPI MPDUs discarded by the replay mechanism.
OBJECT-TYPE    
  Counter32  

gb15629dot11wapiStatsWPIDecryptableErrors 1.2.156.11235.15629.11.1.1.1.4.1.7
The number of WPI MPDUs discarded because of unavailable cipher key when WPI-SMS4 decrypting.
OBJECT-TYPE    
  Counter32  

gb15629dot11wapiStatsWPIMICErrors 1.2.156.11235.15629.11.1.1.1.4.1.8
The number of WPI MPDUs discarded because of MIC checking failure when WPI-SMS4 decrypting.
OBJECT-TYPE    
  Counter32  

gb15629dot11wapiStatsWAISignatureErrors 1.2.156.11235.15629.11.1.1.1.4.1.9
This counter increases when the received WAI packets' signature is wrong.
OBJECT-TYPE    
  Counter32  

gb15629dot11wapiStatsWAIHMACErrors 1.2.156.11235.15629.11.1.1.1.4.1.10
This counter increases when the received WAI packets' message authentication key checking error occurs.
OBJECT-TYPE    
  Counter32  

gb15629dot11wapiStatsWAIAuthenticationResultFailures 1.2.156.11235.15629.11.1.1.1.4.1.11
This counter increases when the WAI authentication result is unsuccessful.
OBJECT-TYPE    
  Counter32  

gb15629dot11wapiStatsWAIDiscardCounters 1.2.156.11235.15629.11.1.1.1.4.1.12
This counter increases when the received WAI packet is discarded.
OBJECT-TYPE    
  Counter32  

gb15629dot11wapiStatsWAITimeoutCounters 1.2.156.11235.15629.11.1.1.1.4.1.13
This counter increases when the WAI packet overtime is detected.
OBJECT-TYPE    
  Counter32  

gb15629dot11wapiStatsWAIFormatErrors 1.2.156.11235.15629.11.1.1.1.4.1.14
This counter increases when the WAI packets' format error occurs
OBJECT-TYPE    
  Counter32  

gb15629dot11wapiStatsWAICertificateHandshakeFailures 1.2.156.11235.15629.11.1.1.1.4.1.15
This counter increases when the WAI certificate authenticates unsuccessfully.
OBJECT-TYPE    
  Counter32  

gb15629dot11wapiStatsWAIUnicastHandshakeFailures 1.2.156.11235.15629.11.1.1.1.4.1.16
This counter increases when the WAI unicast cipher key negotiates unsuccessfully.
OBJECT-TYPE    
  Counter32  

gb15629dot11wapiStatsWAIMulticastHandshakeFailures 1.2.156.11235.15629.11.1.1.1.4.1.17
This counter increases when the WAI multicast cipher key announces unsuccessfully.
OBJECT-TYPE    
  Counter32  

wapiMIBConformance 1.2.156.11235.15629.11.1.1.2
OBJECT IDENTIFIER    

gb15629dot11wapiGroups 1.2.156.11235.15629.11.1.1.2.1
OBJECT IDENTIFIER    

gb15629wapiCompliances 1.2.156.11235.15629.11.1.1.2.2
OBJECT IDENTIFIER    

gb15629dot11wapiBase 1.2.156.11235.15629.11.1.1.2.1.1
The gb15629dot11wapiBase object class provides the necessary support for managing WAPI functionality in the STA.
OBJECT-GROUP    

gb15629dot11wapiBKcachingGroup 1.2.156.11235.15629.11.1.1.2.1.2
The gb15629dot11wapiBKcachingGroup object class provides the necessary support for managing BK caching functionality in the STA
OBJECT-GROUP    

gb15629dot11wapiCompliance 1.2.156.11235.15629.11.1.1.2.2.1
The compliance statement for SNMPv2 entities that implement the WAPI MIB.
MODULE-COMPLIANCE