HP-USER-AUTH

File: HP-USER-AUTH.mib (76476 bytes)

Imported modules

HP-ICF-OID IF-MIB Q-BRIDGE-MIB
SNMP-FRAMEWORK-MIB SNMPv2-CONF SNMPv2-SMI
SNMPv2-TC INET-ADDRESS-MIB

Imported symbols

hpSwitch InterfaceIndex VlanIndex
SnmpAdminString OBJECT-GROUP MODULE-COMPLIANCE
NOTIFICATION-GROUP IpAddress Integer32
Unsigned32 OBJECT-TYPE Counter32
MODULE-IDENTITY NOTIFICATION-TYPE TruthValue
MacAddress RowStatus InetAddressType
InetAddress

Defined Types

HpicfUsrAuthWMAEWAServerEntry  
SEQUENCE    
  hpicfUsrAuthWMAeWAServerIndex Integer32
  hpicfUsrAuthWMAeWAServerIPAddressType InetAddressType
  hpicfUsrAuthWMAeWAServerIPAddress InetAddress
  hpicfUsrAuthWMAeWAServerPath STRING
  hpicfUsrAUthWMAeWAServerRowStatus RowStatus

HpicfUsrAuthRedirectServerEntry  
SEQUENCE    
  hpicfUsrAuthRedirectServerIndex Integer32
  hpicfUsrAuthRedirectServerURL STRING
  hpicfUsrAuthRedirectServerRowStatus RowStatus

HpicfUsrAuthClientReauthenticateEntry  
SEQUENCE    
  hpicfUsrAuthClientReauthenticateInterfaceIndex InterfaceIndex
  hpicfUsrAuthClientReauthenticateMacAddress MacAddress
  hpicfUsrAuthClientReauthenticate TruthValue

HpicfUsrAuthPortEntry  
SEQUENCE    
  hpicfUsrAuthPortNumber InterfaceIndex
  hpicfUsrAuthWebAuthAdminStatus TruthValue
  hpicfUsrAuthMacAuthAdminStatus TruthValue
  hpicfUsrAuthPortReauthenticate TruthValue

HpicfUsrAuthWebAuthConfigEntry  
SEQUENCE    
  hpicfUsrAuthWebAuthClientLimit Integer32
  hpicfUsrAuthWebAuthClientMoves INTEGER
  hpicfUsrAuthWebAuthSSLState INTEGER
  hpicfUsrAuthWebAuthRedirectUrl STRING
  hpicfUsrAuthWebAuthQuietPeriod Integer32
  hpicfUsrAuthWebAuthServerTimeout Integer32
  hpicfUsrAuthWebAuthServerMaxReq Integer32
  hpicfUsrAuthWebAuthMaxRetries Integer32
  hpicfUsrAuthWebAuthLogoffPeriod Integer32
  hpicfUsrAuthWebAuthReAuthPeriod Integer32
  hpicfUsrAuthWebAuthAuthVid VlanIndex
  hpicfUsrAuthWebAuthUnauthVid VlanIndex
  hpicfUsrAuthWebAuthCacheCredentials INTEGER
  hpicfUsrAuthWebAuthCachedReauthPeriod Unsigned32

HpicfUsrAuthWebAuthClientReauthenticateEntry  
SEQUENCE    
  hpicfUsrAuthWebAuthClientReauthenticateInterfaceIndex InterfaceIndex
  hpicfUsrAuthWebAuthClientReauthenticateMacAddress MacAddress
  hpicfUsrAuthWebAuthClientReauthenticate TruthValue

HpicfUsrAuthMacAuthConfigEntry  
SEQUENCE    
  hpicfUsrAuthMacAuthClientLimit Integer32
  hpicfUsrAuthMacAuthClientMoves INTEGER
  hpicfUsrAuthMacAuthQuietPeriod Integer32
  hpicfUsrAuthMacAuthServerTimeout Integer32
  hpicfUsrAuthMacAuthServerMaxReq Integer32
  hpicfUsrAuthMacAuthLogoffPeriod Integer32
  hpicfUsrAuthMacAuthReAuthPeriod Integer32
  hpicfUsrAuthMacAuthAuthVid VlanIndex
  hpicfUsrAuthMacAuthUnauthVid VlanIndex
  hpicfUsrAuthMacAuthCachedReauthPeriod Unsigned32
  hpicfUsrAuthMacAuthUnAuthPeriod Integer32

HpicfUsrAuthMacAuthClientReauthenticateEntry  
SEQUENCE    
  hpicfUsrAuthMacAuthClientReauthenticateInterfaceIndex InterfaceIndex
  hpicfUsrAuthMacAuthClientReauthenticateMacAddress MacAddress
  hpicfUsrAuthMacAuthClientReauthenticate TruthValue

HpicfUsrAuthWebAuthSessionStatsEntry  
SEQUENCE    
  hpicfUsrAuthWebAuthSessionMacAddr MacAddress
  hpicfUsrAuthWebAuthSessionName SnmpAdminString
  hpicfUsrAuthWebAuthSessionState INTEGER
  hpicfUsrAuthWebAuthSessionStateTime Unsigned32
  hpicfUsrAuthWebAuthSessionAuthVid VlanIndex
  hpicfUsrAuthWebAuthSessionUnauthVid VlanIndex
  hpicfUsrAuthWebAuthSessionTimeout Unsigned32

HpicfUsrAuthMacAuthSessionStatsEntry  
SEQUENCE    
  hpicfUsrAuthMacAuthSessionMacAddr MacAddress
  hpicfUsrAuthMacAuthSessionState INTEGER
  hpicfUsrAuthMacAuthSessionStateTime Unsigned32
  hpicfUsrAuthMacAuthSessionAuthVid VlanIndex
  hpicfUsrAuthMacAuthSessionUnauthVid VlanIndex
  hpicfUsrAuthMacAuthSessionTimeout Unsigned32

Defined Values

hpicfUsrAuthMIB 1.3.6.1.4.1.11.2.14.11.5.1.19
This MIB module contains the definitions of Managed Objects for various subsystems that perform user authentication. The subsystems under control by this MIB are: 'WebAuth' - Web-based login authentication 'MacAuth' - MAC address-based authentication 'CLI Password' - CLI-based login authentication
MODULE-IDENTITY    

hpicfUsrAuthNotifications 1.3.6.1.4.1.11.2.14.11.5.1.19.0
OBJECT IDENTIFIER    

hpicfUsrAuthCLIAuthFail 1.3.6.1.4.1.11.2.14.11.5.1.19.0.1
An hpicfUsrAuthCLIPasswd notification signifies that CLI password authentication has failed. Operational control of this notification is provided using hpicfUsrAuthCliNotifyEnable.
NOTIFICATION-TYPE    

hpicfUsrAuthPasswdChng 1.3.6.1.4.1.11.2.14.11.5.1.19.0.2
An hpicfUsrAuthPasswdChng notification signifies that the manager password has been changed. The value of hpicfUsrAuthCLIPasswdSet can be used to determine whether the password has been set or cleared by this action.
NOTIFICATION-TYPE    

hpicfPortSecAuthFailure 1.3.6.1.4.1.11.2.14.11.5.1.19.0.3
This notification indicates a failed Port Security (network access) authentication event.
NOTIFICATION-TYPE    

hpicfUsrAuthSystem 1.3.6.1.4.1.11.2.14.11.5.1.19.1
OBJECT IDENTIFIER    

hpicfUsrAuthWebAuthDhcpBaseAddress 1.3.6.1.4.1.11.2.14.11.5.1.19.1.1
For all ports running with web authentication enabled: Specifies the base address that should be used by the switch DHCP server for web-based authentication purposes.
OBJECT-TYPE    
  IpAddress  

hpicfUsrAuthWebAuthDhcpMask 1.3.6.1.4.1.11.2.14.11.5.1.19.1.2
For all ports running with web authentication enabled: Specifies the subnet mask to be used in conjunction with the DHCP base address when servicing DHCP requests. Allowable mask range is 255.255.240.0 (20) to 255.255.255.0 (24).
OBJECT-TYPE    
  IpAddress  

hpicfUsrAuthWebAuthDhcpLease 1.3.6.1.4.1.11.2.14.11.5.1.19.1.3
For all ports running with web authentication enabled: Specifies the DHCP lease length in seconds.
OBJECT-TYPE    
  Integer32 1..30  

hpicfUsrAuthMacAuthAddrFormat 1.3.6.1.4.1.11.2.14.11.5.1.19.1.4
For all ports running with MAC authentication enabled: Specifies the MAC address format to use in the RADIUS access-request, as follows: 'noDelimiter' - Sends MAC address in aabbccddeeff format 'singleDash' - Sends MAC address in aabbcc-ddeeff format 'multiDash' - Sends MAC address in aa-bb-cc-dd-ee-ff format 'multiColon' - Sends MAC address in aa:bb:cc:dd:ee:ff format 'noDelimiterUppercase' - Sends MAC address in AABBCCDDEEFF format 'singleDashUppercase' - Sends MAC address in AABBCC-DDEEFF format 'multiDashUppercase' - Sends MAC address in AA-BB-CC-DD-EE-FF format 'multiColonUppercase' - Sends MAC address in AA:BB:CC:DD:EE:FF format The default value is noDelimiter(1).
OBJECT-TYPE    
  INTEGER noDelimiter(1), singleDash(2), multiDash(3), multiColon(4), noDelimiterUppercase(5), singleDashUppercase(6), multiDashUppercase(7), multiColonUppercase(8)  

hpicfUsrAuthCliNotifyEnable 1.3.6.1.4.1.11.2.14.11.5.1.19.1.5
The operational status of hpicfUsrAuthCliAuthFail notifications. The default value is 1 (Enabled). A value of 2 represents Disabled. Writing this object requires authentication, such as provided by SNMPv3.
OBJECT-TYPE    
  INTEGER enabled(1), disabled(2)  

hpicfUsrAuthCLIInterface 1.3.6.1.4.1.11.2.14.11.5.1.19.1.6
Denotes the interface that is generating the notification.
OBJECT-TYPE    
  INTEGER serial(1), telnet(2), ssh(3), other(9)  

hpicfUsrAuthCLIPasswdSet 1.3.6.1.4.1.11.2.14.11.5.1.19.1.7
Indicates whether the CLI manager password is set. 1 indicates True while 2 indicates False.
OBJECT-TYPE    
  TruthValue  

hpicfUsrAuthCLIFailCnt 1.3.6.1.4.1.11.2.14.11.5.1.19.1.8
The count of hpicfUsrAuthPasswdFail notifications sent by the hpicfUsrAuth entity to the SNMP entity. The actual count of notifications sent by SNMP may be lower due to rate limiting or configuration.
OBJECT-TYPE    
  Integer32  

hpicfUsrAuthCLIPwdNotifyCnt 1.3.6.1.4.1.11.2.14.11.5.1.19.1.9
A count of CLI password change notifications sent from the Auth entity to the SNMP entity within the switch. This count may therefore differ from the count of notifications actually sent by the SNMP entity due to switch configuration (e.g., the value of hpicfUsrAuthNotifyEnable.)
OBJECT-TYPE    
  Unsigned32  

hpicfUsrAuthWMAFailCnt 1.3.6.1.4.1.11.2.14.11.5.1.19.1.10
The count of hpicfPortSecAuthFailure notifications sent by the hpicfUsrAuth entity to the SNMP entity. The actual count of notifications sent by SNMP may be lower due to rate limiting or configuration.
OBJECT-TYPE    
  Unsigned32  

hpicfUsrAuthWMAFailMAC 1.3.6.1.4.1.11.2.14.11.5.1.19.1.11
The MAC address supplied in the failed authentication request.
OBJECT-TYPE    
  MacAddress  

hpicfUsrAuthWMAFailPort 1.3.6.1.4.1.11.2.14.11.5.1.19.1.12
The port index of the failed authentication request.
OBJECT-TYPE    
  Integer32  

hpicfUsrAuthWMAFailVlan 1.3.6.1.4.1.11.2.14.11.5.1.19.1.13
The VLAN ID associated with the failed authentication request.
OBJECT-TYPE    
  Integer32  

hpicfUsrAuthPortSecNotifyEnable 1.3.6.1.4.1.11.2.14.11.5.1.19.1.14
Provides operational control of hpicfPortSecAuthFailure notification. When enabled (1), the notification will be sent. When disabled (2), the notification will not be sent. Setting this object requires authentication, such as provided by SNMPv3.
OBJECT-TYPE    
  INTEGER enabled(1), disabled(2)  

hpicfUsrAuthPasswdNotifyEnable 1.3.6.1.4.1.11.2.14.11.5.1.19.1.15
Provides operational control of hpicfUsrAuthPasswdChng notification. When enabled (1), the notification will be sent. When disabled (2), the notification will not be sent. Setting this object requires authentication, such as provided by SNMPv3.
OBJECT-TYPE    
  INTEGER enabled(1), disabled(2)  

hpicfUsrAuthWMAEWAServerTable 1.3.6.1.4.1.11.2.14.11.5.1.19.1.16
A table of the Enhanced Web Auth servers.
OBJECT-TYPE    
  SEQUENCE OF  
    HpicfUsrAuthWMAEWAServerEntry

hpicfUsrAuthWMAEWAServerEntry 1.3.6.1.4.1.11.2.14.11.5.1.19.1.16.1
Addresses for an Enhanced Web Auth server.
OBJECT-TYPE    
  HpicfUsrAuthWMAEWAServerEntry  

hpicfUsrAuthWMAeWAServerIndex 1.3.6.1.4.1.11.2.14.11.5.1.19.1.16.1.1
Index into hpicfUsrAuthWMAEWAServerTable.
OBJECT-TYPE    
  Integer32  

hpicfUsrAuthWMAeWAServerIPAddressType 1.3.6.1.4.1.11.2.14.11.5.1.19.1.16.1.2
The type of Enhanced Web Auth Server Address.
OBJECT-TYPE    
  InetAddressType  

hpicfUsrAuthWMAeWAServerIPAddress 1.3.6.1.4.1.11.2.14.11.5.1.19.1.16.1.3
The IP address of the Enhanced Web Auth Server. If set to 0.0.0.0 or URL not configured no Enhanced Web Auth Server will run.
OBJECT-TYPE    
  InetAddress  

hpicfUsrAuthWMAeWAServerPath 1.3.6.1.4.1.11.2.14.11.5.1.19.1.16.1.4
The Enhanced Web Auth Server Path for the location of the Enhanced Web Auth Pages. If not configured the default path will be used.
OBJECT-TYPE    
  STRING  

hpicfUsrAUthWMAeWAServerRowStatus 1.3.6.1.4.1.11.2.14.11.5.1.19.1.16.1.5
This marks the row as active/inactive.
OBJECT-TYPE    
  RowStatus  

hpicfUsrAuthRedirectServerTable 1.3.6.1.4.1.11.2.14.11.5.1.19.1.17
A table of the authentication Redirect Servers.
OBJECT-TYPE    
  SEQUENCE OF  
    HpicfUsrAuthRedirectServerEntry

hpicfUsrAuthRedirectServerEntry 1.3.6.1.4.1.11.2.14.11.5.1.19.1.17.1
Attributes of an authentication Redirect Server.
OBJECT-TYPE    
  HpicfUsrAuthRedirectServerEntry  

hpicfUsrAuthRedirectServerIndex 1.3.6.1.4.1.11.2.14.11.5.1.19.1.17.1.1
Index into hpicfUsrAuthRedirectServerTable.
OBJECT-TYPE    
  Integer32  

hpicfUsrAuthRedirectServerURL 1.3.6.1.4.1.11.2.14.11.5.1.19.1.17.1.2
This object represents the authentication Redirect Server's complete URL for the location of the redirect server login or warning page. This value must begin with 'http://' or 'https://' and should include the DNS name, TCP port of the server if not 80 or SSL's 443, and the page path, if necessary.
OBJECT-TYPE    
  STRING  

hpicfUsrAuthRedirectServerRowStatus 1.3.6.1.4.1.11.2.14.11.5.1.19.1.17.1.3
This object indicates the status of this entry. Must NOT be active in order to modify some other column of this config entry.
OBJECT-TYPE    
  RowStatus  

hpicfUsrAuthRedirectServerRestrictiveFilter 1.3.6.1.4.1.11.2.14.11.5.1.19.1.18
If enabled, only the configured initial web page will be returned for all client requests. The enabled state would generally be used to simply display an informative warning message to failed macAuth clients. If disabled, all client/redirect-server http traffic will be permitted.
OBJECT-TYPE    
  INTEGER enabled(1), disabled(2)  

hpicfUsrAuthRedirectServerClientTimeout 1.3.6.1.4.1.11.2.14.11.5.1.19.1.19
The time (in seconds) that a client will be left in the unauthorized authentication redirection state before being removed from the state tables, temporarily suspending further client/redirect-server http traffic. After state table removal, client is free to initiate authentication.
OBJECT-TYPE    
  Integer32  

hpicfUsrAuthRedirectServerAuthFailureStats 1.3.6.1.4.1.11.2.14.11.5.1.19.1.20
The total number of times clients fail authentication and initiate the authentication Redirect Server process since reboot. A single client can be counted multiple times.
OBJECT-TYPE    
  Counter32  

hpicfUsrAuthCacheCredTimeOut 1.3.6.1.4.1.11.2.14.11.5.1.19.1.21
Specifies the time in seconds, that the switch should remove the credentials. Reauthentication should take place with in small amount of time.
OBJECT-TYPE    
  Integer32  

hpicfUsrAuthClientReauthenticateTable 1.3.6.1.4.1.11.2.14.11.5.1.19.1.22
A table containing configuration/control variables indexed by port and client MAC.
OBJECT-TYPE    
  SEQUENCE OF  
    HpicfUsrAuthClientReauthenticateEntry

hpicfUsrAuthClientReauthenticateEntry 1.3.6.1.4.1.11.2.14.11.5.1.19.1.22.1
The table entry provides the means by which a client on an authentication interface can be forced to reauthenticate.
OBJECT-TYPE    
  HpicfUsrAuthClientReauthenticateEntry  

hpicfUsrAuthClientReauthenticateInterfaceIndex 1.3.6.1.4.1.11.2.14.11.5.1.19.1.22.1.1
Index of client interfaces.
OBJECT-TYPE    
  InterfaceIndex  

hpicfUsrAuthClientReauthenticateMacAddress 1.3.6.1.4.1.11.2.14.11.5.1.19.1.22.1.2
Specifies the MAC address of the client.
OBJECT-TYPE    
  MacAddress  

hpicfUsrAuthClientReauthenticate 1.3.6.1.4.1.11.2.14.11.5.1.19.1.22.1.3
The reauthentication control for this client on this authentication interface. Setting this attribute TRUE forces this authenticated client to re-authenticate. That is, the client is deauthenticated and must transmit traffic in order to trigger reauthentication. Setting this attribute FALSE has no effect.
OBJECT-TYPE    
  TruthValue  

hpicfUsrAuthMacAuthPassword 1.3.6.1.4.1.11.2.14.11.5.1.19.1.23
This object represents the secret password value used by all MAC auth clients. The default value of password is NULL. The password if set(non NULL) will be used instead of MAC address while constructing Radius request packet. The current maximum length of password is 16.
OBJECT-TYPE    
  STRING  

hpicfUsrAuthWebAuthAccessDeniedMode 1.3.6.1.4.1.11.2.14.11.5.1.19.1.24
Specifies the access denied mode that applies to the custom message embedded into the login failure page. The values: disabled (1) - the feature is disabled. custom (2) - use the string configured by administrator via CLI or SNMP. radius (3) - use the string in the 'reply-message' attribute of the received RADIUS response message.
OBJECT-TYPE    
  INTEGER disabled(1), custom(2), radius(3)  

hpicfUsrAuthWebAuthAccessDeniedMessage 1.3.6.1.4.1.11.2.14.11.5.1.19.1.25
Text of the access denied message that will be embedded into the custom web auth login failure page. This message will only be used when the access denied mode is set to 'custom'. It can take up to 250 characters
OBJECT-TYPE    
  STRING Size(1..1024)  

hpicfUsrAuthPorts 1.3.6.1.4.1.11.2.14.11.5.1.19.2
OBJECT IDENTIFIER    

hpicfUsrAuthPortTable 1.3.6.1.4.1.11.2.14.11.5.1.19.2.1
A table of system level information about Web- MAC-based authentication for each port in the switch.
OBJECT-TYPE    
  SEQUENCE OF  
    HpicfUsrAuthPortEntry

hpicfUsrAuthPortEntry 1.3.6.1.4.1.11.2.14.11.5.1.19.2.1.1
The port number, operational mode and re-authentication control for each switch port.
OBJECT-TYPE    
  HpicfUsrAuthPortEntry  

hpicfUsrAuthPortNumber 1.3.6.1.4.1.11.2.14.11.5.1.19.2.1.1.1
The port number associated with this switch port.
OBJECT-TYPE    
  InterfaceIndex  

hpicfUsrAuthWebAuthAdminStatus 1.3.6.1.4.1.11.2.14.11.5.1.19.2.1.1.2
Setting this attribute TRUE enables web-based authentication services. A value of FALSE disabled web-based authentication. This attribute cannot be set TRUE concurrently with hpicfUsrAuthMacAuthAdminStatus.
OBJECT-TYPE    
  TruthValue  

hpicfUsrAuthMacAuthAdminStatus 1.3.6.1.4.1.11.2.14.11.5.1.19.2.1.1.3
Setting this attribute TRUE enables MAC-based authentication services. A value of FALSE disabled MAC-based authentication. This attribute cannot be set TRUE concurrently with hpicfUsrAuthWebAuthAdminStatus.
OBJECT-TYPE    
  TruthValue  

hpicfUsrAuthPortReauthenticate 1.3.6.1.4.1.11.2.14.11.5.1.19.2.1.1.4
The reauthentication control for this port. Setting this attribute TRUE forces all authenticated clients to re-authenticate themselves. Setting this attribute FALSE has no effect. This attribute always returns FALSE when read.
OBJECT-TYPE    
  TruthValue  

hpicfUsrAuthWebAuthConfig 1.3.6.1.4.1.11.2.14.11.5.1.19.3
OBJECT IDENTIFIER    

hpicfUsrAuthWebAuthConfigTable 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1
A table that contains the configuration objects for Web-based Authentication associated with each port. An entry appears in this table for each port that may authenticate access to itself.
OBJECT-TYPE    
  SEQUENCE OF  
    HpicfUsrAuthWebAuthConfigEntry

hpicfUsrAuthWebAuthConfigEntry 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1
The configuration information for Web-based authentication.
OBJECT-TYPE    
  HpicfUsrAuthWebAuthConfigEntry  

hpicfUsrAuthWebAuthClientLimit 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.1
The maximum number of authenticated clients to allow on the port.
OBJECT-TYPE    
  Integer32 1..256  

hpicfUsrAuthWebAuthClientMoves 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.2
Specifies whether client may roam across ports under web authentication control. Setting this attribute 'enabled'allows authenticated clients to roam to other ports under web authentication control (that also have this attribute set to 'enabled') without requiring a re-authentication. Setting this attribute 'disabled' disallows authenticated clients from roaming to other ports (regardless of that port's attribute value). The client has to re- authenticate, if it attempts to roam.
OBJECT-TYPE    
  INTEGER disabled(1), enabled(2)  

hpicfUsrAuthWebAuthSSLState 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.3
Specifies whether web-based authentication should use an SSL connection (i.e. https://) to switch to collect client credentials. Note: A valid certificate must be configured on switch before SSL connections are enabled.
OBJECT-TYPE    
  INTEGER disabled(1), enabled(2)  

hpicfUsrAuthWebAuthRedirectUrl 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.4
Specifies the URL, to which an authenticated client should be re-directed, after successful authentication.
OBJECT-TYPE    
  STRING Size(0..127)  

hpicfUsrAuthWebAuthQuietPeriod 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.5
Specifies the time, in seconds, that the switch should refrain from re-attempting an authentication request for a client whose credentials were rejected.
OBJECT-TYPE    
  Integer32 1..65535  

hpicfUsrAuthWebAuthServerTimeout 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.6
Specifies the time, in seconds, that the switch should wait for an authentication reply to return before considering it as timed out.
OBJECT-TYPE    
  Integer32 1..300  

hpicfUsrAuthWebAuthServerMaxReq 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.7
Specifies the number of authentication requests that must time out before failing authentication.
OBJECT-TYPE    
  Integer32 1..10  

hpicfUsrAuthWebAuthMaxRetries 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.8
Specifies the number of authentication requests that must fail (i.e. invalid credentials) before failing authentication.
OBJECT-TYPE    
  Integer32 1..10  

hpicfUsrAuthWebAuthLogoffPeriod 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.9
Specifies the period, in seconds, at which an authenticated client will be considered unauthenticated for a lack of activity (i.e. traffic originating from client).
OBJECT-TYPE    
  Integer32 1..999999999  

hpicfUsrAuthWebAuthReAuthPeriod 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.10
Specifies the period, in seconds, at which an authenticated client must re-authenticate. A value of 0 signifies that an authenticated client will never have to re-authenticate.
OBJECT-TYPE    
  Integer32 0..999999999  

hpicfUsrAuthWebAuthAuthVid 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.11
Specifies the port VID (PVID) that should be used for an authenticated client.
OBJECT-TYPE    
  VlanIndex  

hpicfUsrAuthWebAuthUnauthVid 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.12
Specifies the port VID (PVID) that should be used for an unauthenticated client.
OBJECT-TYPE    
  VlanIndex  

hpicfUsrAuthWebAuthCacheCredentials 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.13
Specifies whether to cache client credentials or not. Setting this variable 'enabled' allows to cache authenticated clients credentials. Setting this variable 'disabled' disallows to cache authenticated clients credentials.
OBJECT-TYPE    
  INTEGER disabled(1), enabled(2)  

hpicfUsrAuthWebAuthCachedReauthPeriod 1.3.6.1.4.1.11.2.14.11.5.1.19.3.1.1.14
The value indicates the period in seconds, during which cached re-authentication is allowed on the port.If value is zero then the period of cached re-authentication is unlimited.
OBJECT-TYPE    
  Unsigned32 0..2147483647  

hpicfUsrAuthWebAuthClientReauthenticateTable 1.3.6.1.4.1.11.2.14.11.5.1.19.3.2
A table containing WebAuth configuration/control variables indexed by port and client MAC.
OBJECT-TYPE    
  SEQUENCE OF  
    HpicfUsrAuthWebAuthClientReauthenticateEntry

hpicfUsrAuthWebAuthClientReauthenticateEntry 1.3.6.1.4.1.11.2.14.11.5.1.19.3.2.1
The table entry provides the means by which a WebAuth client on an authentication interface can be forced to reauthenticate.
OBJECT-TYPE    
  HpicfUsrAuthWebAuthClientReauthenticateEntry  

hpicfUsrAuthWebAuthClientReauthenticateInterfaceIndex 1.3.6.1.4.1.11.2.14.11.5.1.19.3.2.1.1
Index of WebAuth client interfaces.
OBJECT-TYPE    
  InterfaceIndex  

hpicfUsrAuthWebAuthClientReauthenticateMacAddress 1.3.6.1.4.1.11.2.14.11.5.1.19.3.2.1.2
Specifies the MAC address of the client.
OBJECT-TYPE    
  MacAddress  

hpicfUsrAuthWebAuthClientReauthenticate 1.3.6.1.4.1.11.2.14.11.5.1.19.3.2.1.3
The reauthentication control for this client on this authentication interface. Setting this attribute TRUE forces this authenticated WebAuth client to re-authenticate. That is, the client is deauthenticated and must transmit traffic in order to trigger reauthentication. Setting this attribute FALSE has no effect.
OBJECT-TYPE    
  TruthValue  

hpicfUsrAuthMacAuthConfig 1.3.6.1.4.1.11.2.14.11.5.1.19.4
OBJECT IDENTIFIER    

hpicfUsrAuthMacAuthConfigTable 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1
A table that contains the configuration objects for Mac-based Authentication associated with each port. An entry appears in this table for each port that may authenticate access to itself.
OBJECT-TYPE    
  SEQUENCE OF  
    HpicfUsrAuthMacAuthConfigEntry

hpicfUsrAuthMacAuthConfigEntry 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1
The configuration information for Mac-based authentication.
OBJECT-TYPE    
  HpicfUsrAuthMacAuthConfigEntry  

hpicfUsrAuthMacAuthClientLimit 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.1
The maximum number of authenticated clients to allow on the port.
OBJECT-TYPE    
  Integer32 1..256  

hpicfUsrAuthMacAuthClientMoves 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.2
Specifies whether client may roam across ports under web authentication control. Setting this attribute 'enabled'allows authenticated clients to roam to other ports under web authentication control (that also have this attribute set to 'enabled') without requiring a re-authentication. Setting this attribute 'disabled' disallows authenticated clients from roaming to other ports (regardless of that port's attribute value). The client has to re- authenticate, if it attempts to roam.
OBJECT-TYPE    
  INTEGER disabled(1), enabled(2)  

hpicfUsrAuthMacAuthQuietPeriod 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.3
Specifies the time, in seconds, that the switch should refrain from re-attempting an authentication request for a client whose credentials were rejected.
OBJECT-TYPE    
  Integer32 1..65535  

hpicfUsrAuthMacAuthServerTimeout 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.4
Specifies the time, in seconds, that the switch should wait for an authentication reply to return before considering it as timed out.
OBJECT-TYPE    
  Integer32 1..300  

hpicfUsrAuthMacAuthServerMaxReq 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.5
Specifies the number of authentication requests that must time out before failing authentication.
OBJECT-TYPE    
  Integer32 1..10  

hpicfUsrAuthMacAuthLogoffPeriod 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.6
Specifies the period, in seconds, at which an authenticated client will be considered unauthenticated for a lack of activity (i.e. traffic originating from client).
OBJECT-TYPE    
  Integer32 1..999999999  

hpicfUsrAuthMacAuthReAuthPeriod 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.7
Specifies the period, in seconds, at which an authenticated client must re-authenticate. A value of 0 signifies that an authenticated client will never have to re-authenticate.
OBJECT-TYPE    
  Integer32 0..999999999  

hpicfUsrAuthMacAuthAuthVid 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.8
Specifies the port VID (PVID) that should be used for an authenticated client.
OBJECT-TYPE    
  VlanIndex  

hpicfUsrAuthMacAuthUnauthVid 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.9
Specifies the port VID (PVID) that should be used for an unauthenticated client.
OBJECT-TYPE    
  VlanIndex  

hpicfUsrAuthMacAuthCachedReauthPeriod 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.10
The value indicates the period in seconds, during which cached re-authentication is allowed on the port.If value is zero then the period of cached re-authentication is unlimited.
OBJECT-TYPE    
  Unsigned32 0..2147483647  

hpicfUsrAuthMacAuthUnAuthPeriod 1.3.6.1.4.1.11.2.14.11.5.1.19.4.1.1.11
Specifies the period, in seconds, at which an authenticated client must re-authenticate. A value of 0 signifies that an authenticated client will never have to re-authenticate.
OBJECT-TYPE    
  Integer32 0..65535  

hpicfUsrAuthMacAuthClientReauthenticateTable 1.3.6.1.4.1.11.2.14.11.5.1.19.4.2
A table containing macAuth configuration/control variables indexed by port and client MAC.
OBJECT-TYPE    
  SEQUENCE OF  
    HpicfUsrAuthMacAuthClientReauthenticateEntry

hpicfUsrAuthMacAuthClientReauthenticateEntry 1.3.6.1.4.1.11.2.14.11.5.1.19.4.2.1
The table entry provides the means by which a macAuth client on an authentication interface can be forced to reauthenticate.
OBJECT-TYPE    
  HpicfUsrAuthMacAuthClientReauthenticateEntry  

hpicfUsrAuthMacAuthClientReauthenticateInterfaceIndex 1.3.6.1.4.1.11.2.14.11.5.1.19.4.2.1.1
Index of macAuth client interfaces.
OBJECT-TYPE    
  InterfaceIndex  

hpicfUsrAuthMacAuthClientReauthenticateMacAddress 1.3.6.1.4.1.11.2.14.11.5.1.19.4.2.1.2
Specifies the MAC address of the client.
OBJECT-TYPE    
  MacAddress  

hpicfUsrAuthMacAuthClientReauthenticate 1.3.6.1.4.1.11.2.14.11.5.1.19.4.2.1.3
The reauthentication control for this client on this authentication interface. Setting this attribute TRUE forces this authenticated macAuth client to re-authenticate. That is, the client is deauthenticated and must transmit traffic in order to trigger reauthentication. Setting this attribute FALSE has no effect.
OBJECT-TYPE    
  TruthValue  

hpicfUsrAuthWebAuthStats 1.3.6.1.4.1.11.2.14.11.5.1.19.5
OBJECT IDENTIFIER    

hpicfUsrAuthWebAuthSessionStatsTable 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1
A table that contains session statistic objects for each client (i.e. user) attempting to authenticate to a port with Web-authentication enabled. An entry appears in this table for each port in the switch.
OBJECT-TYPE    
  SEQUENCE OF  
    HpicfUsrAuthWebAuthSessionStatsEntry

hpicfUsrAuthWebAuthSessionStatsEntry 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1
The session statistics information for a port with Web-based authentication enabled. This shows the current values being collected for active sessions.
OBJECT-TYPE    
  HpicfUsrAuthWebAuthSessionStatsEntry  

hpicfUsrAuthWebAuthSessionMacAddr 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1.1
Specifies the MAC address of the client.
OBJECT-TYPE    
  MacAddress  

hpicfUsrAuthWebAuthSessionName 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1.2
Specifies the username of the client.
OBJECT-TYPE    
  SnmpAdminString  

hpicfUsrAuthWebAuthSessionState 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1.3
Specifies the state of the client as follows: 'authenticated' - authenticated client 'unauthenticated' - unauthenticated client, waiting for credentials 'authenticating' - credentials have been sent for verification, waiting for response 'authReqRejectNoVlan' - credentials invalid; client does not have access to unauthenticated VLAN 'authReqRejectUnauthVlan - credentials invalid; client does have access to unauthenticated VLAN 'authReqTimeoutNoVlan' - credentials could not be verified; client is still unauthenticated and does not have access to unauthenticated VLAN 'authReqTimeoutUnauthVlan' - credentials could not be verified; client is still unauthenticated, but has access to unauthenticated VLAN
OBJECT-TYPE    
  INTEGER authenticated(1), unauthenticated(2), authenticating(3), authReqRejectNoVlan(4), authReqRejectUnauthVlan(5), authReqTimeoutNoVlan(6), authReqTimeoutUnauthVlan(7)  

hpicfUsrAuthWebAuthSessionStateTime 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1.4
The duration, in seconds, a client has spent in the state specified by hpicfUsrAuthSessionState.
OBJECT-TYPE    
  Unsigned32  

hpicfUsrAuthWebAuthSessionAuthVid 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1.5
Specifies the PVID that the authenticated client is utilizing. If client is unauthenticated, this object has no meaning.
OBJECT-TYPE    
  VlanIndex  

hpicfUsrAuthWebAuthSessionUnauthVid 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1.6
Specifies the PVID that the unauthenticated client is utilizing. If client is authenticated, this object has no meaning.
OBJECT-TYPE    
  VlanIndex  

hpicfUsrAuthWebAuthSessionTimeout 1.3.6.1.4.1.11.2.14.11.5.1.19.5.1.1.7
Specifies the RADIUS Server set session timeout for reauthentication of the user. When ST = 0, user gets reauthenticated at reauth-period secs, ST < 60 it is set to 60 secs and then user is reauthenticated, ST > 60 user is reauthenticated at ST secs.
OBJECT-TYPE    
  Unsigned32 0..4294967295  

hpicfUsrAuthMacAuthStats 1.3.6.1.4.1.11.2.14.11.5.1.19.6
OBJECT IDENTIFIER    

hpicfUsrAuthMacAuthSessionStatsTable 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1
A table that contains session statistic objects for each client (i.e. user) attempting to authenticate to a port with MAC-authentication enabled. An entry appears in this table for each port in the switch.
OBJECT-TYPE    
  SEQUENCE OF  
    HpicfUsrAuthMacAuthSessionStatsEntry

hpicfUsrAuthMacAuthSessionStatsEntry 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1
The session statistics information for a port with Mac-based authentication enabled. This shows the current values being collected for active sessions.
OBJECT-TYPE    
  HpicfUsrAuthMacAuthSessionStatsEntry  

hpicfUsrAuthMacAuthSessionMacAddr 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1.1
Specifies the MAC address of the client.
OBJECT-TYPE    
  MacAddress  

hpicfUsrAuthMacAuthSessionState 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1.2
Specifies the state of the client as follows: 'authenticated' - authenticated client 'unauthenticated' - unauthenticated client, waiting for credentials 'authenticating' - credentials have been sent for verification, waiting for response 'authReqRejectNoVlan' - credentials invalid; client does not have access to unauthenticated VLAN 'authReqRejectUnauthVlan - credentials invalid; client does have access to unauthenticated VLAN 'authReqTimeoutNoVlan' - credentials could not be verified; client is still unauthenticated and does not have access to unauthenticated VLAN 'authReqTimeoutUnauthVlan' - credentials could not be verified; client is still unauthenticated, but has access to unauthenticated VLAN
OBJECT-TYPE    
  INTEGER authenticated(1), unauthenticated(2), authenticating(3), authReqRejectNoVlan(4), authReqRejectUnauthVlan(5), authReqTimeoutNoVlan(6), authReqTimeoutUnauthVlan(7)  

hpicfUsrAuthMacAuthSessionStateTime 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1.3
The duration, in seconds, a client has spent in the state specified by hpicfUsrAuthSessionState.
OBJECT-TYPE    
  Unsigned32  

hpicfUsrAuthMacAuthSessionAuthVid 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1.4
Specifies the PVID that the authenticated client is utilizing. If client is unauthenticated, this object has no meaning.
OBJECT-TYPE    
  VlanIndex  

hpicfUsrAuthMacAuthSessionUnauthVid 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1.5
Specifies the PVID that the unauthenticated client is utilizing. If client is authenticated, this object has no meaning.
OBJECT-TYPE    
  VlanIndex  

hpicfUsrAuthMacAuthSessionTimeout 1.3.6.1.4.1.11.2.14.11.5.1.19.6.1.1.6
Specifies the RADIUS Server set session timeout for reauthentication of the user. When ST = 0, user gets reauthenticated at reauth-period secs, ST < 60 it is set to 60 secs and then user is reauthenticated, ST > 60 user is reauthenticated at ST secs.
OBJECT-TYPE    
  Unsigned32 0..4294967295  

hpicfUsrAuthConformance 1.3.6.1.4.1.11.2.14.11.5.1.19.7
OBJECT IDENTIFIER    

hpicfUsrAuthGroups 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2
OBJECT IDENTIFIER    

hpicfUsrAuthSystemGroup 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.1
A collection of objects providing system information about, and control over, Web- and MAC-based authentication.
OBJECT-GROUP    

hpicfUsrAuthPortsGroup 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.2
A collection of objects providing system level information about Web and MAC based authentication for each port in the switch.
OBJECT-GROUP    

hpicfUsrAuthWebAuthConfigGroup 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.3
A collection of objects providing configuration objects for Web-based authentication associated with each port.
OBJECT-GROUP    

hpicfUsrAuthMacAuthConfigGroup 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.4
A collection of objects providing configuration objects for MAC-based authentication associated with each port.
OBJECT-GROUP    

hpicfUsrAuthWebAuthSessionStatsGroup 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.5
A collection of objects providing statistics about current sessions for Web-based authentication.
OBJECT-GROUP    

hpicfUsrAuthMacAuthSessionStatsGroup 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.6
A collection of objects providing statistics about current sessions for MAC-based authentication.
OBJECT-GROUP    

hpicfUsrAuthWebAuthConfigGroup1 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.7
A collection of objects providing configuration objects for Web-based authentication associated with each port.
OBJECT-GROUP    

hpicfUsrAuthMacAuthConfigGroup1 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.8
A collection of objects providing configuration objects for MAC-based authentication associated with each port.
OBJECT-GROUP    

hpicfUsrAuthMacAuthConfigGroup2 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.9
A collection of objects providing configuration objects for MAC-based authentication associated with each port.
OBJECT-GROUP    

hpicfUsrAuthRedirectServerGroup 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.10
A collection of objects for authentication Redirect Server.
OBJECT-GROUP    

hpicfUsrAuthWMAeWAServerGroup 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.11
A collection of objects for Enhanced Web Auth servers.
OBJECT-GROUP    

hpicfUsrAuthClientReauthenticateGroup 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.12
A collection of objects for Reauthentication settings .
OBJECT-GROUP    

hpicfUsrAuthMacAuthSessionStatsGroup1 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.13
A collection of objects providing RADIUS server set session timeout for MAC-based user reauthentication.
OBJECT-GROUP    

hpicfUsrAuthWebAuthSessionStatsGroup1 1.3.6.1.4.1.11.2.14.11.5.1.19.7.2.14
A collection of objects providing RADIUS server set session timeout for Web-based user reauthentication.
OBJECT-GROUP    

hpicfUsrAuthCompliances 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4
OBJECT IDENTIFIER    

hpicfUsrAuthCompliance 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.1
********* THIS COMPLIANCE IS DEPRECATED ********* The compliance statement for devices support of HP-USER-AUTH MIB.
MODULE-COMPLIANCE    

hpicfUsrAuthCompliance1 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.2
The compliance statement for devices support of HP-USER-AUTH MIB.
MODULE-COMPLIANCE    

hpicfUsrAuthCompliance2 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.3
The compliance statement for devices support of HP-USER-AUTH MIB.
MODULE-COMPLIANCE    

hpicfUsrAuthCompliance3 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.4
The compliance statement for devices support of HP-USER-AUTH MIB.
MODULE-COMPLIANCE    

hpicfUsrAuthCompliance4 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.5
The compliance statement for devices support of HP-USER-AUTH MIB.
MODULE-COMPLIANCE    

hpicfUsrAuthCompliance5 1.3.6.1.4.1.11.2.14.11.5.1.19.7.4.6
The compliance statement for devices support of HP-USER-AUTH MIB.
MODULE-COMPLIANCE    

hpicfUsrAuthNotifyConformance 1.3.6.1.4.1.11.2.14.11.5.1.19.8
OBJECT IDENTIFIER    

hpicfUsrAuthNotificationGroup 1.3.6.1.4.1.11.2.14.11.5.1.19.8.1
A group of authorization notifications.
NOTIFICATION-GROUP    

hpicfNotifcationConfigDataGroup 1.3.6.1.4.1.11.2.14.11.5.1.19.8.2
A group of notification data and configuration objects.
OBJECT-GROUP    

hpicfUsrAuthMacGlobalConformance 1.3.6.1.4.1.11.2.14.11.5.1.19.9
OBJECT IDENTIFIER    

hpicfUsrAuthMacGroup 1.3.6.1.4.1.11.2.14.11.5.1.19.9.1
A group of Mac auth global configuration objects.
OBJECT-GROUP    

hpicfUsrAuthWebAuthAccessDeniedConformance 1.3.6.1.4.1.11.2.14.11.5.1.19.10
OBJECT IDENTIFIER    

hpicfUsrAuthWebAuthAccessDeniedGroup 1.3.6.1.4.1.11.2.14.11.5.1.19.10.1
A group of web-auth access denied configuration objects.
OBJECT-GROUP