NtwsAuthenticationFailureType |
|
Enumeration of the reasons for AAA authentication to fail
user-glob-mismatch - auth rule/user not found for console login
user-does-not-exist - login failed because user not found
invalid-password - login failed because of invalid password
server-timeout - unable to contact a AAA server
signature-failed - incorrect password for mschapv2
local-certificate-error - certificate error
all-servers-down - unable to contact any AAA server in the group
authentication-type-mismatch - client and switch are using different
authentication methods
server-rejected - received reject from AAA server
fallthru-auth-misconfig - problem with fallthru authentication
no-lastresort-auth - problem with last-resort authentication
exceeded-max-attempts - local user failed to login within allowed number
of attempts resulting in account lockout
password-expired - user's password expired |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
other(1), user-glob-mismatch(2), user-does-not-exist(3), invalid-password(4), server-timeout(5), signature-failed(6), local-certificate-error(7), all-servers-down(8), authentication-type-mismatch(9), server-rejected(10), fallthru-auth-misconfig(11), no-lastresort-auth(12), exceeded-max-attempts(13), password-expired(14) |
|
NtwsAuthorizationFailureType |
|
Enumeration of the reasons for AAA authorization failure |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
other(1), user-param(2), location-policy(3), vlan-tunnel-failure(4), ssid-mismatch(5), acl-mismatch(6), timeofday-mismatch(7), crypto-type-mismatch(8), mobility-profile-mismatch(9), start-date-mismatch(10), end-date-mismatch(11), svr-type-mismatch(12), ssid-defaults(13), qos-profile-mismatch(14), simultaneous-logins(15) |
|
NtwsDot1xFailureType |
|
Enumeration of the dot1x failure reasons.
quiet-period occurs when client is denied access for a period of
time after a failed connection attempt
administrative-kill means that the session was cleared using the
'clear dot1x client' command
bad-rsnie means that client sent an invalid IE
timeout is when there are excessive retransmissions
max-sessions-exceeded means the maximum allowed wired clients
has been exceeded on the switch
fourway-hs-failure is for failures occuring the 4-way key handshake
user-glob-mismatch means the name received in the dot1x identity
request does not match any configured userglobs
in the system
reauth-disabled means that the client is trying to reauthenticate
but reauthentication is disabled
gkhs-failure means that either there was no response from the client
during the GKHS or the response did not have an IE
force-unauth-configured means that the client is trying to connect
through a port which is configured as
force-unauth
cert-not-installed means that there is no certificate installed on
the switch |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
other(1), quiet-period(2), administrative-kill(3), bad-rsnie(4), timeout(5), max-sessions-exceeded(6), fourway-hs-failure(7), user-glob-mismatch(8), bonded-auth-failure(9), reauth-disabled(10), gkhs-failure(11), force-unauth-configured(12), cert-not-installed(13) |
|
NtwsRFDetectDoSType |
|
The types of denial of service (DoS) attacks |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
probe-flood(1), auth-flood(2), null-data-flood(3), mgmt-6-flood(4), mgmt-7-flood(5), mgmt-d-flood(6), mgmt-e-flood(7), mgmt-f-flood(8), fakeap-ssid(9), fakeap-bssid(10), bcast-deauth(11), null-probe-resp(12), disassoc-spoof(13), deauth-spoof(14), decrypt-err(15), weak-wep-iv(16), wireless-bridge(17), netstumbler(18), wellenreiter(19), adhoc-client-frame(20), associate-pkt-flood(21), re-associate-pkt-flood(22), de-associate-pkt-flood(23), bssid-spoof(24) |
|
NtwsMobilityDomainResiliencyStatus |
|
Enumeration of the current resilient capacity status
for a mobility domain:
resilient:
Every AP in the mobility domain has a secondary backup
link. If the primary switch of an AP failed, the AP
and its sessions would fail over to its backup link.
degraded:
Some APs only have a primary link. If the primary
switch of an AP without a backup link failed, the AP
would reboot and its sessions would be lost. |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
other(1), resilient(2), degraded(3) |
|
ntwsMobilityDomainIp |
1.3.6.1.4.1.45.6.1.2.2 |
IP address of the other switch which the send switch is
reporting on. This object is used
within notifications and is not accessible. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
ntwsDAPconnectWarningType |
1.3.6.1.4.1.45.6.1.2.56 |
The type of DAP connect warning. The values are:
not-configured-fingerprint-connect(1)...a DAP, which has an RSA keypair
but did not have its fingerprint configured on the AC, has connected
to the AC when 'dap security' set to 'OPTIONAL'
secure-handshake-failure(2).............a DAP tried to connect to the
AC with security, but the handshake failed
not-configured-fingerprint-required(3)..a DAP tried to connect to the
AC with security, but 'dap security' set to 'REQUIRED',
and no fingerprint was configured for the DAP
fingerprint-mismatch(4).................a DAP tried to connect to the
AC with security and its fingerprint was configured, but
the fingerprint did not match the computed one
This object is used within notifications and is not accessible. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
INTEGER |
not-configured-fingerprint-connect(1), secure-handshake-failure(2), not-configured-fingerprint-required(3), fingerprint-mismatch(4) |
|
ntwsBlacklistingRemainingTime |
1.3.6.1.4.1.45.6.1.2.71 |
The time in seconds remaining until a given transmitter could be
removed from the Black List.
This object is used within notifications and is not accessible. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ntwsMobilityDomainSecondarySeedIp |
1.3.6.1.4.1.45.6.1.2.79 |
The secondary seed IP address to which the Mobility Domain
has failed over.
This object is used within notifications and is not accessible. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
ntwsMobilityDomainPrimarySeedIp |
1.3.6.1.4.1.45.6.1.2.80 |
The primary seed IP address to which the Mobility Domain
has failed back.
This object is used within notifications and is not accessible. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
IpAddress |
|
|
ntwsMobilityDomainResiliencyStatus |
1.3.6.1.4.1.45.6.1.2.97 |
Indicates the current resilient capacity status
for a mobility domain.
This object is used within notifications and is not accessible. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
NtwsMobilityDomainResiliencyStatus |
|
|
ntwsMobilityDomainJoinTrap |
1.3.6.1.4.1.45.6.1.5.0.6 |
The mobility domain member has received an UP notice from the
remote address. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ntwsMobilityDomainTimeoutTrap |
1.3.6.1.4.1.45.6.1.5.0.7 |
The mobility domain member has declared the remote address
to be DOWN. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ntwsMobilityDomainFailOverTrap |
1.3.6.1.4.1.45.6.1.5.0.50 |
This trap is sent when the Mobility Domain fails over
to the secondary seed. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ntwsMobilityDomainFailBackTrap |
1.3.6.1.4.1.45.6.1.5.0.51 |
This trap is sent when the Mobility Domain fails back
to the primary seed. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ntwsMobilityDomainResiliencyStatusTrap |
1.3.6.1.4.1.45.6.1.5.0.65 |
This trap is sent by a mobility domain seed to announce
changes in resilient capacity status. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|