USERGROUP-MIB
File:
USERGROUP-MIB.mib (28098 bytes)
Imported modules
Imported symbols
Defined Types
| MemberID |
|
| mac address in canonical byte order. |
| TEXTUAL-CONVENTION |
|
|
|
| |
OCTET STRING |
Size(6) |
|
| HmUserGroupEntry |
|
| SEQUENCE |
|
|
|
| |
hmUserGroupID |
Integer32 |
|
| |
hmUserGroupDescription |
DisplayString |
|
| |
hmUserGroupRestricted |
INTEGER |
|
| |
hmUserGroupSecAction |
INTEGER |
|
| HmUserGroupMemberEntry |
|
| SEQUENCE |
|
|
|
| |
hmUserGroupMemberGroupID |
Integer32 |
|
| |
hmUserGroupMemberUserID |
MemberID |
|
| HmUserEntry |
|
| SEQUENCE |
|
|
|
| |
hmUserID |
MemberID |
|
| |
hmUserRestricted |
INTEGER |
|
| HmPortSecurityEntry |
|
| SEQUENCE |
|
|
|
| |
hmPortSecSlotID |
Integer32 |
|
| |
hmPortSecPortID |
Integer32 |
|
| |
hmPortSecPermission |
INTEGER |
|
| |
hmPortSecAllowedUserID |
MemberID |
|
| |
hmPortSecAllowedGroupIDs |
OCTET STRING |
|
| |
hmPortSecConnectedUserID |
MemberID |
|
| |
hmPortSecAction |
INTEGER |
|
| |
hmPortSecAutoReconfigure |
INTEGER |
|
| |
hmPortSecPortStatus |
INTEGER |
|
| |
hmPortSecAllowedUserIPID |
IpAddress |
|
| |
hmPortSecDynamicLimit |
Integer32 |
|
| |
hmPortSecDynamicCount |
Integer32 |
|
| HmPortSecExtendedEntry |
|
| SEQUENCE |
|
|
|
| |
hmPortSecExtSlotID |
Integer32 |
|
| |
hmPortSecExtPortID |
Integer32 |
|
| |
hmPortSecExtAction |
INTEGER |
|
| |
hmPortSecExtPortStatus |
INTEGER |
|
| HmPortSecMultipleAdressesEntry |
|
| SEQUENCE |
|
|
|
| |
hmPortSecMASlotID |
Integer32 |
|
| |
hmPortSecMAPortID |
Integer32 |
|
| |
hmPortSecMAExtendedIndex |
Integer32 |
|
| |
hmPortSecMAAllowedUserIDs |
MemberID |
|
| |
hmPortSecMAAllowedUserIPIDs |
IpAddress |
|
| |
hmPortSecMAAllowedUserIDMask |
Integer32 |
|
Defined Values
| hmUserGroup |
1.3.6.1.4.1.248.14.3 |
| The Hirschmann Private Usergroup MIB definitions for Platform devices. |
| MODULE-IDENTITY |
|
|
|
| hmUserGroupEntry |
1.3.6.1.4.1.248.14.3.1.1 |
| user group definition |
| Status: current |
Access: not-accessible |
| OBJECT-TYPE |
|
|
|
| |
HmUserGroupEntry |
|
|
| hmUserGroupID |
1.3.6.1.4.1.248.14.3.1.1.1 |
| The user group number identifying this instance. |
| Status: current |
Access: read-only |
| OBJECT-TYPE |
|
|
|
| |
Integer32 |
|
|
| hmUserGroupRestricted |
1.3.6.1.4.1.248.14.3.1.1.3 |
| If set to true(1) any member of this group is restricted to ports
- which have hmPortSecPermission set to group(2) and
- the group is in hmPortSecAllowedGroupIDs.
If set to false(2) the user may also connect to a port if permitted
by other hmPortSecPermission settings, e.g. known(3) or world(4).
The following access restrictions apply:
UserRestr. UserGroupRestr. PortSecPermission access allowed
--------------------------------------------------------------------
false false user hmPortSecAllowedUserID
false false group hmPortSecAllowedGroupIDs
false false known any user group member
false false world yes
true false/true user hmPortSecAllowedUserID
true false/true group no
true false/true known no
true false/true world no
false true user hmPortSecAllowedUserID
false true group hmPortSecAllowedGroupIDs
false true known no
false true world no
|
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
INTEGER |
true(1), false(2) |
|
| hmUserGroupSecAction |
1.3.6.1.4.1.248.14.3.1.1.4 |
| This variable specifies the action which is taken if a
user tries to connect to the given port when he is not
allowed to do so. Setting the variable to none(1)
disables any action. A value of trapOnly(2) generates
a trap. Setting the value to portDisable(3) will
send a trap, and additionally disable the port until
it is re-enabled by management. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
INTEGER |
none(1), trapOnly(2), portDisable(3) |
|
| hmUserGroupMemberEntry |
1.3.6.1.4.1.248.14.3.2.1 |
| An user group member entry. |
| Status: current |
Access: not-accessible |
| OBJECT-TYPE |
|
|
|
| |
HmUserGroupMemberEntry |
|
|
| hmUserTable |
1.3.6.1.4.1.248.14.3.3 |
| List of all user group members. |
| Status: current |
Access: not-accessible |
| OBJECT-TYPE |
|
|
|
| |
SEQUENCE OF |
|
|
| |
|
HmUserEntry |
|
| hmUserEntry |
1.3.6.1.4.1.248.14.3.3.1 |
| An user entry. |
| Status: current |
Access: not-accessible |
| OBJECT-TYPE |
|
|
|
| |
HmUserEntry |
|
|
| hmUserID |
1.3.6.1.4.1.248.14.3.3.1.1 |
| User ID. |
| Status: current |
Access: read-only |
| OBJECT-TYPE |
|
|
|
| |
MemberID |
|
|
| hmUserRestricted |
1.3.6.1.4.1.248.14.3.3.1.2 |
| If set to true(1) the user may only connect to ports which
have hmPortSecPermission set to user(1) and hmPortSecAllowedUserID
set to hmUserID.
If set to false(2) the user may also connect to a port if permitted
by other hmPortSecPermission settings, e.g. group(2), known(3) or
world(4).
The following access restrictions apply:
UserRestr. UserGroupRestr. PortSecPermission access allowed
---------------------------------------------------------------------
false false user hmPortSecAllowedUserID
false false group hmPortSecAllowedGroupIDs
false false known any user group member
false false world yes
true false/true user hmPortSecAllowedUserID
true false/true group no
true false/true known no
true false/true world no
false true user hmPortSecAllowedUserID
false true group hmPortSecAllowedGroupIDs
false true known no
false true world no
|
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
INTEGER |
true(1), false(2) |
|
| hmPortSecurityEntry |
1.3.6.1.4.1.248.14.3.4.1 |
| A single port security entry. |
| Status: current |
Access: not-accessible |
| OBJECT-TYPE |
|
|
|
| |
HmPortSecurityEntry |
|
|
| hmPortSecSlotID |
1.3.6.1.4.1.248.14.3.4.1.1 |
| Slot number the switch unit is plugged in. |
| Status: current |
Access: read-only |
| OBJECT-TYPE |
|
|
|
| |
Integer32 |
1..1 |
|
| hmPortSecPortID |
1.3.6.1.4.1.248.14.3.4.1.2 |
| Port number within the group. |
| Status: current |
Access: read-only |
| OBJECT-TYPE |
|
|
|
| |
Integer32 |
1..32 |
|
| hmPortSecPermission |
1.3.6.1.4.1.248.14.3.4.1.3 |
| This variable specifies the security level of the port.
If set to user(1) only the user defined by hmPortSecAllowedUserID
may connect to this port. In group(2) mode only members of the
user group specified by hmPortSecAllowedGroupIDs are allowed.
known(3) means that all users belonging to any user group
(all known users) are accepted. Setting the value to world(4)
disables the security features, i.e. any user is permitted.
For backbone ports the value uplink(5) should be used.
If a user does not match the allowed permission he is not able
to connect to the network over this port, additionally the actions
configured through hmPortSecAction are taken. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
INTEGER |
user(1), group(2), known(3), world(4), uplink(5) |
|
| hmPortSecAllowedUserID |
1.3.6.1.4.1.248.14.3.4.1.4 |
| This variable specifies the allowed user ID if
hmPortSecPermission has been set to user(1). |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
MemberID |
|
|
| hmPortSecAllowedGroupIDs |
1.3.6.1.4.1.248.14.3.4.1.5 |
| This variable specifies the allowed user groups if
hmPortSecPermission has been set to group(2).
Each group is represented by a single bit. If a
group does not exist the value of the bit is ignored. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
OCTET STRING |
Size(128) |
|
| hmPortSecConnectedUserID |
1.3.6.1.4.1.248.14.3.4.1.6 |
| This variable reflects the user ID of a connected user
actually seen on this port. If there is no user connected
the value will be 0x00:00:00:00:00:00. |
| Status: current |
Access: read-only |
| OBJECT-TYPE |
|
|
|
| |
MemberID |
|
|
| hmPortSecAction |
1.3.6.1.4.1.248.14.3.4.1.7 |
| This variable specifies the action which is taken if a
user tries to connect to the given port when he is not
allowed to do so. Setting the variable to none(1)
disables any action. A value of trapOnly(2) generates
a trap. Setting the value to portDisable(3) will
send a trap, and additionally disable the port until
it is re-enabled by management. Setting the value to
autoDisable(3) will send a trap, and additionally
auto-disable the port for the amount of time specified per port. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
INTEGER |
none(1), trapOnly(2), portDisable(3), autoDisable(4) |
|
| hmPortSecPortStatus |
1.3.6.1.4.1.248.14.3.4.1.9 |
| This variable shows the current status of the port with
respect to port security. If the address seen on the port
is allowed, the status is enabled(1), if it is not allowed,
the status is disabled(2) if hmUserGroupSecurityAction is
portDisable(3), or enabledWithWrongAddr(3) if
hmUserGroupSecurityAction is none(1) or trapOnly(2). |
| Status: current |
Access: read-only |
| OBJECT-TYPE |
|
|
|
| |
INTEGER |
enabled(1), disabled(2), enabledWithWrongAddr(3) |
|
| hmPortSecAllowedUserIPID |
1.3.6.1.4.1.248.14.3.4.1.10 |
| This variable specifies the allowed user IP ID if
hmPortSecPermission has been set to user(1). |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
IpAddress |
|
|
| hmPortSecDynamicLimit |
1.3.6.1.4.1.248.14.3.4.1.11 |
| This variable signifies the limit of dynamically learned allowed MAC addresses
for a specific port. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
Integer32 |
0..50 |
|
| hmPortSecDynamicCount |
1.3.6.1.4.1.248.14.3.4.1.12 |
| The current number of dynamically learned allowed MAC addresses on this port. |
| Status: current |
Access: read-only |
| OBJECT-TYPE |
|
|
|
| |
Integer32 |
|
|
| hmUserGroupSecurityAction |
1.3.6.1.4.1.248.14.3.5 |
| This variable specifies the action which is taken if a
user tries to connect to the given port when he is not
allowed to do so. Setting the variable to none(1)
disables any action. A value of trapOnly(2) generates
a trap. Setting the value to portDisable(3) will
send a trap, and additionally disable the port until
it is re-enabled by management. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
INTEGER |
none(1), trapOnly(2), portDisable(3) |
|
| hmUserGroupPortSecurityMode |
1.3.6.1.4.1.248.14.3.8 |
| This variable specifies the mode of the hmPortSecurityTable. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
INTEGER |
macAddressBased(1), ipAddressBased(2) |
|
| hmPortSecExtendedEntry |
1.3.6.1.4.1.248.14.3.10.1.1 |
| A single extended port security entry. |
| Status: current |
Access: not-accessible |
| OBJECT-TYPE |
|
|
|
| |
HmPortSecExtendedEntry |
|
|
| hmPortSecExtSlotID |
1.3.6.1.4.1.248.14.3.10.1.1.1 |
| Slot number the switch unit is plugged in. |
| Status: current |
Access: not-accessible |
| OBJECT-TYPE |
|
|
|
| |
Integer32 |
1..1 |
|
| hmPortSecExtPortID |
1.3.6.1.4.1.248.14.3.10.1.1.2 |
| Port number within the group. |
| Status: current |
Access: not-accessible |
| OBJECT-TYPE |
|
|
|
| |
Integer32 |
1..32 |
|
| hmPortSecExtAction |
1.3.6.1.4.1.248.14.3.10.1.1.3 |
| This variable specifies the action which is taken if a
user tries to connect to the given port when he is not
allowed to do so. Setting the variable to none(1)
disables any action. A value of trapOnly(2) generates
a trap. Setting the value to portDisable(3) will
send a trap, and additionally disable the port until
it is re-enabled by management. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
INTEGER |
none(1), trapOnly(2), portDisable(3) |
|
| hmPortSecExtPortStatus |
1.3.6.1.4.1.248.14.3.10.1.1.4 |
| This variable shows the current status of the port with
respect to port security. If the address seen on the port
is allowed, the status is enabled(1), if it is not allowed,
the status is disabled(2) if hmUserGroupSecurityAction is
portDisable(3), or enabledWithWrongAddr(3) if
hmUserGroupSecurityAction is none(1) or trapOnly(2). |
| Status: current |
Access: read-only |
| OBJECT-TYPE |
|
|
|
| |
INTEGER |
enabled(1), disabled(2), enabledWithWrongAddr(3) |
|
| hmPortSecMultipleAdressesEntry |
1.3.6.1.4.1.248.14.3.10.2.1 |
| A single port security entry with multiple allowed addresses. |
| Status: current |
Access: not-accessible |
| OBJECT-TYPE |
|
|
|
| |
HmPortSecMultipleAdressesEntry |
|
|
| hmPortSecMASlotID |
1.3.6.1.4.1.248.14.3.10.2.1.1 |
| Slot number the switch unit is plugged in. |
| Status: current |
Access: not-accessible |
| OBJECT-TYPE |
|
|
|
| |
Integer32 |
1..1 |
|
| hmPortSecMAPortID |
1.3.6.1.4.1.248.14.3.10.2.1.2 |
| Port number within the group. |
| Status: current |
Access: not-accessible |
| OBJECT-TYPE |
|
|
|
| |
Integer32 |
1..32 |
|
| hmPortSecMAAllowedUserIDs |
1.3.6.1.4.1.248.14.3.10.2.1.4 |
| This variable specifies the allowed user ID if
hmPortSecPermission has been set to user(1). |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
MemberID |
|
|
| hmPortSecMAAllowedUserIPIDs |
1.3.6.1.4.1.248.14.3.10.2.1.5 |
| This variable specifies the allowed user IP ID if
hmPortSecPermission has been set to user(1). |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
IpAddress |
|
|
| hmPortSecMAAllowedUserIDMask |
1.3.6.1.4.1.248.14.3.10.2.1.6 |
| The number of bits from left ro right, that are used
from the MAC address. |
| Status: current |
Access: read-write |
| OBJECT-TYPE |
|
|
|
| |
Integer32 |
1..48 |
|
| hmUserGroupEvent |
1.3.6.1.4.1.248.14.3.0 |
| The events of hmUserGroup. |
| Status: current |
Access: read-write |
| OBJECT-IDENTITY |
|
|
|
| hmNewUserTrap |
1.3.6.1.4.1.248.14.3.0.1 |
| This trap is sent if an unknown MAC address is detected on a port. |
| Status: current |
Access: read-write |
| NOTIFICATION-TYPE |
|
|
|
| hmPortSecurityTrap |
1.3.6.1.4.1.248.14.3.0.2 |
| This trap is sent if a MAC address / IP address is detected on a port
which is not acceptable for the current setting of
hmPortSecPermission AND ...SecAction is either set to trapOnly(2)
or portDisable(3). |
| Status: current |
Access: read-write |
| NOTIFICATION-TYPE |
|
|
|
| hmPortSecConfigErrorTrap |
1.3.6.1.4.1.248.14.3.0.3 |
| This trap is sent when two or more users with incompatible
user group settings have been detected at the port. |
| Status: current |
Access: read-write |
| NOTIFICATION-TYPE |
|
|
|