1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
|
-- *****************************************************************
-- DLINKSW-AAA-AUTH-MIB: D-Link AAA Authentication MIB
--
-- Copyright (c) 2013 D-Link Corporation, all rights reserved.
--
-- *****************************************************************
DLINKSW-AAA-AUTH-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY, OBJECT-TYPE
FROM SNMPv2-SMI
MODULE-COMPLIANCE, OBJECT-GROUP
FROM SNMPv2-CONF
RowStatus
FROM SNMPv2-TC
dAaaMIBObjects, DAaaSessionType,
DAaaMethodListName, DAaaMethodPriority,
DAaaMethodName
FROM DLINKSW-AAA-COMMON-MIB;
dlinkSwAaaAuthenticationMIB MODULE-IDENTITY
LAST-UPDATED "201304250000Z"
ORGANIZATION "D-Link Corp."
CONTACT-INFO
" D-Link Corporation
Postal: No. 289, Sinhu 3rd Rd., Neihu District,
Taipei City 114, Taiwan, R.O.C
Tel: +886-2-66000123
E-mail: tsd@dlink.com.tw
"
DESCRIPTION
"This MIB module defines objects for authentication feature
which is based on Authentication, Authorization,
Accounting (AAA) protocols."
REVISION "201304250000Z"
DESCRIPTION
"This is the first version of the MIB.
"
::= { dAaaMIBObjects 4 }
-- -----------------------------------------------------------------------------
dAaaAuthMIBNotifications OBJECT IDENTIFIER ::= { dlinkSwAaaAuthenticationMIB 0 }
dAaaAuthMIBObjects OBJECT IDENTIFIER ::= { dlinkSwAaaAuthenticationMIB 1 }
dAaaAuthMIBConformance OBJECT IDENTIFIER ::= { dlinkSwAaaAuthenticationMIB 2 }
-- -----------------------------------------------------------------------------
dAaaAuthGenericMethodTable OBJECT-TYPE
SYNTAX SEQUENCE OF DAaaAuthGenericMethodEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains entries for AAA authentication
methods configured for Login/enable/dot1x/MAC authentication/web/jwac.
The following table describes the examples.
Type Method List Name Priority Method
----- ------------------ -------- ------------
login default 1 radius
login default 2 auth_rad
login default 3 tacacs+
login default 4 none
login ssh_login 1 radius
login ssh_login 2 none
login tel_login 1 tacacs+
enable default 1 radius
enable default 2 tacacs+
dot1x default 1 radius
dot1x default 2 local
macAuth default 1 radius
macAuth default 2 local
web default 1 radius
web default 2 local
jwac default 1 radius
jwac default 2 local
"
::= { dAaaAuthMIBObjects 1 }
dAaaAuthGenericMethodEntry OBJECT-TYPE
SYNTAX DAaaAuthGenericMethodEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry defines a method which is groupped into a method list.
"
INDEX {
dAaaAuthGenMethodLstType,
dAaaAuthGenMethodLstName,
dAaaAuthGenMethodPriority
}
::= { dAaaAuthGenericMethodTable 1 }
DAaaAuthGenericMethodEntry ::=
SEQUENCE {
dAaaAuthGenMethodLstType INTEGER,
dAaaAuthGenMethodLstName DAaaMethodListName,
dAaaAuthGenMethodPriority DAaaMethodPriority,
dAaaAuthGenMethodName DAaaMethodName,
dAaaAuthGenMethodRowStatus RowStatus
}
dAaaAuthGenMethodLstType OBJECT-TYPE
SYNTAX INTEGER {
enable(1),
login(2),
dot1x(3),
jwac(4),
macAuth(5),
web(6),
igmpAuth(7),
mldAuth(8)
}
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the type for which the method
list will be used.
enable(1) - for determining the access to the privileged EXEC level.
login(2) - for login authentication.
dot1x(3) - for 802.1x authentication.
jwac(4) - for JWAC authentication.
macAuth(5) - for MAC authentication.
web(6) - for Web authentication.
igmpAuth(7) - for IGMP authentication.
mldAuth(8) - for MLD authentication.
Note: Not all method list types defined need to be supported.
"
::= { dAaaAuthGenericMethodEntry 1 }
dAaaAuthGenMethodLstName OBJECT-TYPE
SYNTAX DAaaMethodListName
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the name of the authentication method list.
If dAaaAuthGenMethodLstType is not 'login', only 'default'
can be specified for dAaaAuthGenMethodLstName.
For the type which only supports 'default' method list name, the
configured method list will take effect without being explicitly applied.
If the type is 'login', the method list will take effect after
the method list is applied in dAaaAuthLoginApplyTable.
"
::= { dAaaAuthGenericMethodEntry 2 }
dAaaAuthGenMethodPriority OBJECT-TYPE
SYNTAX DAaaMethodPriority
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This is the method priority of a method within a method list.
"
::= { dAaaAuthGenericMethodEntry 3 }
dAaaAuthGenMethodName OBJECT-TYPE
SYNTAX DAaaMethodName
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the authentication method name.
"
::= { dAaaAuthGenericMethodEntry 4 }
dAaaAuthGenMethodRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of entry.
Before modify the higher method, must destroy the lower method in method list.
"
::= { dAaaAuthGenericMethodEntry 5 }
-- -----------------------------------------------------------------------------
dAaaAuthLogin OBJECT IDENTIFIER ::= { dAaaAuthMIBObjects 2 }
dAaaAuthLoginApplyTable OBJECT-TYPE
SYNTAX SEQUENCE OF DAaaAuthLoginApplyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table contains entries for AAA authentication
apply configured for Login.
The following table describes the authentication commands apply.
Session MethodListName
------- ------------------
telnet default
console cons_auth
ssh ssh_login
"
::= { dAaaAuthLogin 1 }
dAaaAuthLoginApplyEntry OBJECT-TYPE
SYNTAX DAaaAuthLoginApplyEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"An entry containing the session of an authentication
application used for Login.
"
INDEX {
dAaaAuthLoginApplySession
}
::= { dAaaAuthLoginApplyTable 1 }
DAaaAuthLoginApplyEntry ::= SEQUENCE {
dAaaAuthLoginApplySession DAaaSessionType,
dAaaAuthLoginApplyListName DAaaMethodListName,
dAaaAuthLoginApplyRowStatus RowStatus
}
dAaaAuthLoginApplySession OBJECT-TYPE
SYNTAX DAaaSessionType
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object indicates the session type of the entry.
"
::= { dAaaAuthLoginApplyEntry 1 }
dAaaAuthLoginApplyListName OBJECT-TYPE
SYNTAX DAaaMethodListName
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object indicates the method list name of the entry.
"
::= { dAaaAuthLoginApplyEntry 2 }
dAaaAuthLoginApplyRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"The status of this entry.
"
::= { dAaaAuthLoginApplyEntry 3 }
--****************************************************************************
-- Conformance
--****************************************************************************
dAaaAuthMIBCompliances OBJECT IDENTIFIER ::= { dAaaAuthMIBConformance 1 }
-- compliance statements
dAaaAuthMIBCompliance MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for entities which
implement the DLINKSW-AAA-AUTH-MIB."
MODULE -- this module
MANDATORY-GROUPS {
dAaaAuthMethodListGroup,
dAaaAuthcLoginMethodApplyGroup
}
::= { dAaaAuthMIBCompliances 1 }
-- units of conformance
dAaaAuthMIBGroups OBJECT IDENTIFIER ::= { dAaaAuthMIBConformance 2 }
dAaaAuthMethodListGroup OBJECT-GROUP
OBJECTS {
dAaaAuthGenMethodName,
dAaaAuthGenMethodRowStatus
}
STATUS current
DESCRIPTION
"A collection of objects provides the method list for AAA
authentication.
"
::= { dAaaAuthMIBGroups 1 }
dAaaAuthcLoginMethodApplyGroup OBJECT-GROUP
OBJECTS {
dAaaAuthLoginApplyListName,
dAaaAuthLoginApplyRowStatus
}
STATUS current
DESCRIPTION
"A collection of objects provides configuration to apply
AAA method list for login authentication.
"
::= { dAaaAuthMIBGroups 2 }
END
|
