ALCATEL-IND1-AAA-MIB Download

alcatelIND1AAAMIBObjects

Branch For Authentication, Authorization, and Accounting (AAA) Subsystem Managed Objects.

alcatelIND1AAAMIBConformance

Branch For Authentication, Authorization, and Accounting (AAA) Subsystem Conformance Information.

alcatelIND1AAAMIBGroups

Branch For Authentication, Authorization, and Accounting (AAA) Subsystem Units Of Conformance.

alcatelIND1AAAMIBCompliances

Branch For Authentication, Authorization, and Accounting (AAA) Subsystem Compliance Statements.

aaaServerTable

This table shows current configuration for each AAA server.

aaaServerEntry

An AAA server configuration identified by its protocol and its index. An entry is created/removed when a server is defined or undefined with IOS configuration commands via CLI or by issuing appropriate sets to this table using snmp.

aaasName

Name of the server. This name is given by the operator to refer the server.

aaasProtocol

Protocol used with the server: radius(1) - RADIUS ldap(2) - LDAP ace(3) - ACE tacacs(4) - TACACS+

aaasHostName

DNS name of the server host.

aaasIpAddress

IP address of the server host.

aaasHostName2

DNS name of the backup server host.

aaasIpAddress2

IP address of the backup server host.

aaasRetries

Number of retries the switch makes to the server to authenticate a user before trying the next backup server. The default value is 3.

aaasTimout

Time-out for server replies to authentication requests. The default value is 2.

aaasRadKey

The shared secret is a string of characters known to the switch and to the RADIUS server, but it is not sent out over the network. The secret can be any text string and must be configured here as well as on the server. The secret is stored encrypted using ...

aaasRadAuthPort

For RADIUS server only. Port number for authentication request; the host is not used for authentication if set to 0. The default value is 1645.

aaasRadAcctPort

For RADIUS server only. Port number for accounting request; the host is not used for authentication if set to 0. The default value is 1646.

aaasLdapPort

For LDAP server only. Port number for LDAP server host.

aaasLdapDn

For LDAP server only. the super user dn, i.e., the administrative distinguished name recognized by the LDAP-enabled directory servers (e.g., cn=manager)

aaasLdapPasswd

For LDAP server only. the super user password, i.e., the administrative password recognized by LDAP-enabled directory servers (e.g., secret). The secret is stored encrypted using a two way algorithm.

aaasLdapSearchBase

For LDAP server only. Search base recognized by LDAP-enabled directory servers (e.g.,o=company, c=US).

aaasLdapServType

For LDAP server only. Directory server type used in LDAP Authentication: ns(0) - non significant value generic(1) - Generic Schema netscape(2) - Netscape Directory Server novell(3) - Novell NDS sun(4) - Sun Directory Services microsoft(5) - Microsoft Acti ...

aaasLdapEnableSsl

Only for LDAP server. Specify if the connection between the swtich and the LDAP server use a SSL session.

aaasAceClear

Only for ACE server. The ACE/Server generates a secrets that it sends to clients for authentication. While you cannot configure the secret on the switch, you can clear it. To clear the current ACE/Server secret, set this OID. After clearing the secret on ...

aaasRowStatus

The status of this table entry.

aaasTacacsKey

The shared secret is a string of characters known to the switch and to the TACACS+ server, but it is not sent out over the network. The secret can be any text string and must be configured here as well as on the server. The secret is stored encrypted usin ...

aaasTacacsPort

For TACACS+ server only. Port number for LDAP server host.

aaasHttpPort

For HTTP server only. Port number for LDAP server host.

aaasHttpDirectory

For HTTP server only. A combination of directory tree and filename where the CRL can be found.

aaasHttpProxyHostName

For HTTP server only. DNS name of the proxy server.

aaasHttpProxyIpAddress

For HTTP server only. IP address of the proxy server.

aaasHttpProxyPort

For HTTP server only. Port number for HTTP proxy server.

aaaAuthVlanTable

This table allow to display and modify the configuration of the authentication servers for the authenticated vlans.

aaaAuthVlanEntry

There can be one or several entries in this table. In case of single authority, all vlan are authenticated by the same set of servers, the aaatvVlan index is then equal to 0. In case of multiple authorities, each authenticated vlan has its own list of ser ...

aaatvVlan

It indicate the vlan number authenticated by the servers. The value (0) means that all vlan are authenticated by the same servers (single mode configuration).

aaatvName1

Name of the server. It corresponds to an index value of the aaaServerTable An Ace server can not be used in front hand.

aaatvName2

Name of the server. It corresponds to an index value of the aaaServerTable An Ace server can not be used in front hand.

aaatvName3

Name of the server. It corresponds to an index value of the aaaServerTable An Ace server can not be used in front hand.

aaatvName4

Name of the server. It corresponds to an index value of the aaaServerTable An Ace server can not be used in front hand.

aaatvRowStatus

The status of this table entry.

aaatvCertificate

use of x509 user certificate during the HTTPs session establisment. no-certificate(0)- no user certificate is required, certificate-only(1) - the DN from the certifiicate is used to access to the authorization data of the user certificate-with-password(2) ...

aaaAuthSATable

This table allow to display and modify the configuration of the authentication servers for the switch accesses.

aaaAuthSAEntry

A switch access authentication entry is specified by the type of access.

aaatsInterface

Type of connection that must be authenticated default(1) -define the default authentication method for console, telnet, ftp, snmp , http and ssh. If the operator interface is not especially configured the default value is applied to this interface.

aaatsName1

Name of the server. Special value 'local' correspond to the local database. Other name correspond to an index value of the aaaServerTable snmp entry can only use ldap server and local database.

aaatsName2

Name of a server used if the precedent is not accessible. Special value 'local' correspond to the local database. Other name correspond to an index value of the aaaServerTable snmp entry can only use ldap server and local database.

aaatsName3

Name of a server used if the precedent is not accessible. Special value 'local' correspond to the local database. Other name correspond to an index value of the aaaServerTable snmp entry can only use ldap server and local database.

aaatsName4

Name of a server used if the precedent is not accessible. Special value 'local' correspond to the local database. Other name correspond to an index value of the aaaServerTable snmp entry can only use ldap server and local database.

aaatsRowStatus

The status of this table entry.

aaatsCertificate

use of x509 user certificate during the HTTPs session establisment. no-certificate(0)- no user certificate is required, certificate-only(1) - the DN from the certifiicate is used to access to the authorization data of the user certificate-with-password(2) ...

aaaAcctVlanTable

This table allows to display and configure the accounting servers for authenticated Vlans.

aaaAcctVlanEntry

There can be one or several entries in this table. In case of single authority, accounting information for all vlans are sent to the same set of servers, the aaatVlan index is then equal to 0. In case of multiple authorities, each authenticated vlan has i ...

aaacvVlan

Current vlan number. The value (0) for avlan interface means that all authenticated vlans use the same servers for authentication.

aaacvName1

Name of the server. Special value 'local' correspond to the local log. Other name correspond to an index value of the aaaServerTable An Ace server can not be used for accounting.

aaacvName2

Name of a server used if the precedent is not accessible. Special value 'local' correspond to the local log. Other name correspond to an index value of the aaaServerTable An Ace server can not be used for accounting.

aaacvName3

Name of a server used if the precedent is not accessible. Special value 'local' correspond to the local log. Other name correspond to an index value of the aaaServerTable An Ace server can not be used for accounting.

aaacvName4

Name of a server used if the precedent is not accessible. Special value 'local' correspond to the local log. Other name correspond to an index value of the aaaServerTable An Ace server can not be used for accounting.

aaacvRowStatus

The status of this table entry.

aaaAcctSATable

This table shows current configuration for Switch access accounting.

aaaAcctSAEntry

Accounting configuration for switch access.

aaacsInterface

For now, accounting for console, telnet, ftp, http, snmp, ssh are stored in the same set of servers, the index is always (1).

aaacsName1

Name of the server. Special value 'local' correspond to the local log. Other name correspond to an index value of the aaaServerTable An Ace server can not be used for accounting.

aaacsName2

Name of a server used if the precedent is not accessible. Special value 'local' correspond to the local log. Other name correspond to an index value of the aaaServerTable An Ace server can not be used for accounting.

aaacsName3

Name of a server used if the precedent is not accessible. Special value 'local' correspond to the local log. Other name correspond to an index value of the aaaServerTable An Ace server can not be used for accounting.

aaacsName4

Name of a server used if the precedent is not accessible. Special value 'local' correspond to the local log. Other name correspond to an index value of the aaaServerTable An Ace server can not be used for accounting.

aaacsRowStatus

The status of this table entry.

aaaAuth8021xTable

This table shows current configuration for 802.1X authentication.

aaaAuth8021xEntry

configuration for 802.1X authentication.

aaatxInterface

For now, the index is always (1).

aaatxName1

Name of the server. It corresponds to an index value of the aaaServerTable Only RADIUS server can be used in front hand.

aaatxName2

Name of the server. It corresponds to an index value of the aaaServerTable Only RADIUS server can be used in front hand.

aaatxName3

Name of the server. It corresponds to an index value of the aaaServerTable Only RADIUS server can be used in front hand.

aaatxName4

Name of the server. It corresponds to an index value of the aaaServerTable Only RADIUS server can be used in front hand.

aaatxOpen

Type of port openning after authentication. If open-global(1) the port treats packet with unknown MAC addresses like an un-authenticated port. If open-unique(2), the port drops incomming packet with unknown MAC addresses.

aaatxRowStatus

The status of this table entry.

aaaAcct8021xTable

This table shows current configuration for 802.1X accounting.

aaaAcct8021xEntry

Configuration for 802.1X accounting.

aaacxInterface

For now, the index is always (1).

aaacxName1

Name of the server. It corresponds to an index value of the aaaServerTable Only RADIUS server can be used in front hand.

aaacxName2

Name of the server. It corresponds to an index value of the aaaServerTable Only RADIUS server can be used in front hand.

aaacxName3

Name of the server. It corresponds to an index value of the aaaServerTable Only RADIUS server can be used in front hand.

aaacxName4

Name of the server. It corresponds to an index value of the aaaServerTable Only RADIUS server can be used in front hand.

aaacxRowStatus

The status of this table entry.

aaaPkiTable

This table shows current configuration for PKI.

aaaPkiEntry

Configuration for PKI.

aaatpInterface

For now, the index is always (1).

aaatpName1

Name of the server contening the CRL. It corresponds to an index value of the aaaServerTable

aaatpName2

Name of the server contening the CRL. It corresponds to an index value of the aaaServerTable

aaatpName3

Name of the server contening the CRL. It corresponds to an index value of the aaaServerTable

aaatpName4

Name of the server contening the CRL. It corresponds to an index value of the aaaServerTable

aaatpLevel

level of control to do on the user certificate. certificate means that there is a valid chain of certificate between the user certificate and a root certificate known by the switch. The root certificates are managed using specific pki commands. All certif ...

aaatpRowStatus

The status of this table entry.

aaaUserTable

This table shows current configuration for the local user database.

aaaUserEntry

An user configuration identified by its user name.

aaauUserName

Name of the user.

aaauPassword

Password of the user. For get response the password in encoded in a one way method. This makes the password readable by noone.

aaauReadRight1

Specifies the families that the user can execute with read right. Each bit of the 32-bit integer mask represents a command's family number. When the family bit is set, the user is allowed to run commands of this family.First part of the bitmask.If the val ...

aaauReadRight2

Specifies the families that the user can execute with read right. Each bit of the 32-bit integer mask represents a command's family number. When the family bit is set, the user is allowed to run commands of this family.Second part of the bitmask.If the va ...

aaauWriteRight1

Specifies the families that the user can execute with write right. Each bit of the 32-bit integer mask represents a command's family number. When the family bit is set, the user is allowed to run commands of this family. First part of the bitmask.If the v ...

aaauWriteRight2

Specifies the families that the user can execute with write right. Each bit of the 32-bit integer mask represents a command's family number. When the family bit is set, the user is allowed to run commands of this family. Second part of the bitmask.If the ...

aaauProfile

Specifies the profile number. A profile number in the user account database represents the geographic privilege. This number points to an entry in the table of the user profiles.

aaauSnmpLevel

Specifies if the user is authorized to use SNMP and if yes its security level. no(1) - Not authorized to use SNMP. noauth(2) - SNMPv1,SNMPv2c or SNMPv3 without authentication. sha(3) - SNMPv3 with SHA authentication and no encryption. md5(4) - SNMPv3 with ...

aaauSnmpAuthKey

Authentication key of the user. The key is encoded in a two way method. The encryption key is deducted from this key.

aaauRowStatus

The status of this table entry.

aaauOldPassword

Internal use

aaauEndUserProfile

Specifies the END user profile name.

aaauPasswordExpirationDate

The local time of when the password would be expired. This date will be reset once the value of aaaAsaDefaultPasswordExpirationInDays is updated. Only the following format is valid: mm/dd/yyyy hh:mm where mm - month (1-12) dd - day (1-31) yyyy - y ...

aaauPasswordExpirationInMinute

Number of minutes from now till the password expiration time. Setting this object will update aaauPasswordExpirationDate. If -1, password will not be expired. If 0, password has been expired.

aaaAuthenticatedUserTable

Provide the list of users currently authenticated into the switch for bridging purpose.

aaaAuthenticatedUserEntry

An entry in the AaaAuthenticatedUserTable.

aaaaMacAddress

Mac address of the user's device.

aaaaUserName

Login name of the user.

aaaaSlot

Slot number on which user is connected.

aaaaPort

Port number on which the user is connected.

aaaaVlan

Vlan number on which the user is authenticated.

aaaaDrop

Allow to remove a Mac address from a Vlan. The corresponding user is logged out of the network.

aaaAvlanDnsName

Dns name used to get the authentication Web page when authenticating using http.

aaaAvlanDhcpDefGateway

IP address that is used as the DHCP gateway address before the user get authenticated.It specifies the subnet into which a client receives its IP address prior to authentication

aaaAvlanDefaultTraffic

Enable the traffic in the default vlan prior to authentication if the value is true

aaaAvlanPortBound

Associate a MAC address to a specific Vlan on an authenticated port (printers, ...)

aaaAvlanLanguage

Force to read the language specific file for HTTP AVLAN (label.txt)

aaaAsaPasswordSizeMin

Minimum number of digits of the passwords ( nominator aaauPassword).

aaaAsaDefaultPasswordExpirationInDays

Default password expiration time in days to be applied to all users. Updating this object will reset aaauPasswordExpirationDate. Password expiration will not be enforced if set to 0.

aaaAvlanAddressTable

Vlan authenticated IP address Table

aaaAvlanAddressEntry

Vlan authenticated IP address entry

aaaAvlanId

Vlan Id corresponding to the authenticated IP address

aaaAvlanIpAddress

Authenticated IP address for this vlan id

aaaServerMIBGroup

Collection of objects for management of AAA Server.

aaaAuthAcctGroup

Collection of objects for management of AAA Authentication Accounting.

aaaUserMIBGroup

Collection of objects for management of AAA User Local Database.