CISCO-AUTH-FRAMEWORK-MIB Download

cafAaaNoRespRecoveryDelay

Specifies the AAA recovery delay for authentication methods registered in Authentication Framework when AAA server becomes active again after being inactive. A value of zero indicates that AAA recovery delay is disabled in the system.

cafAuthMethodRegTable

A list of authentication methods which are currrently registered with Authentication Framework. An entry is created by the agent when an authentication method has successfully registered with Authentication Framework. An entry is deleted by the agent upon ...

cafAuthMethodRegEntry

An entry containing registration information of a particular authentication method with Authentication Framework.

cafAuthMethod

The authentication method registered with Authentication Framework.

cafAuthMethodDefaultPriority

A unique number which indicates the default priority of a authentication method. The default priority is assigned by Authentication Framework during method registration. The method with smallest value has highest priority.

cafAuthMethodDefaultExecOrder

A unique number which indicates the default execution order of a authentication method. The default execution order is assigned by Authentication Framework during method registration. The method with smallest value will be execute first.

cafMacMoveMode

This object specifies the MAC Move configuration for Authentication Framework. deny : When a host is authenticated on one port, that address is not allowed on another authenticated manager-enabled port of the device. permit: Authenticated hosts are allowe ...

cafCoABouncePortCommandIgnoreEnabled

This object specifies whether the device ignores the bounce port command that sent from RADIUS via Change-of-Authorization (CoA) packets.

cafCoADisablePortCommandIgnoreEnabled

This object specifies whether the device ingores the disable port command that sent from RADIUS via Change-of-Authorization (CoA) packets.

cafPortConfigTable

A list of port entries. An entry will exist for each interface which support Authentication Framework feature.

cafPortConfigEntry

An entry containing management information of Authentication Framework applicable to a particular port.

cafPortControlledDirection

Specifies the controlled direction of this port.

cafPortFallBackProfile

Specifies the name of the fallback profile to be used when failing over to Web Proxy Authentication. A zero length string indicates that fallback mechanism to Web Proxy Authentication is disabled in Authentication Framework.

cafPortAuthHostMode

Specifies the authentication host mode for this port.

cafPortPreAuthOpenAccess

Specifies if the Pre-Authentication Open Access feature allows clients/devices to gain network access before authentication is performed. A value of 'true' for this object indicates that client/device is able to gain network access before authentication i ...

cafPortAuthorizeControl

Specifies the authorization control for this port.

cafPortReauthEnabled

Specifies if reauthentication is enabled for this port.

cafPortReauthInterval

Specifies the reauthentication interval, after which the port will be reauthenticated if value of the corresponding instance of cafPortReauthEnabled is 'true'. A value of zero indicates that the reauthentication interval is downloaded from AAA server when ...

cafPortRestartInterval

Specifies the interval after which a further authentication attempt should be made to this port if it is not authorized. A value of zero indicates that no further authentication attempt will be made if this port is unauthorized.

cafPortInactivityTimeout

Specifies the period of time that a client associating with this port is allowed to be inactive before being terminated. A value of zero indicates that inactivity timeout is disabled on this port. A value of -1 indicates that inactivity timeout is downloa ...

cafPortViolationAction

Specifies the action to be taken due to a security violation occurs on this port. restrict: This port will be moved to restricted state. shutdown: This port will be shutdown from Authentication Framework perspective. protect : This port will be moved to p ...

cafPortMethodTable

The table contains a list of port entries. An entry will exist for each port which supports Authentication Framework feature.

cafPortMethodEntry

Entry containing configuration and information of authentication methods for a particular port.

cafPortMethodAdminExecOrder

This object specifies the administrative execution order of authentication methods on the port. Methods are executed in the order as specified in the method list. Method which is at the beginning of the method list will be executed first. Method which i ...

cafPortMethodAdminPriority

This object specifies the administrative priority of authentication methods on the port. The priority of each method is assigned based on the method list. Method which is at the beginning of the method list has highest priority. Method which is at the e ...

cafPortMethodAvailable

This object indicates the authentication methods currently available on this port.

cafPortMethodOperExecOrder

This object indicates the operational execution order of authentication methods on this port. Methods are executed in the order as specified in the method list. Method which is at the beginning of the method list will be executed first. Method which is ...

cafPortMethodOperPriority

This object indicates the operational priority of authentication methods on this port. Methods have the priority as specified in the method list. Method which is at the beginning of the method list has highest priority. Method which is at the end of met ...

cafAuthFailedEventPortTable

The table contains a list of port entries. An entry will exist for each port which supports Authentication Fail event within the Authentication Framework.

cafAuthFailedEventPortEntry

Entry containing management information of Authentication Fail event for a particular port.

cafAuthFailedMaxRetry

This object specifies the maximum number of retry should be performed before generating Authentication Fail event. A value of zero indicates that Authentication Fail event will be generated upon authentication fail without any retry.

cafAuthFailedNoActionEnabled

This object specifies whether no action will be performed when an Authentication Fail event occurs. Setting 'true' on this object indicates that no action will be performed when Authentication Fail event occurs. The read-only value 'false' indicates that ...

cafAuthFailedAuthorizedVlan

This object specifies the Authentication Failed VLAN number. The read-only value of -1 indicates that this object is not applicable on this port. The read-only value of zero indicates that this port will not be authorized to any VLAN when Authentication F ...

cafAuthFailedNextMethodEnabled

This object specifies whether the next authentication method will be used if an Authentication Fail event is generated by the current authentication method. Setting this object to 'true' indicates that the next available authentication method will be used ...

cafSecurityViolationClient

The MAC address included in the notification currently being sent, indicating the client who triggered the security violation notification.

cafClientNoRespEventPortTable

The table contains a list of port entries. An entry exists for each port which supports No Response event within the Authentication Framework.

cafClientNoRespEventPortEntry

Entry containing management information of No Response event for a particular port.

cafClientNoRespNoActionEnabled

This object specifies whether an action is performed when No Response event occurs. Setting 'true' on this object indicates that no action will be performed when No Response event occurs. The read-only value 'false' of this object indicates that an action ...

cafClientNoRespAuthorizedVlan

This object specifies the No Response Authorized VLAN number. The read-only value of -1 indicates that this object is not applicable on this port. The read-only value of zero indicates that this port will not be authorized to any VLAN when No Response eve ...

cafServerEventPortTable

The table contains a list of port entries. An entry exists for each port which supports AAA Server Reachability event within the Authentication Framework.

cafServerEventPortEntry

Entry containing management information of AAA Server Reachability event for a particular port.

cafServerDeadNoActionEnabled

This object indicates whether an action is performed if an AAA Server Reachability event occurs. Setting 'true' on this object indicates that no action will be performed when AAA Server Reachability event occurs. The read-only value 'false' indicates that ...

cafServerDeadRemainAuthorized

This object specifies if current authorization will remain unchanged for the port when AAA Server Reachability event occurs. Setting 'true' on this object indicates that current authorization will remain unchanged for the port when AAA Server Reachability ...

cafServerDeadAuthorizedVlan

This object specifies the AAA Server Reachability Authorized VLAN number. The read-only value of -1 indicates that this object is not applicable on this port. The read-only value of zero indicates that this port will not be authorized to any VLAN when AAA ...

cafServerAliveAction

This object specifies the action applied to the port upon AAA recovery. none : no action will be applied. reinitialize: the port will be reinitialized with the current authentication method.

cafSessionTable

The table contains a list of authentication session. An entry is created when an authentication session has successfully created within Authentication Framework. An entry is deleted when an authentication session has been removed.

cafSessionEntry

Entry containing management information for a particular authentication session.

cafSessionId

A unique identifier of the authentication session.

cafSessionClientMacAddress

Indicates the MAC address of the device associates with the authentication session.

cafSessionClientAddrType

Indicates the type of Internet address of the client associates with the authentication session.

cafSessionClientAddress

Indicates the Internet address of the client associates with the authentication session. The type of this address is determined by the value of cafSessionClientAddrType object.

cafSessionStatus

Indicates the current status of the authentication session. idle : the session has been initialized and no method has run yet. running : an authentication method is running for this session. noMethod : no authentication method has provided a ...

cafSessionDomain

Indicates the type of domain that the authentication session belongs to. other : none of the below. data : indicates the data domain. voice: indicates the voice domain.

cafSessionAuthHostMode

Indicates the authentication host mode of the port in the authentication session.

cafSessionControlledDirection

Indicates the operational controlled directions parameter for this port in the authentication session.

cafSessionPostureToken

Indicates the posture token associates with the authentication session.

cafSessionAuthUserName

Indicates the name of the authenticated user for the authentication session.

cafSessionClientFramedIpPool

Indicates the name of the address pool from which the session's client IP address is assigned.

cafSessionAuthorizedBy

Indicates the name of the feature which authorizes the authentication session.

cafSessionCriticalTimeLeft

Indicates the leftover time before the next authentication attempt for the authentication session after Server Reachability event occurred. Value zero indicates that this session is currently being authenticated or it is not applicable.

cafSessionAuthVlan

Indicates the authorized VLAN applied to the authentication session. Value zero indicates that no authorized VLAN has been applied, or it is not applicable.

cafSessionTimeout

Indicates the session timeout used by Authentication Framework in the authentication session.

cafSessionTimeLeft

Indicates the leftover time of the current authentication session.

cafSessionTimeoutAction

Indicates the timeout action on the authentication session, when value of the corresponding instance of cafSessionTimeLeft reaches zero. unknown : None of the below. terminate : Session will be terminated. reauthenticate: Session will be reauthe ...

cafSessionInactivityTimeout

Indicates the inactivity timeout used by Authentication Framework in the authentication session.

cafSessionInactivityTimeLeft

Indicates the leftover time of the inactivity timer of the authentication session.

cafSessionReauth

The reauthentication control for the authentication session. Setting this object to 'true' cause the current authenticated session to reauthenticate the authenticated client. Setting this object to 'false' has no effect. This object always returns 'false' ...

cafSessionTerminate

The termination request control for the authentication session. Setting this object to 'true' terminates the current session. Setting this object to 'false' has no effect. This object always returns 'false' when being read.

cafSessionVlanGroupName

The name of the VLAN group that has been used during VLAN assignment for this session. A zero length string indicates that there is no VLAN group been used during VLAN assignment.

cafSessionMethodsInfoTable

The table contains a list of authentication method for every authentication session. An entry exists for each authentication method that can authenticate an authentication session within Authentication Framework.

cafSessionMethodsInfoEntry

Entry containing method information for a particular runnable authentication methods which is associated with a session for an Authentication Framework managed port.

cafSessionMethod

Indicates this authentication method.

cafSessionMethodState

Indicates the state of this authentication method. notRun : The method has not run for this session. running : The method is running for this session. failedOver : The method has failed and the next method is expected to provide a result. authcS ...

cafSecurityViolationNotifEnable

This variable indicates whether the system produces the cafSecurityViolationNotif. A 'false' value will prevent cafSecurityViolationNotif from being generated by this system.

cafAuthMethodRegGroup

A collection of objects that provides registration information of authentication methods in Authentication Framework.

cafAaaNoRespRecoveryDelayGroup

A collection of objects that provides AAA recovery delay configuration for Authentication Framework in the system.

cafAuthPortConfigGroup

A collection of objects that provides configuration of Authentication Framework for capable ports in the system.

cafPortMethodGroup

A collection of objects that provides configuration and information of authentication methods within Authentication Framework for capable ports in the system.

cafAuthFailedEventGroup

A collection of objects that provides configuration of Auth-Failed behaviour of Authentication Framework for ports in the system.

cafClientNoRespEventGroup

A collection of objects that provides configuration of Authentication Framework when no-responsive client is detected on a port in the system.

cafServerEventGroup

A collection of objects that provides configuration of Authentication Framework when AAA Server Reachability event occurs.

cafSessionGroup

A collection of objects that provides authentication session management information for Authentication Framework.

cafSessionMethodInfoGroup

A collection of objects that provides information about authentication methods associate with Authentication Framework 's authentication sessions in the system.

cafSecViolationNotifEnableGroup

A collection of objects that provides control over security violation notification for Authentication Framework in the system.

cafSecurityViolationClientGroup

A collection of objects providing MAC address of the offending client in the security violation notification.

cafSessionVlanGroupNameGroup

A collection of objects providing VLAN group information of authenticated session in Authentication Framework.

cafMacMoveConfigGroup

A collection of objects providing MAC move cofiguration information for Authentication Framework on the device.

cafCoACommandConfigGroup

A collection of objects providing configuration information for the device's behaviour on CoA commands.