CISCO-DOT11-SSID-SECURITY-MIB Download

cdot11SecAuxSsidTable

This table contains the list of SSIDs that all radio interfaces of this device should install and use for client associations.

cdot11SecAuxSsidEntry

A collection of attributes defining an auxiliary service set ID which client stations can use for association for the device. Entries can be installed on multiple radio interfaces.

cdot11SecAuxSsid

This object specifies a SSID defined on this IEEE 802.11 wireless LAN device. The SSID will be installed on the radio interfaces for client associations. The radio interface shall respond to probe requests using this SSID, but it does not advertise this ...

cdot11SecAuxSsidBroadcast

This object indicates if an auxiliary SSID is a Broadcast SSID. There should only be one Broadcast SSID installed on any IEEE 802.11 radio interface if Multiple BSSID feature is not enabled. To enable this SSID for MBSSID broadcast, use cdot11SecAuxSsid ...

cdot11SecAuxSsidInfraStruct

This object indicates if an auxiliary SSID is an infra-structure SSID. There should only be one infra-structure SSID installed on any IEEE 802.11 radio interface. The infra-structure SSID is used for uplink association while the radio interface cd11IfSt ...

cdot11SecAuxSsidProxyMobileIp

This object indicates if an auxiliary SSID is enabled for Proxy Mobile-IP support. If Proxy Mobile-IP is not supported in VLAN network environment, cdot11SecAuxSsidVlan should be '0' when Proxy Mobile-IP is enabled via this object.

cdot11SecAuxSsidMaxStations

This object defines the maximum number of IEEE 802.11 stations which may associate to a radio interface through this SSID. If the value is '0', the maximum number is limited only by the IEEE 802.11 standard and any hardware or radio firmware limitations ...

cdot11SecAuxSsidVlan

This object defines the VLAN trunk at which the traffic will be used when a client is associating with this SSID. The default value is '0', no VLAN is configured or used for this SSID.

cdot11SecAuxSsidWpaPsk

This object configures Wi-Fi Protected Access Pre-shared Key for this SSID. This key is used for association authentication and dynamic encryption key generation. The default value is ''H if this shared key feature is not enabled.

cdot11SecAuxRadiusAccounting

This object defines the name of the AAA accounting list to be used for association accounting. The default value is an empty string if AAA accounting is not enabled.

cdot11SecAuxSsidLoginUsername

This object specifies the username used for LEAP authentication and association to an uplink AP while this SSID is in infra-structure mode, i.e. cdot11SecAuxSsidInfraStruct is 'true'. The default value is an empty string if this feature is not enabled.

cdot11SecAuxSsidLoginPassword

This object specifies the password used for LEAP authentication association to an uplink AP while this SSID is in infra-structure mode, i.e. cdot11SecAuxSsidInfraStruct is 'true'. The default value is an empty string if this feature is not enabled.

cdot11SecAuxSsidAuthKeyMgmt

This object specifies the type of key management employed for encryption keys defined for the VLAN in cdot11SecAuxSsidVlan. WPA key management('wpa') should only be selected when encryption is TKIP or AES-CCMP and authentication is open, i.e. dot11Authent ...

cdot11SecAuxSsidAuthKeyMgmtOpt

This object specifies if the type of key management, cdot11SecAuxSsidAuthKeyMgmt, selected is optional. If it is 'true' and cdot11SecAuxSsidAuthKeyMgmt is not 'none', the key management is optional. If it is 'false' and cdot11SecAuxSsidAuthKeyMgmt is no ...

cdot11SecAuxSsidRowStatus

This is used to create a new SSID entry on this device, and modify or delete an existing SSID entry. Creation of rows must be done via 'createAndGo' with or without optional objects. This object will become 'active' if the NMS performs a multivarbind set ...

cdot11SecAuxSsidWirelessNetId

This object sets the Wireless Network ID of this SSID. This ID is used for Cisco GRE tunneling in layer 3 switching. The valid range for the ID is '1' to '4096' and the default value is '0' and it indicates no ID is configured or used on this SSID.

cdot11SecSsidRedirectAddrType

This is the address type of for the cdot11SecSsidRedirectDestAddr.

cdot11SecSsidRedirectDestAddr

This is the destination address set to all packets received from wireless clients associated to this wireless station using the cdot11SecAuxSsid. The cdot11SecSsidRedirectAddrType specifies the type of this address. The default value '00000000'H of cdo ...

cdot11SecSsidRedirectFilter

When the packet redirection feature is enable (i.e., cdot11SecSsidRedirectAddrType is 'ipv4' and cdot11SecSsidRedirectDestAddr value is not '00000000'H), this is the Cisco IP extended access list number or name used for filtering packets from wireless cli ...

cdot11SecSsidInformationElement

This is the set of Information Elements and extended capabilities embedded in the SSID broadcasted in beacons and probe responses. The extended capabilities 'advertisement' and 'wps' are allowed only if 'ssidl' is set.

cdot11SecAuxSsidVlanName

This is the name of the cdot11SecAuxSsidVlan. Either cdot11SecAuxSsidVlan or cdot11SecAuxSsidVlanName can be used to set the VLAN trunk for client traffic of this SSID. If both cdot11SecAuxSsidVlanName and cdot11SecAuxSsidVlan are set in a query, the se ...

cdot11SecAuxSsidMbssidBroadcast

This object controls if this SSID shall be broadcasted if MBSSID is enabled at the interface which this SSID is attached, i.e. if both cd11IfMultipleBssidEnable and cdot11SecAuxSsidMbssidBroadcastis are 'true', then this SSID is broadcasted. Otherwise, t ...

cdot11SecAuxSsidMbssidDtimPeriod

This is the DTIM period for this MBSSID enabled SSID. It is the number of beacon intervals that shall elapse between transmission of Beacons frames containing a TIM element whose DTIM Count field is 0. This DTIM period is only applicable if MBSSID is enab ...

cdot11SecAuxSsidAuthTable

This table contains attributes to configure authentication parameters for SSIDs listed in the cdot11SecAuxSsidTable. This table extends the IEEE802dot11-MIB dot11AuthenticationAlgorithmsTable to defines additional attributes authentication procedures for ...

cdot11SecAuxSsidAuthEntry

Each entry specifies a pre-defined authentication algorithms and additional authentication procedures for clients of an auxiliary SSID. The three pre-defined authentication algorithms are: openSystem(1), sharedKey(2), and network-EAP(3). The valid combin ...

cdot11SecAuxSsidAuthEnabled

If the value is 'true', this device may authenticate an association using SSID (specified by cdot11SecAuxSsid) with the corresponding pre-defined algorithm (identified by the dot11AuthenticationAlgorithmsIndex). The default value is 'true'.

cdot11SecAuxSsidAuthPlusEap

If both the values of this object and cdot11SecAuxSsidAuthEnabled are 'true', the association authentication must complete additional network-level EAP authentication before client stations will be unblocked from their association attempts. If the value ...

cdot11SecAuxSsidAuthPlusMac

If both the values of this object and cdot11SecAuxSsidAuthEnabled are 'true', the association authentication must complete additional MAC address authentication before client stations will be unblocked from their association attempts. If the value of thi ...

cdot11SecAuxSsidAuthEapMethod

If the value of cdot11SecAuxSsidAuthPlusEap is 'true' or dot11AuthenticationAlgorithm is Network-EAP, this is the EAP method list to use for the EAP authentication. The default is an empty string if EAP is not used.

cdot11SecAuxSsidAuthMacMethod

If the value of cdot11SecAuxSsidAuthPlusMac is 'true', this is the MAC address method list to use for the MAC authentication. The default is an empty string if MAC address authentication is not used.

cdot11SecAuxSsidAuthMacAlternate

If the values of this object, cdot11SecAuxSsidAuthEnabled, cdot11SecAuxSsidAuthPlusMac, and cdot11SecAuxSsidAuthPlusEap are all 'true' and the dot11AuthenticationAlgorithm is 'openSystem' the, the association authentication only need to complete either ad ...

cdot11SecInterfSsidTable

This table contains the list of SSIDs installed on radio interfaces of this device and are used for client association. This table has an expansion dependent relationship on the ifTable. For each entry in this table, there exists at least an entry in the ...

cdot11SecInterfSsidEntry

A collection of attributes for an auxiliary service set ID installed on a IEEE 802.11 radio interface. An interface can have multiple auxiliary service set ID installed and the current maximum for each radio interface is 16 SSIDs, and the cd11IfAuxiliary ...

cdot11SecInterfSsidRowStatus

This is used to install a new SSID configuration, and modify or delete an existing SSID configuration on a radio interface. Creation of rows must be done via 'createAndGo' and with an existing ifIndex of ifType ieee80211(71) and an existing cdot11SecAuxSs ...

cdot11MbssidMacAddrSupportTable

This table contains the list of available radio MAC addresses for supporting MBSSID on the IEEE 802.11 radio. This table has an expansion dependent relationship on the ifTable. For each entry in this table, there exists at least an entry in the ifTable o ...

cdot11MbssidMacAddrSupportEntry

Each entry is a MAC address assigned to the IEEE 802.11 radio available to be used as a BSSID and broadcasted in the radio beacon when MBSSID feature is enabled.

cdot11MbssidMacAddrIndex

This is an unique index identifying the MAC address assigned on the radio. If MBSSID is not supported on this device, the only available index number is 1. Currently, if MBSSID is supported, the index numbers are 1 to 16.

cdot11MbssidMacAddrSupported

This MAC address can be used as BSSID and broadcasted in the beacon with a SSID when cd11IfMultipleBssidEnable is 'true'.

cdot11MbssidInterfaceTable

This table displays the list of SSIDs and their corresponding BSSIDs configured on the IEEE 802.11 radios. This table has an expansion dependent relationship on the ifTable. For each entry in this table, there exists at least an entry in the ifTable of i ...

cdot11MbssidInterfaceEntry

Each entry defines an SSID being configured on the radio and the corresponding BSSID.

cdot11MbssidIfMacAddress

This is the BSSID to be sent with the radio SSID. If MBSSID feature is not enabled (i.e. cd11IfMultipleBssidEnable is 'false'), all SSIDs will be sent by the radio with the same BSSID and that is the radio hardware MAC address. If MBSSID feature is enable ...

cdot11MbssidIfBroadcast

If d11IfMultipleBssidEnable is 'true', MBSSID is enabled for the radio and this SSID is a broadcast SSID as follows 'true' - This SSID is a broadcast SSID and being broadcasted in the radio beacon. 'false' - This SSID is not a broadcast SSID and is not b ...

cdot11SecSsidMaxBackupVlans

Maximum number of backup VLANs that can be configured on a SSID.

cdot11SecSsidBackupVlanTable

This table lists the backup VLANs configured on a SSID. The number of backup VLANs that can be configured for each SSID identified by cdot11SecAuxSsid is limited by the value of dot11SecSsidMaxBackupVlans. This table has an expansion depedent relationship ...

cdot11SecSsidBackupVlanEntry

Each entry defines a backup VLAN configured on an SSID.

cdot11SecSsidBackupVlan

The backup VLAN configured on a SSID identified by the instance identifier value of cdot11SecAuxSsid.

cdot11SecSsidBackupVlanRowStatus

The status of this conceptual row.

cdot11SecLocalAuthServerEnabled

This object configures the use of local authentication server. If it is 'true', local authentication server is enabled. If it is 'false', the local authentication server is disabled. If both local and network servers are configured, the local server is ...

cdot11SecVlanNameTable

This table contains the mapping of VLAN names to IDs. A RADIUS server servering this wireless station can assign wireless clients associating to this station to a particular VLAN by either a VLAN name or an ID. When the VLAN assign of a client is via VLA ...

cdot11SecVlanNameEntry

A collection of attributes defining the properties of a VLAN name and the corresponding VLAN ID.

cdot11SecVlanName

This object defines the VLAN name assigned to wireless clients by the RADIUS server serving this wireless station.

cdot11SecVlanNameId

This object defines the VLAN trunk to which a client associating to this wireless station will be on. The value is '0' is not valid.

cdot11SecVlanNameRowStatus

This is used to create a new VLAN name to ID mapping entry on this device, and modify or delete an existing mapping entry. Creation of rows must be done via 'createAndGo' with all other mandatory objects. This object will become 'active' if the NMS perfo ...

cdot11SecSsidManagementGroup

This group includes objects to manage SSID on IEEE 802.11 devices and interfaces.

cdot11SsidAuthenticationGroup

This group includes objects to manage the association and authentication algorithms for SSIDs.

cdot11ModuleAuthenticationGroup

This group includes objects to manage the association and authentication of this wireless station module.

cdot11SecVlanManagementGroup

This group includes objects to manage the VLAN name and ID mapping table.

cdot11MbssidSupportGroup

This group includes objects providing MBSSID configuration information.

cdot11SecSsidBackupVlanManagementGroup

This group of objects are to manage the backup VLAN configuration on a SSID.