ENTERASYS-RADIUS-ACCT-CLIENT-EXT-MIB

The following tables, groups, and variables are supported in this MIB.

Table/Group Supported Variables Comments
MIB Objects etsysRadiusAcctClientEnable This object indicates whether or not RADIUS Accounting is enabled or disabled. This parameter value is maintained across system reboots.
etsysRadiusAcctClientUpdateInterval This indicates how many seconds elapse between accounting interim updates. This parameter value is maintained across system reboots. A value of zero means no Interim Updates. If the value is less than etsysRadiusAcctClientIntervalMinimum, the etsysRadiusAcctClientIntervalMinimum value will be used for the update interval time. If RADIUS Accounting is not enabled, this object is ignored. Note that Accounting Interim Updates are not issued by the RADIUS Accounting Client, unless so requested by the RADIUS Server in an Access Accept packet.
etsysRadiusAcctClientIntervalMinimum This indicates the minimum value in seconds between accounting interim updates supported by the managed entity. This parameter value is maintained across system reboots. If RADIUS Accounting is not enabled, this object is ignored.
etsysRadiusAcctClientServerTable The (conceptual) table listing the RADIUS Accounting servers.
etsysRadiusAcctClientServerEntry An entry (conceptual row) representing a RADIUS Accounting server with which the client shares a secret. If RADIUS Accounting is not enabled, this table is ignored. All created conceptual rows are non-volatile and as such must be maintained upon restart of the agent.
etsysRadiusAcctClientServerIndex A number uniquely identifying each conceptual row in the etsysRadiusAcctClientServerTable. In the event of an agent restart, the same value of etsysRadiusAcctClientServerIndex must be used to identify each conceptual row in etsysRadiusAcctClientServerTable as was used prior to the restart.
etsysRadiusAcctClientServerAddressType The type of Internet address by which the RADIUS Accounting server is reachable.
etsysRadiusAcctClientServerAddress The Internet address for the RADIUS Accounting server. Note that implementations must limit themselves to a single entry in this table per reachable server. The etsysRadiusAcctClientServerAddress may not be empty due to the SIZE restriction. Also the size of a DNS name is limited to 64 characters. This parameter value is maintained across system reboots.
etsysRadiusAcctClientServerPortNumber The UDP port number (1-65535) the client is using to send requests to this server. The officially assigned port number for RADIUS Accounting is 1813. This parameter value is maintained across system reboots.
etsysRadiusAcctClientServerSecret This object is the secret shared between the RADIUS Accounting server and RADIUS client. This parameter value is maintained across system reboots. While the 'official' MAX-ACCESS for this object is read-create, all security-conscious implementations will 'lie' on a read, and return a null-string, or something else that is fairly innocuous. The ability to read back passwords and secret encryption keys is generally a Bad Thing (tm).
etsysRadiusAcctClientServerSecretEntered This indicates the existence of a shared secret.
etsysRadiusAcctClientServerRetryTimeout The number of seconds to wait for a RADIUS Accounting Server to respond to a request. This parameter value is maintained across system reboots. A value of -1 indicates that the appropriate realm value should be used - etsysRadiusAcctClientMgmtRetryTimeout or etsysRadiusAcctClientNetworkRetryTimeout.
etsysRadiusAcctClientServerRetries The number of times to resend an accounting packet if a RADIUS Accounting Server does not respond to a request. This parameter value is maintained across system reboots.
etsysRadiusAcctClientServerClearTime On a read, this value indicates the number of seconds since the counters, as defined in the IETF standard RADIUS Accounting Client MIB (RFC2618), were cleared. On a write, the client counters will be cleared and the clear time will be set to zero.
etsysRadiusAcctClientServerStatus

Lets users create and delete RADIUS Accounting server entries on systems that support this capability.

Rules
  1. When creating a RADIUS Accounting Client, it is up to the management station to determine a suitable etsysRadiusAcctClientServerIndex. To facilitate interoperability, agents should not put any restrictions on the etsysRadiusAcctClientServerIndex beyond the obvious ones that it be valid and unused.
  2. Before a new row can become 'active', values must be supplied for the columnar objects etsysRadiusAcctClientClientServerAddress, and etsysRadiusAcctClientServerSecret.
  3. The value of etsysRadiusAcctClientServerStatus must be set to 'notInService' in order to modify a writable object in the same conceptual row.
  4. etsysRadiusAcctClientServer entries whose status is 'notReady' or 'notInService' will not be used for Accounting.
etsysRadiusAcctClientServerUpdateInterval

This indicates how many seconds elapse between accounting interim updates from the client to this RADIUS server. This parameter value is maintained across system reboots. A value of zero means no Interim Updates. If the value is less than etsysRadiusAcctClientServerIntervalMinimum, the etsysRadiusAcctClientServerIntervalMinimum value will be used for the update interval time. If RADIUS Accounting is not enabled, this object is ignored. Note that Accounting Interim Updates are not issued by the RADIUS Accounting Client, unless so requested by the RADIUS Server in an Access Accept packet.

A value of -1 indicates that this object is not configured and this device will use the value configured in etsysRadiusAcctClientUpdateInterval for the minimum value in seconds between accounting interim updates for this RADIUS server.

etsysRadiusAcctClientServerIntervalMinimum

This indicates the minimum value in seconds between accounting interim updates supported by the managed entity for this RADIUS server. This parameter value is maintained across system reboots. If RADIUS Accounting is not enabled, this object is ignored.

A value of -1 indicates that this object is not configured and this device will use the value configured in etsysRadiusAcctClientIntervalMinimum for the minimum value in seconds between accounting interim updates for this RADIUS server.

etsysRadiusAcctClientServerRealmType

This object allows a server to be restricted to providing authentication services to certain classes of access methods.

any(1) - the server will be available to authenticate users originating from any of the access methods.

mgmtAccess(2) - the server will only be available for authenticating users that have requested management access via the console, telnet, SSH, HTTP, etc.

networkAccess(3) - the server will only be available for authenticating users that are attempting to gain access to the network via 802.1X, Port Web Authentication, MAC Authentication, etc.

Non-default values for this object should be used when there is a desire to have one set of servers used for authenticating management access requests and a different set used for authenticating network access requests. When this object has the value of any(1) then the associated server will be in each set. The precedence order defined by the relative value of the etsysRadiusAuthServerIndex will be maintained within each set of servers.

etsysRadiusAcctClientServerClientAddressType This object specifies how etsysRadiusAcctClientServerClientAddress is encoded. Support for all possible enumerations defined by InetAddressType is NOT REQUIRED.
etsysRadiusAcctClientServerClientAddress The encoded unicast IP address of a local system interface. RADIUS requests will be sent from this address.
etsysRadiusAcctClientServerClientVirtualRouterName

The name of the local system virtual router that traffic sent to this RADIUS server should be associated with.

Writing this object with a zero length string clears the virtual router name for this server.

Additional RADIUS Acct Client Scalars etsysRadiusAcctClientMgmtEnable This object indicates whether or not RADIUS Accounting is enabled or disabled for management sessions. This parameter value is maintained across system reboots. The unset value (0) indicates that the value in etsysRadiusAcctClientEnable should be used.
etsysRadiusAcctClientNetworkEnable This object indicates whether or not RADIUS Accounting is enabled or disabled for network sessions. This parameter value is maintained across system reboots. The unset value (0) indicates that the value in etsysRadiusAcctClientEnable should be used.
etsysRadiusAcctClientMgmtRetryTimeout The number of seconds to wait for a RADIUS Accounting Server in the management realm to respond to a request. This parameter value is maintained across system reboots. This value may be overridden by the per server etsysRadiusAcctClientServerRetryTimeout.
etsysRadiusAcctClientNetworkRetryTimeout The number of seconds to wait for a RADIUS Accounting Server in the network realm to respond to a request. This parameter value is maintained across system reboots. This value may be overridden by the per server etsysRadiusAcctClientServerRetryTimeout.