ENTERASYS-MAC-AUTHENTICATION-MIB

The following tables, groups, and variables are supported in this MIB.

Table/Group Supported Variables Comments
etsysMACAuthenticationSystemGroup etsysMACAuthenticationSystemEnable When enabled(1), all objects in this MIB are fully active. When disabled(2), this object overrides all other object settings in this MIB without affecting their values.
etsysMACAuthenticationMACUserPassword This is the string to be used as a password credential when authenticating a MAC address when etsysMACAuthenticationMode is set to sharedSecret(1).
etsysMACAuthenticationPortUserNameSignificantBits This object represents the number of significant bits in the MAC addresses to be used starting with the left-most bit of the vendor portion of the MAC address. The significant portion of the MAC address is sent as a user-name credential when the primary attempt to authenticate the full MAC address fails. Any other failure to authenticate the full address, (i.e. authentication server timeout) causes the the next attempt to start once again with a full MAC authentication."
etsysMACAuthenticationMode

This object is used to determine the type of password credential to use when authenticating a MAC address.

password(1) - Attempt to authenticate a user with the password credential provided by etsysMACAuthenticationMACUserPassword.

radiusUsername(2) - Attempt to authenticate a user with a password credential that is the same as their radius username credential.

etsysMACAuthenticationSystemAccountEnable

When enabled(1), RADIUS accounting start, interim and stop frames are sent to the configured RADIUS server(s).

When disabled(2), accounting packets are not sent to the RADIUS server.

etsysMACAuthenticationSystemUserNameCase

"When LOWER(1), the user-name credential is the MAC address formatted as xx:xx:xx:xx:xx:xx or xx-xx-xx-xx-xx-xx or xxxxxxxxxxxx. When set to UPPER(2), the user-name credential is the MAC address formatted as XX:XX:XX:XX:XX:XX or XX-XX-XX-XX-XX-XX or XXXXXXXXXXXX." DEFVAL { upper } ::= { etsysMACAuthenticationSystem 7 } etsysMACAuthenticationSystemGroup4 OBJECT-GROUP

MAX-ACCESS read-write.

etsysMACAuthenticationPortConfigGroup etsysMACAuthenticationPortConfigTable A table containing configuration objects for each MAC authentication port. The configuration for each port in this table must be non-volatile.
etsysMACAuthenticationPortConfigEntry Each conceptual row provides control over all of the initial values used by each authenticated MAC on this port. Subsequent changes to rows in this table, except where noted, have no effect on existing MACs authenticated on this port.
etsysMACAuthenticationPort This is the InterfaceIndex associated with this row.
etsysMACAuthenticationPortInitialize When set to true(1), the MAC authentication logic on this port is initialized, forcibly ending all MAC authentication sessions currently in existence on this port. A set with the value false(2) has no affect and a read always returns false.
etsysMACAuthenticationPortReauthenticate When set to true(1), the MAC authentication entity on this port is required to immediately verify all currently authenticated MACs on this port. This requires that each MAC address be authenticated with the authentication server through the local authentication client or some other authentication mechanism. Each supplicant remains authenticated pending the outcome.
etsysMACAuthenticationPortEnable When set to enabled(1), a platform dependent triggering mechanism initiates an authentication exchange using a MAC address for authentication credentials. When disabled(2), authentication attempts are disabled and all currently authenticated MAC sessions or those in the process of authentication on this port are terminated.
etsysMACAuthenticationPortQuietPeriod Unsupported object.
etsysMACAuthenticationPortReauthPeriod The value, in seconds, between attempts to re-authenticate any current MAC authenticated on this port.
etsysMACAuthenticationPortReauthEnabled If enabled(1), then every etsysMACAuthenticationReauthPeriod the switch attempts to validate all currently authenticated MACs on this port. When set to disabled(2) all current re-authentications in progress are allowed to complete and the requisite actions are taken. When set to disabled(2), no further re-authentications are attempted.
etsysMACAuthenticationAuthenticationsAllowed The maximum number of concurrent authentications supported on this port on this module. The default value of this object is platform and resource dependent.
etsysMACAuthenticationAuthenticationsAllocated The maximum number of MAC authentications permitted on this port on this module. This value must be non-zero and be less than or equal to the value of etsysMACAuthenticationAuthenticationsAllowed. Setting this object to a value less than the current number of authenticated MACs on this port prevents further authentications, but has no affect on the current sessions.
etsysMACAuthenticationLastFailedAuthCause The string will be formatted with 'XX-XX-XX-XX-XX-XX: TIME&DATE: Textual failure reason'; where XX-XX-XX-XX-XX-XX is the MAC address and TIME&DATE is the time (hh/mm/ss) and date (mm/dd/yyyy) of the failure. It is also only best effort; as there could be multiple failures per port and the agent may query this at any random time.
etsysMACAuthenticationMACConfigGroup etsysMACAuthenticationMACConfigTable A table containing configuration objects for each MAC authenticated on a port. Each row in this table is created dynamically when a MAC authenticates on a port.
etsysMACAuthenticationMACConfigEntry Each conceptual row inherits it's initial information from the row in the etsysMACAuthenticationPortConfigTable corres