The following tables, groups, and variables are supported in this MIB.
|Branches of the Enterasys RADIUS Auth Client MIB||etsysRadiusAuthClientMIBObjects|
|RADIUS Auth Client Scalars||etsysRadiusAuthClientRetryTimeout||The number of seconds to wait for a RADIUS Server to respond to a request. Maintaining the value of this object across agent reboots is REQUIRED.|
|etsysRadiusAuthClientRetries||The number of times to resend an authentication packet if a RADIUS Server does not respond to a request. Maintaining the value of this object across agent reboots is REQUIRED.|
|etsysRadiusAuthClientEnable||Controls and indicates the operational state of the RADIUS client functionality. Maintaining the value of this object across agent reboots is REQUIRED.|
This indicates which method is being used for authentication.
mac(1) - indicates MAC address authentication
eapol(2) - indicates EAPOL authentication
This list of enumeration constants is subject to change. This parameter value is maintained across system reboots.
|RADIUS Auth Client Server Table||etsysRadiusAuthServerTable||A list of RADIUS servers that this client may attempt to use.|
|etsysRadiusAuthServerEntry||A RADIUS server that this client may attempt to use.|
A number uniquely identifying each conceptual row in the etsysRadiusAuthServerTable.
etsysRadiusAuthServerIndices with range between 2147483642 and 2147483647 indicate the highest priority servers stored for backwards compatibility. After consideration of these special indice values this value indicates the relative priority of the servers.
Relative priority of the servers is used when using the standard authentication retransmission algorithm. Maintaining the value of etsysRadiusAuthServerIndex for all active(1) entries across agent reboots is REQUIRED.
|etsysRadiusAuthClientServerAddressType||This object specifies how etsysRadiusAuthClientServerAddress is encoded. Support for all possible enumerations defined by InetAddressType is NOT REQUIRED.|
|etsysRadiusAuthClientServerAddress||The encoded unicast IP address or hostname of a RADIUS server. RADIUS requests will be sent to this address. If this address is a DNS hostname, then that hostname SHOULD be resolved into an IP address each time an authentication session is initialized.|
|etsysRadiusAuthClientServerPortNumber||The UDP port number (0-65535) the client will use to send RADIUS requests to this server.|
This object is the secret shared between the RADIUS authentication server and the RADIUS client.
On a read operation this object MUST return a zero length string.
Writing this object with a zero length string clears the secret.
true(1) - Indicates that etsysRadiusAuthClientServerSecret was last set with some value other than the empty string.
false(2) - Indicates that etsysRadiusAuthClientServerSecret has never been set, or was last set to the empty string."
The number of seconds elapsed since the counters were last cleared.
Writing the value zero will cause the servers counters to be cleared and the clear time will be set to zero. Writing any value other than zero will have no effect.
The row status of this conceptual row in the table.
active - The server is available for performing RADIUS operations. Other writable leaves in this row MUST NOT be modified while the row is in the active state.
notInService - The entry is fully configured but is not available for performing RADIUS operations. Conceptual rows with this status MAY be deleted at the discretion of the agent, at which time it will be treated as if destroy(6) was SET to this object.
notReady - The entry exists in the agent, but is missing information necessary in order to be available for use by the managed device (i.e., one or more required columns in the conceptual row have not been instantiated);
createAndGo - Not possible. createAndWait - Creates a new instance of a conceptual row, but does not make it available for use by the managed device.
destroy - This will remove the conceptual row from the table and make it unavailable for RADIUS client operations. This MUST also cause any persistent data related to this row to be removed from the system. Maintaining active(1) entries across agent reboots is REQUIRED.
This object allows a server to be restricted to providing authentication services to certain classes of access methods.
any(1) - the server will be available to authenticate users originating from either the mgmtAccess or networkAccess realms.
mgmtAccess(2) - the server will only be available for authenticating users that have requested management access via the console, telnet, SSH, HTTP, etc.
networkAccess(3) - the server will only be available for authenticating users that are attempting to gain access to the network via 802.1X, Port Web Authentication, MAC Authentication, etc.
nms(4) - the server will only be available for authenticating users that are attempting to gain access to the network via network virtualization or virtual machine tracking using a network management system. This realm type is only allowed for backwards compatibility and is not included when any is specified.
Non-default values for this object should be used when there is a desire to have one set of servers used for authenticating management access requests and a different set used for authenticating network access requests. When this object has the value of any(1) then the associated server will be in each of the mgmtAccess and networkAccess sets. The precedence order defined by the relative value of the etsysRadiusAuthServerIndex will be maintained within each set of servers."
|etsysRadiusAuthClientServerTimeout||The number of seconds to wait for a RADIUS Server to|