CISCO-AAA-CLIENT-MIB: View SNMP OID List / Download MIB

VENDOR: CISCO


 Home MIB: CISCO-AAA-CLIENT-MIB
Download as:   

Download standard MIB format if you are planning to load a MIB file into some system (OS, Zabbix, PRTG ...) or view it with a MIB browser. CSV is more suitable for analyzing and viewing OID' and other MIB objects in excel. JSON and YAML formats are usually used in programing even though some systems can use MIB in YAML format (like Logstash).
Keep in mind that standard MIB files can be successfully loaded by systems and programs only if all the required MIB's from the "Imports" section are already loaded.
The tree-like SNMP object navigator requires no explanations because it is very simple to use. And if you stumbled on this MIB from Google note that you can always go back to the home page if you need to perform another MIB or OID lookup.


Object Name OID Type Access Info
 ciscoAAAClientMIB 1.3.6.1.4.1.9.9.158
This MIB module provides data for authentication method priority based on Authentication, Authorization, Accounting (AAA) protocols. References: The TACACS+ Protocol Version 1.78, Internet Draft RFC 1411 Telnet Authentication: Kerberos Version 4. RFC 1964 The Kerberos Version 5 GSS-API Mechanism.
         cacMIBObjects 1.3.6.1.4.1.9.9.158.1
             cacPriority 1.3.6.1.4.1.9.9.158.1.1
                 cacPriorityTable 1.3.6.1.4.1.9.9.158.1.1.1 no-access
This table contains entries for AAA authentication methods configured in the system. At startup, agent set up all the entries of the table. All authentication methods will be disabled except local authentication will be enabled for each session type and login mode. Users later can enable/disable a specific authentication method through cacEnable object. The following table describes the startup state of each authentication method and session type in normal login mode and enable login mode. AuthenMethod Console Session Telnet Session Http Session ------------ ---------------- ---------------- ------------ tacacs disabled disabled disabled radius disabled disabled disabled kerberos disabled disabled disabled local enabled(*) enabled(*) enabled(*) (*) denotes primary method.
                     cacPriorityEntry 1.3.6.1.4.1.9.9.158.1.1.1.1 no-access
An entry containing the priority number of an authentication method used in a session.
                         cacSession 1.3.6.1.4.1.9.9.158.1.1.1.1.1 sessiontype no-access
This is the session type used to connect to the network device.
                         cacAuthen 1.3.6.1.4.1.9.9.158.1.1.1.1.2 authenmethod no-access
This is the authentication method used to authenticate users.
                         cacLoginMode 1.3.6.1.4.1.9.9.158.1.1.1.1.3 loginmode no-access
This is the login mode user used to login to the network device.
                         cacEnable 1.3.6.1.4.1.9.9.158.1.1.1.1.4 truthvalue read-write
It indicates whether the authentication method denoted by cacAuthen is enabled or not. When this object is true(1), the authentication method denoted by cacAuthen is enabled. When this object is false(2), the authentication method denoted by cacAuthen is disabled. If the value of cacAuthen is local, the value of this object cannot be set to false(2).
                         cacPriorityNumber 1.3.6.1.4.1.9.9.158.1.1.1.1.5 integer32 read-only
This is the priority number of an authentication method to be used in user authentication for a session. This value is automatically assigned and reflects the relative priority of the authentication method denoted by cacAuthen with respected to already configured authentication methods. It is assigned in the order in which the authentication method is enabled by the user through cacEnable. The higher value has the higher priority. This object is used to determine the fallback order in case the primary authentication method indicated by cacPrimaryMethod failed. If the authentication method denoted by cacAuthen is disabled for the type of session denoted by cacSession, the value of this object is equal to 0.
                         cacPrimaryMethod 1.3.6.1.4.1.9.9.158.1.1.1.1.6 truthvalue read-write
It indicates whether the authentication method denoted by cacAuthen is the primary (first one to be tried) method when there are multiple authentication method configured. Setting this object to true(1) will make the authentication method denoted by cacAuthen to be the primary authentication method for the session denoted by cacSession. The previously configured primary method will be changed to false(2). Setting this object to false(2) is not allowed.
             cacLoginConfig 1.3.6.1.4.1.9.9.158.1.2
                 cacLoginConfigTable 1.3.6.1.4.1.9.9.158.1.2.1 no-access
A table that contains login configuration which is associated with this system.
                     cacLoginConfigEntry 1.3.6.1.4.1.9.9.158.1.2.1.1 no-access
An entry containing the configuration of the login.
                         cacMaxLoginAttempt 1.3.6.1.4.1.9.9.158.1.2.1.1.1 integer32 read-write
Indicates the maximum number of login attempts allowed. Setting this variable to 0 will disable the attempt limit checking. If the login session type does not support this attempt limit checking, the value of this object can only be set to 0.
                         cacLockoutPeriod 1.3.6.1.4.1.9.9.158.1.2.1.1.2 integer32 read-write
Indicates the lockout period after the maximum number of login attempt is met. For console, the console input will be frozen during this period. For remote logins, the connection will be closed and any subsequent access from that station will be closed during the lockout time. Setting this variable to 0 will disable the lockout. If the login session type does not support this lockout period, the value of this object can only be set to 0. If the lockout period is greater than the maximum value reportable by this object then this object should report its maximum value (600) and cacLockoutPeriodExt must be used to report the lockout period.
                         cacLockoutPeriodExt 1.3.6.1.4.1.9.9.158.1.2.1.1.3 integer32 read-write
Specifies the lockout period after the maximum number of login attempt is met. For console, the console input will be frozen during this period. For remote logins, the connection will be closed and any subsequent access from that station will be closed during the lockout time. Setting this variable to 0 will disable the lockout. If the login session type does not support this lockout period, the value of this object can only be set to 0.
         cacMIBNotifications 1.3.6.1.4.1.9.9.158.2
         cacMIBConformance 1.3.6.1.4.1.9.9.158.3
             cacMIBCompliances 1.3.6.1.4.1.9.9.158.3.1
                 cacMIBCompliance 1.3.6.1.4.1.9.9.158.3.1.1
The compliance statement for entities which implement the CISCO AAA Client MIB
                 cacMIBCompliance2 1.3.6.1.4.1.9.9.158.3.1.2
The compliance statement for entities which implement the CISCO AAA Client MIB
             cacMIBGroups 1.3.6.1.4.1.9.9.158.3.2
                 cacPriorityGroup 1.3.6.1.4.1.9.9.158.3.2.1
A collection of objects providing the AAA client priority information.
                 cacLoginConfigGroup 1.3.6.1.4.1.9.9.158.3.2.2
A collection of objects providing the AAA client login configuration.
                 cacLoginConfigGroupRev1 1.3.6.1.4.1.9.9.158.3.2.3
A collection of objects providing the AAA client login configuration.