CISCO-LWAPP-AAA-MIB: View SNMP OID List / Download MIB

VENDOR: CISCO


 Home MIB: CISCO-LWAPP-AAA-MIB
Download as:   

Download standard MIB format if you are planning to load a MIB file into some system (OS, Zabbix, PRTG ...) or view it with a MIB browser. CSV is more suitable for analyzing and viewing OID' and other MIB objects in excel. JSON and YAML formats are usually used in programing even though some systems can use MIB in YAML format (like Logstash).
Keep in mind that standard MIB files can be successfully loaded by systems and programs only if all the required MIB's from the "Imports" section are already loaded.
The tree-like SNMP object navigator requires no explanations because it is very simple to use. And if you stumbled on this MIB from Google note that you can always go back to the home page if you need to perform another MIB or OID lookup.


Object Name OID Type Access Info
 ciscoLwappAAAMIB 1.3.6.1.4.1.9.9.598
This MIB is intended to be implemented on all those devices operating as Central Controllers (CC), that terminate the Light Weight Access Point Protocol tunnel from Cisco Light-weight LWAPP Access Points. Information provided by this MIB is used to manage AAA information on the controller. The relationship between CC and the LWAPP APs can be depicted as follows: +......+ +......+ +......+ + + + + + + + CC + + CC + + CC + + + + + + + +......+ +......+ +......+ .. . . .. . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ + + + + + + + + + AP + + AP + + AP + + AP + + + + + + + + + +......+ +......+ +......+ +......+ . . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ + + + + + + + + + MN + + MN + + MN + + MN + + + + + + + + + +......+ +......+ +......+ +......+ The LWAPP tunnel exists between the controller and the APs. The MNs communicate with the APs through the protocol defined by the 802.11 standard. LWAPP APs, upon bootup, discover and join one of the controllers and the controller pushes the configuration, that includes the WLAN parameters, to the LWAPP APs. The APs then encapsulate all the 802.11 frames from wireless clients inside LWAPP frames and forward the LWAPP frames to the controller. GLOSSARY Access Point ( AP ) An entity that contains an 802.11 medium access control ( MAC ) and physical layer ( PHY ) interface and provides access to the distribution services via the wireless medium for associated clients. LWAPP APs encapsulate all the 802.11 frames in LWAPP frames and sends them to the controller to which it is logically connected. Light Weight Access Point Protocol ( LWAPP ) This is a generic protocol that defines the communication between the Access Points and the Central Controller. Mobile Node ( MN ) A roaming 802.11 wireless device in a wireless network associated with an access point. Mobile Node and client are used interchangeably. Terminal Access Controller Access-Control System ( TACACS ) A remote authentication protocol that is used to communicate with an authentication server. TACACS allows a remote access server to communicate with an authentication server in order to determine if the user has access to the network. Remote Authentication Dial In User Service (RADIUS) It is an AAA (authentication, authorization and accounting) protocol for applications such as network access or IP mobility. It is intended to work in both local and roaming situations. Wireless LAN ( WLAN ) It is a wireless local area network, which is the linking of two or more computers without using wires. It uses radio communication to accomplish the same functionality of a wired LAN. PAP - Password Authentication Protocol CHAP - Challenge Handshake Authentication Protocol MD5-CHAP - Message Digest 5 Challenge Handshake Authentication Protocol LSC - Local Significant Certificate LSC can be used if we want our own public key infrastructure (PKI) to provide better security, to have control of our certificate authority (CA), and to define policies, restrictions, and usages on the generated certificates. REFERENCE [1] Wireless LAN Medium Access Control ( MAC ) and Physical Layer ( PHY ) Specifications [2] Draft-obara-capwap-lwapp-00.txt, IETF Light Weight Access Point Protocol
         ciscoLwappAAAMIBNotifs 1.3.6.1.4.1.9.9.598.0
             ciscoLwappAAARadiusServerGlobalActivated 1.3.6.1.4.1.9.9.598.0.1
This notification is sent by the agent when the controller detects that the RADIUS server is activated in the global list. The RADIUS server is identified by the address (claRadiusAddress) and port number (claRadiusPortNum).
             ciscoLwappAAARadiusServerGlobalDeactivated 1.3.6.1.4.1.9.9.598.0.2
This notification is sent by the agent when the controller detects that the RADIUS server is deactivated in the global list. The RADIUS server is identified by the address (claRadiusAddress) and port number (claRadiusPortNum).
             ciscoLwappAAARadiusServerWlanActivated 1.3.6.1.4.1.9.9.598.0.3
This notification is sent by the agent when the controller detects that the RADIUS server is activated on the WLAN. The RADIUS server is identified by the address (claRadiusAddress) and port number (claRadiusPortNum).
             ciscoLwappAAARadiusServerWlanDeactivated 1.3.6.1.4.1.9.9.598.0.4
This notification is sent by the agent when the controller detects that the RADIUS server is deactivated on the WLAN. The RADIUS server is identified by the address (claRadiusAddress) and port number (claRadiusPortNum).
             ciscoLwappAAARadiusReqTimedOut 1.3.6.1.4.1.9.9.598.0.5
This notification is sent by the agent when the controller detects that the RADIUS server failed to respond to request from a client/user. The RADIUS server is identified by the address (claRadiusAddress) and port number (claRadiusPortNum).
         ciscoLwappAAAMIBObjects 1.3.6.1.4.1.9.9.598.1
             claConfigObjects 1.3.6.1.4.1.9.9.598.1.1
                 claPriorityTable 1.3.6.1.4.1.9.9.598.1.1.1 no-access
This table contains entries for AAA authentication methods configured in the controller. At startup, all the entries in this table are set up by the central controller. A management application can later change the priority order using the claPriorityOrder.
                     claPriorityEntry 1.3.6.1.4.1.9.9.598.1.1.1.1 no-access
A conceptual row in claPriorityTable. There is an entry in this table for each AAA authentication method available at the agent, as identified by a value of claPriorityAuth.
                         claPriorityAuth 1.3.6.1.4.1.9.9.598.1.1.1.1.1 integer no-access
This object represents the authentication method used to authenticate users. local - indicates that local password is used for authentication. radius - indicates that RADIUS method is used for authentication. tacacsplus - indicates that TACACS method is used for authentication. Enumeration: 'radius': 2, 'local': 1, 'tacacsplus': 3.
                         claPriorityOrder 1.3.6.1.4.1.9.9.598.1.1.1.1.2 unsigned32 read-write
This is the priority order of an authentication method to be used in user authentication for a session. At start up, the agent assigns the value of this object. Later this can be changed by the management station. This object reflects the relative priority of the authentication method denoted by claPriorityAuth with respect to already configured authentication methods. The zero value indicates that the priority is not set and that the authentication methods are applied in ascending order. Each object must contain a unique value for claPriorityOrder or zero. In the case when a priority is set for a value that is already used by existing object the existing object's claPriorityOrder with be swapped.
                 claTacacsServerTable 1.3.6.1.4.1.9.9.598.1.1.2 no-access
This table represents the information about configuring the Accounting, Authentication and Authorization servers. The creation of a new row in claTacacsServerTable is through an explicit network management action results in creation of an entry in this table. Similarly, deletion of a row in claTacacsServerTable through user action causes the deletion of corresponding row in this table. The claTacacsServerType defines the server type being used and the claTacacsServerPriority defines the priority the server accessed within a given type.
                     claTacacsServerEntry 1.3.6.1.4.1.9.9.598.1.1.2.1 no-access
Each entry in this table provides information about the server that is configured for AAA. Each entry is uniquely identified by the server type and priority that server is accessed.
                         claTacacsServerType 1.3.6.1.4.1.9.9.598.1.1.2.1.1 integer no-access
This attribute identifies the type of the server being configured. Enumeration: 'accounting': 3, 'authentication': 1, 'authorization': 2.
                         claTacacsServerPriority 1.3.6.1.4.1.9.9.598.1.1.2.1.2 unsigned32 no-access
The priority value for this entry. This value determines the unique priority for this entry. The priority value for this entry determines the order in which the server configured in this entry is accessed. The lower the number, the higher the priority. For example if there are 2 entries with priority 1 and 2 respectively, the controller will try the server with priority 1 before it tries the server with priority 2.
                         claTacacsServerAddressType 1.3.6.1.4.1.9.9.598.1.1.2.1.3 inetaddresstype read-only
This object represents the type of the network address made available through claTacacsServerAddress. This object must be set to a valid value before setting the row to 'active'.
                         claTacacsServerAddress 1.3.6.1.4.1.9.9.598.1.1.2.1.4 inetaddress read-only
This object represents the address of the AAA server. The type of the address stored in this object is determined by the claTacacsServerAddressType object. This object must be set to a valid value before setting the row to 'active'.
                         claTacacsServerPortNum 1.3.6.1.4.1.9.9.598.1.1.2.1.5 inetportnumber read-only
The port number for this server. This object must be set to a valid value before setting the row to 'active'.
                         claTacacsServerEnabled 1.3.6.1.4.1.9.9.598.1.1.2.1.6 truthvalue read-only
When set to true the server state is enabled, otherwise the state is disabled.
                         claTacacsServerSecretType 1.3.6.1.4.1.9.9.598.1.1.2.1.7 clseckeyformat read-only
The claTacacsServerSecret value is set based on this type. When reading this object, the value 'default' is always returned. This object must be set to a valid value before setting the row to 'active'.
                         claTacacsServerSecret 1.3.6.1.4.1.9.9.598.1.1.2.1.8 displaystring read-only
The key configured for this server. For get operation this always returns a string with asterisks. This object must be set to a valid value before setting the row to 'active'. This object can be modified when a row is in the 'active' state.
                         claTacacsServerTimeout 1.3.6.1.4.1.9.9.598.1.1.2.1.9 unsigned32 read-only
The number of seconds between retransmissions. This object can be modified when a row is in the 'active' state.
                         claTacacsServerStorageType 1.3.6.1.4.1.9.9.598.1.1.2.1.10 storagetype read-only
The storage type for this conceptual row. Conceptual rows having the value 'permanent' need not allow write-access to any columnar objects in the row.
                         claTacacsServerRowStatus 1.3.6.1.4.1.9.9.598.1.1.2.1.11 rowstatus read-only
Used to add or delete an entry in this table. The required parameters for this entry are claTacacsServerAddress, claTacacsServerAddressType, claTacacsServerPortNum, claTacacsServerSecret and claTacacsServerSecretType should be provided. When a row is in 'active' state, some objects in this table can be modified as described in each individual object's description.
                 claWlanTable 1.3.6.1.4.1.9.9.598.1.1.3 no-access
AAA table corresponding to a WLAN. When WLAN is added a new entry gets added to this table. The entry is removed when the WLAN is removed.
                     claWlanEntry 1.3.6.1.4.1.9.9.598.1.1.3.1 no-access
Each entry in this table provides AAA information for a WLAN.
                         claWlanAcctServerEnabled 1.3.6.1.4.1.9.9.598.1.1.3.1.1 truthvalue read-write
Status to indicate whether the account server is enabled(true) or disabled(false) for this WLAN.
                         claWlanAuthServerEnabled 1.3.6.1.4.1.9.9.598.1.1.3.1.2 truthvalue read-write
This object represents the status whether the authentication server is enabled(true) or disabled(false) for this WLAN.
                 claRadiusServerGlobalActivatedEnabled 1.3.6.1.4.1.9.9.598.1.1.4 truthvalue read-write
The object to control the generation of ciscoLwappAAARadiusServerGlobalActivated notification. A value of 'true' indicates that the agent generates ciscoLwappAAARadiusServerGlobalActivated notification. A value of 'false' indicates that the agent doesn't generate ciscoLwappAAARadiusServerGlobalActivated notification.
                 claRadiusServerGlobalDeactivatedEnabled 1.3.6.1.4.1.9.9.598.1.1.5 truthvalue read-write
The object to control the generation of ciscoLwappAAARadiusServerGlobalDeactivated notification. A value of 'true' indicates that the agent generates ciscoLwappAAARadiusServerGlobalDeactivated notification. A value of 'false' indicates that the agent doesn't generate ciscoLwappAAARadiusServerGlobalDeactivated notification.
                 claRadiusServerWlanActivatedEnabled 1.3.6.1.4.1.9.9.598.1.1.6 truthvalue read-write
The object to control the generation of ciscoLwappAAARadiusServerWlanActivated notification. A value of 'true' indicates that the agent generates ciscoLwappAAARadiusServerWlanActivated notification. A value of 'false' indicates that the agent doesn't generate ciscoLwappAAARadiusServerWlanActivated notification.
                 claRadiusServerWlanDeactivatedEnabled 1.3.6.1.4.1.9.9.598.1.1.7 truthvalue read-write
The object to control the generation of ciscoLwappAAARadiusServerWlanDeactivated notification. A value of 'true' indicates that the agent generates ciscoLwappAAARadiusServerWlanDeactivated notification. A value of 'false' indicates that the agent doesn't generate ciscoLwappAAARadiusServerWlanDeactivated notification.
                 claRadiusReqTimedOutEnabled 1.3.6.1.4.1.9.9.598.1.1.8 truthvalue read-write
The object to control the generation of ciscoLwappAAARadiusReqTimedOut notification. A value of 'true' indicates that the agent generates ciscoLwappAAARadiusReqTimedOut notification. A value of 'false' indicates that the agent doesn't generate ciscoLwappAAARadiusReqTimedOut notification.
                 claSaveUserData 1.3.6.1.4.1.9.9.598.1.1.9 truthvalue read-write
This object is used to save the guest user config to NVRAM. Setting to the value of 'true' would save the data. Setting to the value of 'false' would have no implications here.
                 claWebRadiusAuthentication 1.3.6.1.4.1.9.9.598.1.1.10 integer read-write
This object is used to configure the Web RADIUS Authentication parameters on the WLC. PAP (1) - Configure Web RADIUS Authentication in PAP mode. CHAP (2) - Configure Web RADIUS Authentication in CHAP mode. MD5-CHAP (3) - Configure Web RADIUS Authentication in MD5-CHAP mode. Enumeration: 'pap': 1, 'chap': 2, 'md5-chap': 3.
                 claRadiusFallbackMode 1.3.6.1.4.1.9.9.598.1.1.11 integer read-write
This object is used to configure the RADIUS Fallback Test mode on the WLC. Following are the configurable options: off (1) - Disables RADIUS server fallback test. passive (2) - Sets server status based on last transaction. active (3) - Sends probes to dead servers to test status. Enumeration: 'passive': 2, 'active': 3, 'off': 1.
                 claRadiusFallbackUsername 1.3.6.1.4.1.9.9.598.1.1.12 snmpadminstring read-write
This object is used to configure the RADIUS Fallback Test username to be sent in dead server probes
                 claRadiusFallbackInterval 1.3.6.1.4.1.9.9.598.1.1.13 timeinterval read-write
This object is used to configure the probe interval (when claRadiusFallbackMode is in active mode) or inactive time (when claRadiusFallbackMode is in passive mode)
                 claRadiusAuthMacDelimiter 1.3.6.1.4.1.9.9.598.1.1.14 integer read-write
The delimiter to be used for RADIUS authentication servers. The possible values allowed are - no delimiter (1) - as in xxxxxxxxxxxx. colon (2) - as in xx:xx:xx:xx:xx:xx. hyphen (3) - as in xx-xx-xx-xx-xx-xx. single hyphen (4) - as in xxxxxx-xxxxxx. Enumeration: 'singleHyphen': 4, 'hyphen': 3, 'colon': 2, 'noDelimiter': 1.
                 claRadiusAcctMacDelimiter 1.3.6.1.4.1.9.9.598.1.1.15 integer read-write
The delimiter to be used for RADIUS accounting servers. The possible values allowed are - no delimiter (1) - as in xxxxxxxxxxxx. colon (2) - as in xx:xx:xx:xx:xx:xx. hyphen (3) - as in xx-xx-xx-xx-xx-xx. single hyphen (4) - as in xxxxxx-xxxxxx. Enumeration: 'singleHyphen': 4, 'hyphen': 3, 'colon': 2, 'noDelimiter': 1.
                 claAcceptMICertificate 1.3.6.1.4.1.9.9.598.1.1.16 truthvalue read-write
This object specifies if controller will accept Manufactured Installed Certificate from the access points as part of authorization.
                 claAcceptLSCertificate 1.3.6.1.4.1.9.9.598.1.1.17 truthvalue read-write
This object specifies if controller will accept Local Significant Certificate from access points as part of authorization.
                 claAllowAuthorizeLscApAgainstAAA 1.3.6.1.4.1.9.9.598.1.1.18 truthvalue read-write
This object specifies if access points to be authorized using a AAA RADIUS server or local database. If this object is false, the access points would be authorized using a local database.
             claStatusObjects 1.3.6.1.4.1.9.9.598.1.2
                 claRadiusServerTable 1.3.6.1.4.1.9.9.598.1.2.1 no-access
This table represents the information about the requests sent to the RADIUS servers. When a new request gets sent to the RADIUS server an entry gets added to this table. The agents maintains a circular queue which automatically gets overwritten once the queue is full.
                     claRadiusServerEntry 1.3.6.1.4.1.9.9.598.1.2.1.1 no-access
Each entry in this table provides information about a request that is sent to a RADIUS server. Each entry is uniquely identified by the request identifier.
                         claRadiusReqId 1.3.6.1.4.1.9.9.598.1.2.1.1.1 unsigned32 no-access
This object indicates the request identifier of the request sent to the RADIUS server.
                         claRadiusAddressType 1.3.6.1.4.1.9.9.598.1.2.1.1.2 inetaddresstype read-only
This object indicates the address type for the RADIUS server.
                         claRadiusAddress 1.3.6.1.4.1.9.9.598.1.2.1.1.3 inetaddress read-only
This object indicates the address of the RADIUS server.
                         claRadiusPortNum 1.3.6.1.4.1.9.9.598.1.2.1.1.4 inetportnumber read-only
This object indicates the port number for the RADIUS server.
                         claRadiusWlanIdx 1.3.6.1.4.1.9.9.598.1.2.1.1.5 unsigned32 read-only
This object indicates the WLAN index whether the RADIUS server is activating and deactivating.
                         claRadiusClientMacAddress 1.3.6.1.4.1.9.9.598.1.2.1.1.6 macaddress read-only
This object indicates the client MAC address that sent the request identified by the claRadiusReqId.
                         claRadiusUserName 1.3.6.1.4.1.9.9.598.1.2.1.1.7 displaystring read-only
This object identifies the user for whom the request identified by the claRadiusReqId was sent.
                 claDBCurrentUsedEntries 1.3.6.1.4.1.9.9.598.1.2.2 gauge32 read-only
This object specifies the current database entries used. This includes the number of users, mac filters configured in the system.
         ciscoLwappAAAMIBConform 1.3.6.1.4.1.9.9.598.2
             ciscoLwappAAAMIBCompliances 1.3.6.1.4.1.9.9.598.2.1
                 ciscoLwappAAAMIBCompliance 1.3.6.1.4.1.9.9.598.2.1.1
The compliance statement for the SNMP entities that implement the ciscoLwappAAAMIB module.
                 ciscoLwappAAAMIBComplianceRev1 1.3.6.1.4.1.9.9.598.2.1.2
The compliance statement for the SNMP entities that implement the ciscoLwappAAAMIB module.
             ciscoLwappAAAMIBGroups 1.3.6.1.4.1.9.9.598.2.2
                 ciscoLwappAAAMIBConfigGroup 1.3.6.1.4.1.9.9.598.2.2.1
This collection of objects specifies the required parameters for AAA.
                 ciscoLwappAAAMIBSaveUserConfigGroup 1.3.6.1.4.1.9.9.598.2.2.2
These is the configuration parameter related to guest user configuration saving.
                 ciscoLwappAAAMIBNotifsGroup 1.3.6.1.4.1.9.9.598.2.2.3
This collection of objects specifies the notifications for AAA.
                 ciscoLwappAAAMIBStatusObjsGroup 1.3.6.1.4.1.9.9.598.2.2.4
This collection of objects represents the information about the general status attributes for AAA.
                 ciscoLwappAAAMIBDBEntriesGroup 1.3.6.1.4.1.9.9.598.2.2.5
This is the additional object which represent the information about the general status attributes for AAA.
                 ciscoLwappAAAMIBRadiusConfigGroup 1.3.6.1.4.1.9.9.598.2.2.6
These are the RADIUS web authentication and fallback related configuration parameters on the WLC.
                 ciscoLwappAAAMIBAPPolicyConfigGroup 1.3.6.1.4.1.9.9.598.2.2.7
These are the AP Policy related configuration parameters on the WLC.
                 ciscoLwappAAAMIBWlanAuthAccServerConfigGroup 1.3.6.1.4.1.9.9.598.2.2.8
These are the authentication and account server configuration parameters per wlan.