JUNIPER-USER-AAA-MIB: View SNMP OID List / Download MIB

This module defines the objects pertaining to User authentication, authorization and accounting

An access authentication trap signifies that the specified service has started.

An access authentication trap signifies that the specified service has been stopped.

An access authentication trap signifies that the External authentication server is not responding.

An access authentication trap signifies that the AAA client has changed the status of the External authentication server to UP.

An access authentication trap signifies that the address pool has reached its high threshold.

An access authentication trap signifies that the address pool has reached its abate threshold

An access authentication trap signifies that an Out Of Addresses event occured on the pool.

An access authentication trap signifies that an Out Of Memory event occured on the pool.

Total authentication requests received.

Total authentication responses.

This table exposes the user authentication statistics.

Statistic entry collects for authentication.

The entry indicates the authentication type. It uniquely identifies the statistics counters related to its authentication.

The number of request received.

The number of access granted. It is an aggregated statistics for this type of authenticaiton.

This number of access request rejected. It is an aggregated statistics for this type of authentication.

The server name which identifies the authentication server.

The address pool name which identifies the local address pool.

The entries in this table specify the address pools.

A read-only description of the local address pools.

The address identifier key.

The routing instance of the address pool.

The address pool name.

The address pool link name.

The family type of this pool.

The Match criteria for this pool. Network or Prefix

The Prefix Length for an IPv6 pool

The Number of times this pool has flagged an Out of Memory condition.

The Number of times this pool has flagged an Out of Address condition.

The total number of Addresses or prefixes in this pool.

The total number of Addresses or prefixes given out from this pool.

The percentage of addresses used in this pool or linked pool. If this pool is the head of a linked chain of pools, this number reflects the Usage for the whole chain. Conversely, if this pool it part of a linked chain of pools but not the head of the chain, the value will not be used.

The configured high percentage threshold of addresses used in this pool or linked pool. An SNMP trap is generated when this threshold is exceeded. This trap will only be generated for unlinked pools or pools that are the head of a linked chain of pools Conversely, if this pool it part of a linked chain of pools but not the head of the chain, then no traps will be generated.

The configured abate percentage threshold of addresses used in this pool or linked pool. An SNMP trap clear is generated when address use falls below this threshold percentage. This trap will only be generated for unlinked pools or pools that are the head of a linked chain of pools Conversely, if this pool it part of a linked chain of pools but not the head of the chain, then no traps will be generated.

The list of delimiters used to separate the user's name from the user's domain in the username field. The default is '@'.

The direction in which the user's name is parsed: either search for domain delimiter from left to right or right to left; first delimiter marks boundry. The default is right to left. Enumeration: 'rightToLeft': 1, 'leftToRight': 2.

The entries in this table specify the assignment of a remote access user to a logical system, based on the user's domain.

A specification of the logical system to which users on a specified domain should be assigned.

The domain name uniquely identifying this entry.

Enables/disables the domain name stripping feature, which causes the system to strip the domain name before sending the access-request to RADIUS for authentication.

The name of the logical system, which will be used by the AAA subsystem for this session. If not specified, will be mapped to default.

The name of the routing instance, which will be used by the AAA subsystem for this session. If not specified, will be mapped to default.

The configured the address-pool-name for the domain name.

The configured dynamic-profile which will be used for this session upon succeeding validation.

The configured target logical-system that this session will need to be mapped to. If not specified, will be mapped to default.

The configured routing-instance that this session will need to be mapped to.

The associated tunnel profile.

The configured dynamic-profile to be used for this session.

Displays the strip-username configuration. Enumeration: 'disabled': 0, 'rightToLeft': 2, 'leftToRight': 1.

Displays the override-password configuration.

The entries in this table specify the tunnels associated with a domain.

A specification of the tunnels associated with a domain.

The domain name associated with this entry.

The tunnel definition id value associated with this entry.

The tunnel's preference value associated with this entry.

This name specifies the hostname expected from the peer (the LNS) when a tunnel is setup.

IP address of LNS tunnel endpoint

This name specifies the hostname expected from the peer (the LNS) when a tunnel is setup.

The source address of the tunnel (overrides the default address for this LS/RI.)

The tunnel password associated with this entry.

The logical systems associated with this entty.

The routing instance associated with this entty.

The tunnel medium associated with this entry. The medium dictates the format of the tunnel address. Enumeration: 'tunnelMediumUnknown': 2, 'tunnelMediumIPv4': 1.

The tunnel type associated with this entry. Enumeration: 'tunnelUnknown': 2, 'tunnelL2tp': 1, 'tunnelL2f': 3.

The tunnel identifier associated with this entry.

The maximum number of tunnel sessions allowed in this tunnel entry.

The entries in this table specify the PPPoE active discovery network (PADN) parameters associated with a domain.

A specification of the PPPoE active discovery network parameters associated with a domain.

The IP address of this entry.

The IP mask of this entry.

The administrative distance metric of this entry.

The entries in this table specify the assignment of authentication methods for a particular subscriber type.

A specification of the authentication methods for a particular subscriber type.

The access profile name.

The set of authentication mechanisms configured on this system. Each octet in this object contains one of the values defined in the JnxAuthenticateType TEXTUAL-CONVENTION. The system will sequence through each octet of this object starting at octet 1 and attempt to use the corresponding authentication protocol defined by JnxAuthenticateType. If an authentication protocol is configured and attempts to reach the authentication server fail, the system will move to the next octet in this object and retry the authentication in the form dictated by the corresponding authentication protocoltype. The process of sequencing thru each octet will stop if the authentication server is successfully contacted, or there are no more configured octets in this object.

The set of accounting mechanisms configured on this system. Each octet in this object contains one of the values defined in the JnxAccountingType TEXTUAL-CONVENTION. The system will sequence through each octet of this object starting at octet 1 and attempt to use the corresponding accounting protocol defined by JnxAccountingType. If an accounting protocol is configured and attempts to reach the accounting server fail, the system will move to the next octet in this object and retry the accounting in the form dictated by the corresponding accounting protocoltype. The process of sequencing thru each octet will stop if the accounting server is successfully contacted, or there are no more configured octets in this object.

The set of accounting mechanisms configured on this system. Each octet in this object contains one of the values defined in the JnxAuthorizationType TEXTUAL-CONVENTION. The system will sequence through each octet of this object starting at octet 1 and attempt to use the corresponding accounting protocol defined by JnxAuthorizationType. If an accounting protocol is configured and attempts to reach the accounting server fail, the system will move to the next octet in this object and retry the accounting in the form dictated by the corresponding accounting protocoltype. The process of sequencing thru each octet will stop if the accounting server is successfully contacted, or there are no more configured octets in this object.

The set of provisioning mechanisms configured on this system. Each octet in this object contains one of the values defined in the JnxProvisioningType TEXTUAL-CONVENTION. The system will sequence through each octet of this object starting at octet 1 and attempt to use the corresponding accounting protocol defined by JnxProvisioningType. If an accounting protocol is configured and attempts to reach the accounting server fail, the system will move to the next octet in this object and retry the accounting in the form dictated by the corresponding accounting protocoltype. The process of sequencing thru each octet will stop if the accounting server is successfully contacted, or there are no more configured octets in this object.

Enables/disables the Acct-Stop message if a user fails authentication, but AAA-server grants access.

Enables/disables the Acct-Stop message if AAA-server denies access.

Enables/disables the Acct-Update message on receipt of a Acct-response for the Acct-Start message.

Enables/disables the Acct-Update message on completion of processing a change of authorization.

The interval in minutes between accounting updates(Interim-stats off, if not specified).

The type of statistics are collected. These are the configured types: time - the option to report only uptime volume-time - the option to report both volume and uptime Enumeration: 'volume-time': 1, 'time': 0.