| etsysPolicyProfileMaxEntries |
.1.3.6.1.4.1.5624.1.2.6.1.1 |
|
The maximum number of entries allowed in the
etsysPolicyProfileTable.
|
| etsysPolicyProfileNumEntries |
.1.3.6.1.4.1.5624.1.2.6.1.2 |
|
The current number of entries in the
etsysPolicyProfileTable.
|
| etsysPolicyProfileLastChange |
.1.3.6.1.4.1.5624.1.2.6.1.3 |
|
The sysUpTime at which the etsysPolicyProfileTable was last
modified.
|
| etsysPolicyProfileTableNextAvailableIndex |
.1.3.6.1.4.1.5624.1.2.6.1.4 |
|
This object indicates the numerically lowest available
index within this entity, which may be used for the value
of etsysPolicyProfileIndex in the creation of a new entry
in the etsysPolicyProfileTable.
An index is considered available if the index value falls
within the range of 1 to 65535 and is not being used to
index an existing entry in the etsysPolicyProfileTable
contained within this entity.
This value should only be considered a guideline for
management creation of etsysPolicyProfileEntries, there is
no requirement on management to create entries based upon
this index value.
|
| etsysPolicyProfileEntry |
.1.3.6.1.4.1.5624.1.2.6.1.5.1 |
|
Conceptually defines a particular entry within the
etsysPolicyProfileTable. Entries within this table MUST be
considered non-volatile and MUST be maintained across
entity resets.
|
| etsysPolicyClassificationMaxEntries |
.1.3.6.1.4.1.5624.1.2.6.2.1 |
|
The maximum number of entries allowed in the
etsysPolicyClassificationTable.
|
| etsysPolicyClassificationNumEntries |
.1.3.6.1.4.1.5624.1.2.6.2.2 |
|
The current number of entries in the
etsysPolicyClassificationTable.
|
| etsysPolicyClassificationLastChange |
.1.3.6.1.4.1.5624.1.2.6.2.3 |
|
The sysUpTime at which the etsysPolicyClassificationTable
was last modified.
|
| etsysPolicyClassificationEntry |
.1.3.6.1.4.1.5624.1.2.6.2.4.1 |
|
Describes a particular entry within the
etsysPolicyClassificationTable. Entries within this table
MUST be considered non-volatile and MUST be maintained
across entity resets.
|
| etsysPortPolicyProfileLastChange |
.1.3.6.1.4.1.5624.1.2.6.3.1 |
|
sysUpTime at which the etsysPortPolicyProfileTable
was last modified.
|
| etsysPortPolicyProfileEntry |
.1.3.6.1.4.1.5624.1.2.6.3.2.1 |
|
Describes a particular entry within the
etsysPortPolicyProfileTable. Entries within this
table MUST be considered non-volatile and MUST be maintained
across entity resets.
|
| etsysPortPolicyProfileSummaryEntry |
.1.3.6.1.4.1.5624.1.2.6.3.3.1 |
|
Conceptually defines a particular entry within the
etsysPortPolicyProfileSummaryTable.
|
| etsysStationPolicyProfileMaxEntries |
.1.3.6.1.4.1.5624.1.2.6.5.1 |
|
The maximum number of entries allowed in the
etsysStationPolicyProfileTable. If this number is
exceeded, based on stations connecting to the edge
device, the oldest entries will be deleted.
|
| etsysStationPolicyProfileNumEntries |
.1.3.6.1.4.1.5624.1.2.6.5.2 |
|
The current number of entries in the
etsysStationPolicyProfileTable.
|
| etsysStationPolicyProfileLastChange |
.1.3.6.1.4.1.5624.1.2.6.5.3 |
|
sysUpTime at which the etsysStationPolicyProfileTable
was last modified.
|
| etsysStationPolicyProfileEntry |
.1.3.6.1.4.1.5624.1.2.6.5.4.1 |
|
Describes a particular entry within the
etsysStationPolicyProfileTable. Entries within this
table MUST be considered non-volatile and MUST be
maintained across entity resets.
|
| etsysInvalidPolicyAction |
.1.3.6.1.4.1.5624.1.2.6.6.1 |
|
Specifies the action that the edge device should take if asked
to apply an invalid or unknown policy.
applyDefaultPolicy(1) - Apply the default policy for
the port.
dropPackets(2) - Block traffic.
Although dropPackets(2) is the most secure option, it may
not always be desirable.
|
| etsysInvalidPolicyCount |
.1.3.6.1.4.1.5624.1.2.6.6.2 |
|
Increments to indicate the number of times the switch has
detected an invalid/unknown policy.
|
| etsysDevicePolicyProfileDefault |
.1.3.6.1.4.1.5624.1.2.6.8.1 |
|
If this value is non-zero, the value indicates
the etsysPolicyProfileEntry (and its associated
etsysPolicyClassificationTable entries) which
should be used by the device if the device is
incapable of using the profile (or specific parts
of the profile) explicitly applied to an inbound
frame. A value of zero indicates that no default
profile is currently active.
|
| etsysPolicyCapabilities |
.1.3.6.1.4.1.5624.1.2.6.9.1 |
|
A list of capabilities related to policies.
A set bit, with the value 1, indicates support for the
described functionality. A clear bit, with the value
0, indicates the described functionality is not supported.
|
| etsysPolicyDynaPIDRuleCapabilities |
.1.3.6.1.4.1.5624.1.2.6.9.2 |
|
A list of rule types which are supported by this device for
the purpose of dynamically assigning a profile to the
network traffic described by the bit.
A set bit, with the value 1, indicates support for the
described functionality. A clear bit, with the value
0, indicates the described functionality is not supported.
|
| etsysPolicyAdminPIDRuleCapabilities |
.1.3.6.1.4.1.5624.1.2.6.9.3 |
|
A list of rule types which are supported by this device for
the purpose of administratively assigning a profile to the
network traffic described by the bit.
A set bit, with the value 1, indicates support for the
described functionality. A clear bit, with the value
0, indicates the described functionality is not supported.
|
| etsysPolicyVlanRuleCapabilities |
.1.3.6.1.4.1.5624.1.2.6.9.4 |
|
A list of rule types which are supported by this device for
the purpose of assigning a VlanId to the network traffic
described by the bit.
A set bit, with the value 1, indicates support for the
described functionality. A clear bit, with the value
0, indicates the described functionality is not supported.
|
| etsysPolicyCosRuleCapabilities |
.1.3.6.1.4.1.5624.1.2.6.9.5 |
|
A list of rule types which are supported by this device for
the purpose of assigning a CoS to the network traffic
described by the bit.
A set bit, with the value 1, indicates support for the
described functionality. A clear bit, with the value
0, indicates the described functionality is not supported.
|
| etsysPolicyDropRuleCapabilities |
.1.3.6.1.4.1.5624.1.2.6.9.6 |
|
A list of rule types which are supported by this device for
the purpose of discarding the network traffic described by
the bit.
A set bit, with the value 1, indicates support for the
described functionality. A clear bit, with the value
0, indicates the described functionality is not supported.
|
| etsysPolicyForwardRuleCapabilities |
.1.3.6.1.4.1.5624.1.2.6.9.7 |
|
A list of rule types which are supported by this device for
the purpose of forwarding the network traffic described by
the bit.
A set bit, with the value 1, indicates support for the
described functionality. A clear bit, with the value
0, indicates the described functionality is not supported.
|
| etsysPolicySyslogRuleCapabilities |
.1.3.6.1.4.1.5624.1.2.6.9.8 |
|
A list of rule types which are supported by this device for
the purpose of issuing syslog messages when the rule is used
to identify the network traffic described by the bit.
A set bit, with the value 1, indicates support for the
described functionality. A clear bit, with the value
0, indicates the described functionality is not supported.
|
| etsysPolicyTrapRuleCapabilities |
.1.3.6.1.4.1.5624.1.2.6.9.9 |
|
A list of rule types which are supported by this device for
the purpose of issuing an SNMP notify (trap) messages when the
rule is used to identify the network traffic described by the bit.
A set bit, with the value 1, indicates support for the
described functionality. A clear bit, with the value
0, indicates the described functionality is not supported.
|
| etsysPolicyDisablePortRuleCapabilities |
.1.3.6.1.4.1.5624.1.2.6.9.10 |
|
A list of rule types which are supported by this device for
the purpose of disabling the ingress port identified when the
rule matches the network traffic described by the bit.
A set bit, with the value 1, indicates support for the
described functionality. A clear bit, with the value
0, indicates the described functionality is not supported.
|
| etsysPolicyMapMaxEntries |
.1.3.6.1.4.1.5624.1.2.6.10.1 |
|
The maximum number of entries allowed in the
etsysPolicyMapTable.
|
| etsysPolicyMapNumEntries |
.1.3.6.1.4.1.5624.1.2.6.10.2 |
|
The current number of entries in the
etsysPolicyMapTable.
|
| etsysPolicyMapLastChange |
.1.3.6.1.4.1.5624.1.2.6.10.3 |
|
The value of sysUpTime when the etsysPolicyMapTable was last
modified.
|
| etsysPolicyMapPvidOverRide |
.1.3.6.1.4.1.5624.1.2.6.10.4 |
|
This object defines whether the PVID specified in a RADIUS
Tunnel-Private-Group-ID attribute for an Authenticated user
shall override any statically configured PVID which may be
provisioned as the default station-based policy may be applied.
true(1) means that any port or station authorized with the
RADIUS Tunnel-Private-Group-ID as PVID, will use the RADIUS-
provisioned PVID value, when no matching entry for said PVID
is found in the etsysPolicyMapTable.
false(2) means that the RADIUS-provisioned PVID value will be
applied only when no statically configured default PVID of the
corresponding physical port exists and no matching entry for
said PVID is found in the etsysPolicyMapTable. This mode
provides backward compatibility with pre RFC 3580 UPN
implementations.
|
| etsysPolicyMapUnknownPvidPolicy |
.1.3.6.1.4.1.5624.1.2.6.10.5 |
|
Describes the selected behavior of the managed entity if
the PVID specified in a RADIUS Tunnel-Private-Group-ID
attribute is not found in the etsysPolicyMapTable.
|
| etsysPolicyMapEntry |
.1.3.6.1.4.1.5624.1.2.6.10.6.1 |
|
Conceptually defines a particular entry within the
etsysPolicyMapTable. Entries within this table MUST be
considered non-volatile and MUST be maintained across
entity resets.
|
| etsysPolicyRulesMaxEntries |
.1.3.6.1.4.1.5624.1.2.6.11.1 |
|
The maximum number of entries allowed in the
etsysPolicyRulesTable.
|
| etsysPolicyRulesNumEntries |
.1.3.6.1.4.1.5624.1.2.6.11.2 |
|
The current number of entries in the
etsysPolicyRulesTable.
|
| etsysPolicyRulesLastChange |
.1.3.6.1.4.1.5624.1.2.6.11.3 |
|
The sysUpTime at which the etsysPolicyRulesTable
was last modified.
|
| etsysPolicyRulesAccountingEnable |
.1.3.6.1.4.1.5624.1.2.6.11.4 |
|
Controls the collection of rule usage statistics. If
disabled, no usage statistics are gathered and no auditing
messages will be sent. When enabled, rule will gather
usage statistics, and auditing messages will be sent, if
enabled for a given rule.
|
| etsysPolicyRulesPortDisabledList |
.1.3.6.1.4.1.5624.1.2.6.11.5 |
|
A portlist containing bits representing the dot1dBridgePorts
which have been disabled via the mechanism described in the
etsysPolicyRuleDisablePort leaf. A set bit indicates a
disabled port.
Ports may be enabled by performing a set with the
corresponding bit cleared. Bits which are set will
be ignored during the set operation.
|
| etsysPolicyRuleEntry |
.1.3.6.1.4.1.5624.1.2.6.11.6.1 |
|
Describes a particular entry within the
etsysPolicyRuleTable. Entries within this table
MUST be considered non-volatile and MUST be maintained
across entity resets.
|
| etsysPolicyRulePortEntry |
.1.3.6.1.4.1.5624.1.2.6.11.7.1 |
|
.
|
| etsysPolicyRuleDynamicProfileAssignmentOverride |
.1.3.6.1.4.1.5624.1.2.6.11.8 |
|
If true, administratively assigned profile assignment
rules override dynamically assigned profiles assignments
for a given rule. If false, the dynamically assigned
value (typically created by a successful authentication
attempt) overrides the administratively configured value.
The agent may optionally implement this leaf as read-only.
|
| etsysPolicyRuleDefaultDynamicSyslogStatus |
.1.3.6.1.4.1.5624.1.2.6.11.9 |
|
If enabled(1), rules dynamically created will set
etsysPolicyRuleAuditSyslogEnable to enabled. If
disabled(2) a dynamically created rule will have
etsysPolicyRuleAuditSyslogEnable set to disabled.
The agent may optionally implement this leaf as read-only.
|
| etsysPolicyRuleDefaultDynamicTrapStatus |
.1.3.6.1.4.1.5624.1.2.6.11.10 |
|
If enabled(1), rules dynamically created will set
etsysPolicyRuleAuditTrapEnable to enabled. If
disabled(2) a dynamically created rule will have
etsysPolicyRuleAuditTrapEnable set to disabled.
The agent may optionally implement this leaf as read-only.
|
| etsysPolicyProfileIndex |
.1.3.6.1.4.1.5624.1.2.6.1.5.1.1 |
|
A unique arbitrary identifier for this Policy.
Since a policy will be applied to a user regardless of his
or her location in the network fabric policy names SHOULD
be unique within the entire network fabric. Policy IDs
and policy names MUST be unique within the scope of a single
managed entity.
|
| etsysPolicyProfileName |
.1.3.6.1.4.1.5624.1.2.6.1.5.1.2 |
|
Administratively assigned textual description of this
Policy.
This object MUST NOT be modifiable while this entry's
RowStatus is active(1).
|
| etsysPolicyProfileRowStatus |
.1.3.6.1.4.1.5624.1.2.6.1.5.1.3 |
|
This object allows for the dynamic creation and deletion
of entries within the etsysPolicyProfileTable as well as
the activation and deactivation of these entries.
When this object's value is active(1) the corresponding
row's etsysPolicyProfilePortVid, etsysPolicyProfilePriority,
and all entries within the etsysPolicyClassificationTable
indexed by this row's etsysPolicyProfileIndex are available
to be applied to network access ports or stations on the
managed entity.
All ports corresponding to rows within the
etsysPortPolicyProfileTable whose etsysPortPolicyProfileOperID
is equal to the etsysPolicyProfileIndex, shall have the
corresponding policy applied. Likewise, all stations
corresponding to rows within the etsysStationPolicyProfileTable
whose etsysStationPolicyProfileOperID is equal to the
etsysPolicyProfileIndex, shall have the corresponding policy
applied.
The value of etsysPortPolicyProfileOperID for each such row
in the etsysPortPolicyProfileTable will be equal to the
etsysPortPolicyProfileAdminID, unless the authorization
information from a source such as a RADIUS server indicates
to the contrary.
Refer to the specific objects within this MIB as well as
well as RFC2674, the CTRON-PRIORITY-CLASSIFY-MIB, the
CTRON-VLAN-CLASSIFY-MIB, and the CTRON-RATE-POLICING-MIB
for a complete explanation of the application and behavior
of these objects.
When this object's value is set to notInService(2) this
policy will not be applied to any rows within the
etsysPortPolicyProfileTable.
To allow policy profiles to be applied for security
implementations, setting this object's value from active(1)
to notInService(2) or destroy(6) SHALL fail if one or more
instances of etsysPortPolicyProfileOperID or
etsysStationPolicyProfileOperID currently reference
this entry's associated policy due to a set by an underlying
security protocol such as RADIUS.
For network functionality and clarity, setting this object
to destroy(6) SHALL fail if one or more instances of
etsysPortPolicyProfileOperID or etsysStationPolicyProfileOperID
currently references this entry's etsysPolicyProfileIndex.
Refer to the RowStatus convention for further details on
the behavior of this object.
|
| etsysPolicyProfilePortVidStatus |
.1.3.6.1.4.1.5624.1.2.6.1.5.1.4 |
|
This object defines whether a PVID override should
be applied to ports which have this profile active.
enabled(1) means that any port with this policy active
will have this row's etsysPolicyProfilePortVid applied to
untagged frames or priority-tagged frames received on this
port.
disabled(2) means that etsysPolicyProfilePortVid will not
be applied. When this object is set to disabled(2) the
value of etsysPolicyProfilePortVid has no meaning.
|
| etsysPolicyProfilePortVid |
.1.3.6.1.4.1.5624.1.2.6.1.5.1.5 |
|
This object defines the PVID of this profile.
If a port has an active policy and the policy's
etsysPolicyProfilePortVidStatus is set to enabled(1), the
etsysPolicyProfilePortVid will be applied to all untagged
frames arriving on the port that do not match any of the
policy classification rules.
Note that the 802.1Q PVID will still exist from a
management view but will NEVER be applied to traffic
arriving on a port that has an active policy and enabled
etsysPolicyProfilePortVid defined, since policy is applied
to traffic arriving on the port prior to the assignment of
a VLAN using the 802.1Q PVID.
The behavior of an enabled etsysPolicyProfilePortVid on
any associated port SHALL be identical to the behavior of
the dot1qPvid upon that port.
Note that two special, otherwise illegal, values of the
etsysPolicyProfilePortVid are used in defining the default
forwarding actions, to be used in conjunction with policy
classification rules, and do not result in packet tagging:
0 Indicates that the default forwarding action
is to drop all packets that do not match an
explicit rule.
4095 Indicates that the default forwarding action
is to forward any packets not matching any
explicit rules.
|
| etsysPolicyProfilePriorityStatus |
.1.3.6.1.4.1.5624.1.2.6.1.5.1.6 |
|
This object defines whether a priority override
should be applied to ports which have this profile
active.
enabled(1) means that any port with this policy active
will have etsysPolicyProfilePriority applied to this
port.
disabled(2) means that etsysPolicyProfilePriority will
not be applied. When this object is set to disabled(2)
the value of etsysPolicyProfilePriority has no meaning.
|
| etsysPolicyProfilePriority |
.1.3.6.1.4.1.5624.1.2.6.1.5.1.7 |
|
This object defines the default ingress priority of this
profile.
If a port has an active policy and the policy's
etsysPolicyProfilePriorityStatus is set to enabled(1), the
etsysPolicyProfilePriority will be applied to all packets
arriving on the port that do not match any of the policy
classification rules.
Note that dot1dPortDefaultUserPriority will still exist
from a management view but will NEVER be applied to traffic
arriving on a port that has an active policy and enabled
etsysPolicyProfilePriority defined, since policy is applied
to traffic arriving on the port prior to the assignment of
a priority using dot1dPortDefaultUserPriority.
The behavior of an enabled etsysPolicyProfilePriority on
any associated port SHALL be identical to the behavior of
the dot1dPortDefaultUserPriority upon that port.
|
| etsysPolicyProfileEgressVlans |
.1.3.6.1.4.1.5624.1.2.6.1.5.1.8 |
|
The set of VLANs which are assigned by this policy to
egress on ports for which this policy is active. Changes
to a bit in this object affect the per-port per-VLAN
Registrar control for Registration Fixed for the relevant
GVRP state machine on each port for which this policy is
active. A VLAN may not be added in this set if it is
already a member of the set of VLANs in
etsysPolicyProfileForbiddenVlans. This object is
superseded on a per-port per-VLAN basis by any 'set' bits
in dot1qVlanStaticEgressPorts and
dot1qVlanForbiddenEgressPorts. The default value of this
object is a string of zeros.
|
| etsysPolicyProfileForbiddenVlans |
.1.3.6.1.4.1.5624.1.2.6.1.5.1.9 |
|
The set of VLANs which are prohibited by this policy to
egress on ports for which this policy is active. Changes
to this object that cause a port to be included or
excluded affect the per-port per-VLAN Registrar control
for Registration Forbidden for the relevant GVRP state
machine on each port for which this policy is active. A
VLAN may not be added in this set if it is already a
member of the set of VLANs in etsysPolicyProfileEgressVlans.
This object is superseded on a per-port per-VLAN basis by
any 'set' bits in the dot1qVlanStaticEgressPorts and
dot1qVlanForbiddenEgressPorts. The default value of this
object is a string of zeros.
|
| etsysPolicyProfileUntaggedVlans |
.1.3.6.1.4.1.5624.1.2.6.1.5.1.10 |
|
The set of VLANs which should transmit egress packets as
untagged on ports for which this policy is active. This
object is superseded on a per-port per-VLAN basis by any
'set' bits in dot1qVlanStaticUntaggedPorts.
|
| etsysPolicyProfileOverwriteTCI |
.1.3.6.1.4.1.5624.1.2.6.1.5.1.11 |
|
If set, the information contained within the TCI field of
inbound, tagged packets will not be used by the device after the
ingress classification stage of packet relay. The net effect
will be that the TCI information may be used to classify the
packet, but will be overwritten (and ignored) by subsequent
stages of packet relay.
|
| etsysPolicyProfileRulePrecedence |
.1.3.6.1.4.1.5624.1.2.6.1.5.1.12 |
|
Each octet will contain a single value representing the rule
type to be matched against, defined by the
PolicyClassificationRuleType textual convention. When read,
will return the currently operating rule matching precedence,
ordered from first consulted (in the first octet) to last
consulted (in the last octet). A set of a single octet of
0x00 will result in a reversion to the default precedence
ordering. A set of any other values will result in the
specified rule types being matched in the order specified,
followed by the remaining rules, in default precedence order.
|
| etsysPolicyClassificationIndex |
.1.3.6.1.4.1.5624.1.2.6.2.4.1.1 |
|
Administratively assigned unique value, greater than zero.
Each etsysPolicyClassificationIndex instance MUST be unique
within the scope of its associated etsysPolicyProfileIndex.
|
| etsysPolicyClassificationOID |
.1.3.6.1.4.1.5624.1.2.6.2.4.1.2 |
|
This object follows the RowPointer textual convention and
is an OID reference to a classification rule.
This object MUST NOT be modifiable while this entry's
etsysPolicyClassificationStatus object has a value of
active(1).
|
| etsysPolicyClassificationRowStatus |
.1.3.6.1.4.1.5624.1.2.6.2.4.1.3 |
|
The status of this row.
When set to active(1) this entry's classification rule, as
referenced by etsysPolicyClassificationOID, becomes one of
its associated policy's set of rules.
When this entry's associated policy, as defined by
etsysPolicyProfileIndex, is active and assigned to a port
through the etsysPortPolicyProfileTable or to a station
through the etsysStationPolicyProfileTabbe, this
classification rule will be applied to the port or station.
The exact behavior of this application depends upon the
classification rule.
When this object is set to notInService(2) or notReady(3)
this entry is not considered one of its associated policy's
set of rules and this classification rule will not be
applied.
An entry MAY NOT be set to active(1) unless this row's
etsysPolicyClassificationOID is set to a valid
classification rule.
|
| etsysPolicyClassificationIngressList |
.1.3.6.1.4.1.5624.1.2.6.2.4.1.4 |
|
The ports on which an active policy profile has defined
this classification rule applies.
|
| etsysPortPolicyProfileIndexType |
.1.3.6.1.4.1.5624.1.2.6.3.2.1.1 |
|
This object defines the specific type of port this entry
represents.
|
| etsysPortPolicyProfileIndex |
.1.3.6.1.4.1.5624.1.2.6.3.2.1.2 |
|
An index value which represents a unique port of the type
defined by this entry's etsysPortPolicyProfileIndexType.
|
| etsysPortPolicyProfileAdminID |
.1.3.6.1.4.1.5624.1.2.6.3.2.1.3 |
|
This object represents the desired Policy Profile for this
dot1dBasePort or this ifIndex.
Setting this object to any value besides zero (0) should,
if possible, immediately place this entry's dot1dBasePort
or ifIndex into the given Policy Profile.
This object and etsysPortPolicyProfileOperID may not be the
same if this object is set to a Policy (i.e. an instance of
the etsysPolicyProfileTable) which is not in an active state
or if the etsysPortPolicyProfileOperID has been set by an
underlying security protocol such as RADIUS.
|
| etsysPortPolicyProfileOperID |
.1.3.6.1.4.1.5624.1.2.6.3.2.1.4 |
|
This object is the current policy which is being applied to
this entry's dot1dBasePort. A value of zero(0) indicates
there is no policy being applied to this dot1dBasePort or
this ifIndex.
If the value of this object has been set by an underlying
security protocol such as RADIUS, sets to this entry's
etsysPortPolicyProfileAdminID MUST NOT change the value
of this object until such time as the security protocol
releases this object by setting it to a value of zero (0).
|
| etsysPortPolicyProfileSummaryIndexType |
.1.3.6.1.4.1.5624.1.2.6.3.3.1.1 |
|
This object defines the specific type of port this entry
represents.
|
| etsysPortPolicyProfileSummaryAdminID |
.1.3.6.1.4.1.5624.1.2.6.3.3.1.2 |
|
An aggregate list of all Ports currently supporting
rules which assign this profileIndex through
administrative means. Rules of this type have a
valid etsysPolicyRuleResult2 action and a
profileIndex of 0.
|
| etsysPortPolicyProfileSummaryOperID |
.1.3.6.1.4.1.5624.1.2.6.3.3.1.3 |
|
An aggregate list of all Ports currently supporting
rules which assign this profileIndex through either
an administrative or dynamic means. The profileId
which will be assigned operationally, as frames are
handled are too be reported here.
|
| etsysPortPolicyProfileSummaryDynamicID |
.1.3.6.1.4.1.5624.1.2.6.3.3.1.4 |
|
An aggregate list of all Ports currently supporting
rules which assign this profileIndex through a
dynamic means. For example the profileIndex returned
via a successful 802.1X supplicant authentication.
|
| etsysStationPolicyProfileIndex |
.1.3.6.1.4.1.5624.1.2.6.5.4.1.2 |
|
An index value which represents a unique station entry.
|
| etsysStationIdentifierType |
.1.3.6.1.4.1.5624.1.2.6.5.4.1.3 |
|
Indicates the type of station identifying address contained
in etsysStationIdentifier.
|
| etsysStationIdentifier |
.1.3.6.1.4.1.5624.1.2.6.5.4.1.4 |
|
A value which represents a unique MAC Address, IP Address,
or other identifying address for a station, or other logical
and authenticatable sub-entity within a station, connected
to a port.
|
| etsysStationPolicyProfileOperID |
.1.3.6.1.4.1.5624.1.2.6.5.4.1.5 |
|
This object is the current policy which is being applied to
this entry's MAC Address. A value of zero(0) indicates
there is no policy being applied to this MAC Address.
The value of this object reflects either the setting from an
underlying AAA service such as RADIUS, or the default setting
based on the etsysPortPolicyProfileAdminID for the port on
which the station is connected.
This object and the corresponding etsysPortPolicyProfileAdminID
will not be the same if this object has been set by an
underlying security protocol such as RADIUS.
|
| etsysStationPolicyProfilePortType |
.1.3.6.1.4.1.5624.1.2.6.5.4.1.6 |
|
A textual convention that defines the specific type of port
designator the corresponding entry represents.
|
| etsysStationPolicyProfilePortID |
.1.3.6.1.4.1.5624.1.2.6.5.4.1.7 |
|
A value which represents the physical port, of the type
defined by this entry's etsysStationPolicyProfilePortType,
on which the associated station entity is connected. This
object is for convenience in cross referencing stations to
ports.
|
| etsysPolicyMapIndex |
.1.3.6.1.4.1.5624.1.2.6.10.6.1.1 |
|
A unique arbitrary identifier for this mapping entry.
|
| etsysPolicyMapRowStatus |
.1.3.6.1.4.1.5624.1.2.6.10.6.1.2 |
|
This object allows for the dynamic creation and deletion
of entries within the etsysPolicyMapTable as well as
the activation and deactivation of these entries.
|
| etsysPolicyMapStartVid |
.1.3.6.1.4.1.5624.1.2.6.10.6.1.3 |
|
This object defines the PVID of this profile or the
starting PVID of a PVID range. This value is typically
determined by authorization information, such as the PVID
value from the Tunnel-Private-Group-ID RADIUS attribute.
This value, together with the ending value of the range,
in any, is typically used as the look-up key for a PVID
to Policy Index mapping operation.
|
| etsysPolicyMapEndVid |
.1.3.6.1.4.1.5624.1.2.6.10.6.1.4 |
|
This object defines the ending PVID of a PVID range.
If the value of this object is identical to the value of
etsysPolicyMapStartVid within the same conceptual table
row, then the entry corresponds to a single PVID value.
|
| etsysPolicyMapPolicyIndex |
.1.3.6.1.4.1.5624.1.2.6.10.6.1.5 |
|
The index of a Policy as defined in the
etsysPolicyProfileTable. A value of 0 indicates that the
mapping defined by this row entry is the NULL mapping, and
that the PVID is to be applied as a traditional PVID.
A non-zero value of this object indicates that the PVID
provisioned (e.g. from the Tunnel-Private-Group-ID RADIUS
attribute) should be mapped to a Policy as defined in the
etsysPolicyProfileTable, and that policy applied as if
the Policy name had been provisioned instead (e.g, in the
Filter-ID RADIUS attribute), providing, of course, that
the etsysPolicyProfileRowStatus value of the table row so
indexed is active (1).
|
| etsysPolicyRuleProfileIndex |
.1.3.6.1.4.1.5624.1.2.6.11.6.1.1 |
|
The etsysPolicyProfileIndex for which the rule is defined.
A value of zero(0) has special meaning in that it scopes
rules which are used to determine the Policy Profile to
which the frame belongs. See the etsysPolicyRuleResult1
and etsysPolicyRuleResult2 descriptions for specifics of
how the results of a rule hit differ when the
etsysPolicyRuleProfileIndex is zero.
|
| etsysPolicyRuleType |
.1.3.6.1.4.1.5624.1.2.6.11.6.1.2 |
|
The type of network traffic reference by the
etsysPolicyRuleData.
|
| etsysPolicyRuleData |
.1.3.6.1.4.1.5624.1.2.6.11.6.1.3 |
|
The data pattern to match against, as defined by the
etsysPolicyRuleType, encoded in network-byte order.
|
| etsysPolicyRulePrefixBits |
.1.3.6.1.4.1.5624.1.2.6.11.6.1.4 |
|
The relevant number of bits defined by the
etsysPolicyRuleData, to be used when matching against a
frame, relevant bits are specified in longest-prefix-first
style (left to right). A value of zero carries the special
meaning of all bits are relevant.
|
| etsysPolicyRulePortType |
.1.3.6.1.4.1.5624.1.2.6.11.6.1.5 |
|
The port number on which the rule will be applied. Zero(0)
is a special case, indicating that the rule should be applied
to all ports.
|
| etsysPolicyRulePort |
.1.3.6.1.4.1.5624.1.2.6.11.6.1.6 |
|
The port number on which the rule will be applied. Zero(0)
is a special case, indicating that the rule should be applied
to all ports.
|
| etsysPolicyRuleRowStatus |
.1.3.6.1.4.1.5624.1.2.6.11.6.1.7 |
|
The status of this row.
When set to active(1) this entry's classification rule, as
referenced by etsysPolicyRulesOID, becomes one of
its associated policy's set of rules.
When this entry's associated policy, as defined by
etsysPolicyRuleProfileIndex, is active and assigned to a port
through the etsysPortPolicyProfileTable or to a station
through the etsysStationPolicyProfileTabbe, this
classification rule will be applied to the port or station.
The exact behavior of this application depends upon the
classification rule.
When this object is set to notInService(2) or notReady(3)
this entry is not considered one of its associated policy's
set of rules and this classification rule will not be
applied.
|
| etsysPolicyRuleStorageType |
.1.3.6.1.4.1.5624.1.2.6.11.6.1.8 |
|
The storage type of this row.
When set to volatile(1) this entry's classification rule, as
referenced by etsysPolicyRulesOID, will be removed (if
present) from non-volatile storage. Rows created dynamically
by the device will typically report this as their default
storage type.
When set to nonVolatile(1) this entry's classification rule, as
referenced by etsysPolicyRulesOID, will be added to non-volatile
storage. This is the default value for rows created as the result
of external management.
Values of other(0), permanent(4), and readOnly(5) may not be set,
although they may be returned for rows created by the device.
|
| etsysPolicyRuleUsageList |
.1.3.6.1.4.1.5624.1.2.6.11.6.1.9 |
|
When read, a set bit indicates that this rule was used to
classify traffic on the corresponding port. When set, the
native PortList will be bit-wise AND'ed with the set PortList,
allowing the agent to clear the usage indication.
|
| etsysPolicyRuleResult1 |
.1.3.6.1.4.1.5624.1.2.6.11.6.1.10 |
|
If the etsysPolicyRuleProfileIndex is 0 then this field is
read-only and defines the profile ID which will assigned
to frames matching this rule. This is the dynamically assigned
value and may differ from the administratively configured
value.
If the etsysPolicyRuleProfileIndex is not 0 then this field is
read-create and defines the VLAN ID with which to mark a frame
matching this PolicyRule.
Note that three special, otherwise illegal, values of the
etsysPolicyRuleVlan are used in defining the forwarding action.
-1 Indicates that no VLAN or forwarding behavior
modification is desired. A rule will not be matched
against for the purpose of determining a marking
VID if this value is set.
0 Indicates that the default forwarding action
is to drop the packets matching this rule.
4095 Indicates that the default forwarding action
is to forward any packets matching this rule.
|
| etsysPolicyRuleResult2 |
.1.3.6.1.4.1.5624.1.2.6.11.6.1.11 |
|
If the etsysPolicyRuleProfileIndex is 0 then this field is
read-create and defines the profile ID which the managing
entity desires assigned to frames matching this rule. This
is the administrative value and may differ from the
dynamically assigned active value.
If the etsysPolicyRuleProfileIndex is not 0 then this field is
The CoS with which to mark a frame matching this
PolicyRule.
Note that one special, otherwise illegal, values of the
etsysPolicyRuleCoS are used in defining the forwarding
action.
-1 Indicates that no CoS or forwarding behavior
modification is desired. A rule will not be
matched against for the purpose of determining
a CoS if this value is set.
|
| etsysPolicyRuleAuditSyslogEnable |
.1.3.6.1.4.1.5624.1.2.6.11.6.1.12 |
|
Controls the sending of a syslog message when a bit in the
etsysPolicyRuleUsageList transitions from 0 to 1.
|
| etsysPolicyRuleAuditTrapEnable |
.1.3.6.1.4.1.5624.1.2.6.11.6.1.13 |
|
Controls the sending of an SNMP NOTIFICATION when a bit in the
etsysPolicyRuleUsageList transitions from 0 to 1.
|
| etsysPolicyRuleDisablePort |
.1.3.6.1.4.1.5624.1.2.6.11.6.1.14 |
|
Controls the disabling of a port (ifOperStatus of the
corresponding ifIndex will be down) when a bit in the
etsysPolicyRuleUsageList transitions from 0 to 1. When set to
enabled, the corresponding ifIndex will be disabled upon the
transition.
|
| etsysPolicyRuleOperPid |
.1.3.6.1.4.1.5624.1.2.6.11.6.1.15 |
|
If the etsysPolicyRuleProfileIndex is 0 then this field
contains the currently applied profile ID for frames
matching this rule. This may be either the administratively
applied value or the dynamically applied value.
If the etsysPolicyRuleProfileIndex is not 0, then this
object does not exist and will not be returned.
Note that one special, otherwise illegal, values of the
etsysPolicyRuleCoS are used in defining the forwarding
action.
-1 Indicates that no profile ID is being applied
by this rule.
|
| etsysPolicyRulePortHit |
.1.3.6.1.4.1.5624.1.2.6.11.7.1.1 |
|
Every row will report a value of True, indicating that the
Rule described by the instancing was used on the given
port. An agent may be set this leaf to False to clear
remove the row and clear the Rule Use bit for the
specified Rule, on the given bridgePort.
|
