| etsysPwaSystemAuthControl |
.1.3.6.1.4.1.5624.1.2.8.1.1 |
|
The administrative enable/disable state for Port Web
Authentication Control in a System. Enabling this object
turns on the PWA system.
|
| etsysPwaSystemAuthHostName |
.1.3.6.1.4.1.5624.1.2.8.1.2 |
|
This is the hostname part the Uniform Resource Locator
(URL). This object is a DNS/WINS name and is considered
to be bound to the etsysPwaSystemAuthIPAddress.
This object must not contain the protocol portion of the URL
nor any directory or filenames. Changing this objects value
changes the default name of the http server located at the
local switch. An administrator can change this objects value
to whatever name is appropriate for their network.
|
| etsysPwaSystemAuthBanner |
.1.3.6.1.4.1.5624.1.2.8.1.3 |
|
The banner that will be displayed on the web login page
of the Port Web Authentication Control in a System. This
banner is a courtesy introduction to the network, which
the user sees on the login page.
|
| etsysPwaSystemPwaNameServicesEnable |
.1.3.6.1.4.1.5624.1.2.8.1.4 |
|
The enable state of the name services application.
Enabling this object turns on the Domain Name Service
(DNS) and the Windows Internet Naming Services (WINS)
clients. These clients will resolve only requests for
the etsysPwaSystemAuthHostName. Disabling this object
would require users in the network to know and use the
etsysPwaSystemAuthIPAddress of this system.
|
| etsysPwaSystemAuthIPAddressType |
.1.3.6.1.4.1.5624.1.2.8.1.5 |
|
This object has been deprecated. Refer to
etsysPwaSystemAuthIPAddress for the reason.
The textual convention for InetAddressType
states that this object must be registered
immediately before the InetAddress that it
defines. etsysPwaSystemAuthInetAddressType
MUST be used for all future implementations
of this MIB.
|
| etsysPwaSystemAuthIPAddress |
.1.3.6.1.4.1.5624.1.2.8.1.6 |
|
This object has been deprecated due to an incorrect
initial implementation of this MIB. This object was
originally an InetAddress but some versions of the E7
firmware implemented it as an IpAddress. The syntax
of this object was changed to allow management of the
existing products. The etsysPwaSystemAuthInetAddress
object MUST be used for all future implementations of
this MIB.
|
| etsysPwaSystemAuthProtocol |
.1.3.6.1.4.1.5624.1.2.8.1.7 |
|
The authentication protocol used for this switch module.
When set to a chap(1), the authentication scheme used will
be the 'PPP Challenge Handshake Authentication Protocol
(CHAP)', when set to a pap(2), the scheme will be
'Password Authentication Protocol (PAP)'.
When using the CHAP protocol, the username and password
utilize the CHAP protocol method of encryption to encrypt
the users password in the http transmission of the submitted
form on the segment between the end-station and the
switch port.
The PAP protocol is less secure than CHAP and does not
provide any encryption on the segment between the
end-station the switch port. The username and password
go over this segment in the http transmission of the
submitted form in plain text format.
|
| etsysPwaSystemAuthDomain |
.1.3.6.1.4.1.5624.1.2.8.1.8 |
|
The domain name for which this module resides in.
|
| etsysPwaSystemAuthInetAddressType |
.1.3.6.1.4.1.5624.1.2.8.1.9 |
|
A value that represents a type of
etsysPwaSystemAuthInetAddress.
unknown(0) An unknown address type. This value MUST
be used if the value of the corresponding
InetAddress object is a zero-length string.
It may also be used to indicate an IP address
which is not in one of the formats defined
below.
ipv4(1) An IPv4 address as defined by the
InetAddressIPv4 textual convention.
ipv6(2) An IPv6 address as defined by the
InetAddressIPv6 textual convention.
|
| etsysPwaSystemAuthInetAddress |
.1.3.6.1.4.1.5624.1.2.8.1.10 |
|
The IP address bound to the etsysPwaSystemAuthHostName.
The format of this object is defined in the
etsysPwaSystemAuthInetAddressType object. This address
MUST be supplied for authentication to work. This is a
globally unique address and must be the same value
configured into every authenticating switch in the domain.
Each switch terminates any IP traffic destined to this
etsysPwaSystemAuthInetAddress. If the port is in either
promiscousAuto(4) or auto(2) mode, described in the
etsysPwaControlledPortControl object, then the local
switch in question responds to http requests with a login
page. If the port is in any other mode, then all traffic
destined for etsysPwaSystemAuthInetAddress is discarded.
Please note that neither the etsysPwaSystemAuthHostName
object nor this object refer to any specific machine
in the network. These objects are always relative to the
connection between an end station and a switch. Traffic
destined for this IP is never seen over interswitch links.
|
| etsysPwaSystemAuthEnhancedMode |
.1.3.6.1.4.1.5624.1.2.8.1.11 |
|
The enable state of the PWA enhanced mode. When this
feature is enabled users on unauthenticated ports will
be presented the login page on their initial web access.
The etsysPwaControlledPortControl object MUST be set to
auto(2) for this feature to function correctly.
If etsysPwaControlledPortControl is not set to auto(2),
or if this feature is disabled, users must enter the
value of etsysPwaSystemAuthHostName in order to get the
login page.
|
| etsysPwaLogoDisplayStatus |
.1.3.6.1.4.1.5624.1.2.8.1.12 |
|
When this object is set to enabled, the secureharbour
logo will be displayed on the PWA login web pages.
When it is set to disabled, the logo will not be displayed.
|
| etsysPwaSystemGuestUsername |
.1.3.6.1.4.1.5624.1.2.8.1.13 |
|
The username that the Guest Networking feature will use to
authenticate users that do not override this value in the
login page.
|
| etsysPwaSystemGuestPassword |
.1.3.6.1.4.1.5624.1.2.8.1.14 |
|
The password that the Guest Networking feature will use to
authenticate users that do not override the guest username.
On a read this object will always return an empty string.
|
| etsysPwaSystemGuestPasswordValid |
.1.3.6.1.4.1.5624.1.2.8.1.15 |
|
true(1) - indicates that etsysPwaGuestPassword was last set
with some value other than the empty string.
false(2) - indicates that etsysPwaGuestPassword has never
been set, or was last set to the empty string.
|
| etsysPwaSystemGuestNetworkingStatus |
.1.3.6.1.4.1.5624.1.2.8.1.16 |
|
Guest Networking is a feature that allows a user to get default
policy access to the network without having to know a username
or password. When this feature is not disabled(1), the username
on the login page will be populated with the value from the
object etsysPwaGuestUsername and the password will be mask out
with asterisks. The password in the login page should never be
populated with the value from etsysPwaGuestPassword. When Guest
Networking is enabled, and a user submits a request for
authentication, and the username is the same as the value from
etsysPwaGuestUsername, PWA will use the value from
etsysPwaGuestPassword as the password for authentication.
When this object is set to disabled(1), Guest Networking will
be unavailable.
When set to authNone(2) Guest Networking will be enabled and
it will not authenticate the guest user using any authentication
method. Once the user submits the login page with the username
that matches the value from etsysPwaGuestUsername, the default
policy of that port will become the active policy.
When set to authRadius(3) Guest Networking will be enabled and
it will authenticate the guest user using RADIUS authentication
Upon a successful authentication from RADIUS, this port will
apply the policy returned from RADIUS to that port.
|
| etsysPwaSystemEnhancedModeRefreshTime |
.1.3.6.1.4.1.5624.1.2.8.1.17 |
|
This is the value that is displayed on the PWA login success
page as the redirect time.
If a user, using PWA enhanced mode, enters a URL of
'http://enterasys.com' prior to being presented with the PWA
login page and then successfully authenticates into the network
they would be presented with a login success page that displays
'Welcome to the Network. Completing network connections.
You will be redirected to http://enterasys.com in
approximately 30 seconds'.
An end-station that is utilizing the Dynamic Host Configuration
Protocol (DHCP) as a means of obtaining an IP address will take
some time to transition from the temporary IP address issued by
PWA, as part of the authentication process, to the official IP
address issued by the network.
etsysPwaSystemEnhancedModeRefreshTime provides a configurable
time period for the end-stations on a given switch to complete
the process of obtaining their official IP addresses and to
begin using them. The default value of 30 seconds has been
shown to be adequate in most environments. In some networks
this time period may need to be longer, and in other networks
it could be shorter.
In networks that only use static IP addresses a time period on
the order of 5 to 10 seconds may be sufficient. A period of
less than 5 seconds is not recommended as there is a slight
delay after a successful login before the switch transitions
the port to forwarding.
|
| etsysPwaPortConfigurationEntry |
.1.3.6.1.4.1.5624.1.2.8.2.1.1 |
|
The ifIndex number, maximum number of requests, quiet
period between failed attempts, and initialization control
for a Port. This table holds the objects for configuring
the PWA system.
|
| etsysPwaAuthStatusEntry |
.1.3.6.1.4.1.5624.1.2.8.3.1.1 |
|
The status information for an Authenticator PWA.
|
| etsysPwaAuthSessionStatsEntry |
.1.3.6.1.4.1.5624.1.2.8.4.1.1 |
|
The session statistics information for an Authenticator
PWA. This shows the current values being collected for
each session that is still in progress, or the final
values for the last valid session on each ifIndex where
there is no session currently active.
|
| etsysPwaAuthSessionStatsHCEntry |
.1.3.6.1.4.1.5624.1.2.8.4.2.1 |
|
The session statistics information for an Authenticator
PWA. This shows the current values being collected for
each session that is still in progress, or the final
values for the last valid session on each ifIndex where there
is no session currently active.
|
| etsysPwaPortNumber |
.1.3.6.1.4.1.5624.1.2.8.2.1.1.1 |
|
The ifIndex number associated with this port.
|
| etsysPwaInitializePort |
.1.3.6.1.4.1.5624.1.2.8.2.1.1.2 |
|
The initialization control for this ifIndex. This object
can be used to unauthenticate a user on a port or to return
the port to its initial default state due to some unknown
condition. Setting this attribute to true(1) causes the
Port to be initialized. The attribute value reverts to
false(2) once initialization has completed. Initializing a
port returns the etsysPwaAuthPwaState to disconnected(1)
and if the etsysPwaControlledPortControl setting is either
promiscousAuto(4) or auto(2), and the etsysPwaAuthPwaState
was authenticated(3), then the current session is terminated,
and the user is forced off the network.
|
| etsysPwaAuthQuietPeriod |
.1.3.6.1.4.1.5624.1.2.8.2.1.1.3 |
|
The value, in seconds, of the quietPeriod constant
currently in use by the Port Web Authenticator state
machine. After the user attempts unsuccessfully to login
a number of times equal to the etsysPwaAuthMaxReq constant,
then the ifIndex is locked for a time period equal to the
value of this MIB entry.
In the initial released version of this MIB this object
was an Unsigned32. The initial implementation on the E7
returned an Integer32. The syntax of this object was
changed to reflect the existing product in the field.
All future implementations of this object should return
an Integer32.
|
| etsysPwaAuthMaxReq |
.1.3.6.1.4.1.5624.1.2.8.2.1.1.4 |
|
The value of the maxReq constant currently in use by the
Port Web Authenticator state machine. This represents the
maximum number of failed retry attempts before preventing
any further attempts for a time period equal to the value
of etsysPwaAuthQuietPeriod.
In the initial released version of this MIB this object
was an Unsigned32. The initial implementation on the E7
returned an Integer32. The syntax of this object was
changed to reflect the existing product in the field.
All future implementations of this object should return
an Integer32.
|
| etsysPwaControlledPortControl |
.1.3.6.1.4.1.5624.1.2.8.2.1.1.5 |
|
The authentication method of the ifIndex.
A value of forceUnauthorized(1) indicates that the
port is always unauthenticated. When set to this value
the ifindex is essentially disabled.
A value of auto(2) indicates that the ifindex will
authenticate users using PWA process. In this mode
the switch will provide all the services the
end-station will need to complete the login. These
services include a Dynamic Host Configuration Protocol
(DHCP) server, a Windows Internet Naming Server (WINS),
and a Domain Name Service (DNS) Server.
A value of forceAuthorized(3) indicates the port is always
authorized. When set to this value, the ifindex will
always be authenticated.
When set to promiscousAuto(4) the services that are
required to complete the network login are not provided
by the switch. These services must be provided on a
back-end network that the end-station can communicate
with. These services might be specific to the particular
Operating System of the end-station and could also include
the same services as provided in auto mode.
|
| etsysPwaAuthPwaState |
.1.3.6.1.4.1.5624.1.2.8.3.1.1.1 |
|
The current value of the Port Web Authenticator state
machine. When set to disconnected(1) no user is logged in.
When set to authenticating(2), it indicates that a login is
in process and has not yet completed. A value of
authenticated(3) indicates a user has successfully logged
in. When the value is held(4) it indicates that the port is
locked down because the number of failed login attempts is
greater than etsysPwaAuthMaxReq.The port will be locked until
the etsysPwaAuthQuietPeriod has expired.
|
| etsysPwaMaxFailedAttempts |
.1.3.6.1.4.1.5624.1.2.8.3.1.1.2 |
|
The total number of failed logon attempts on this ifIndex.
|
| etsysPwaFailedAttemptsSinceLogon |
.1.3.6.1.4.1.5624.1.2.8.3.1.1.3 |
|
The total number of failed logon attempts since the last
successful logon on this ifIndex.
|
| etsysPwaLastLogonResult |
.1.3.6.1.4.1.5624.1.2.8.3.1.1.4 |
|
This ASCII string provides an unstructured way for the web
based auth agent to communicate detailed error and status
indications to a network administrator.
|
| etsysPwaAuthSessionID |
.1.3.6.1.4.1.5624.1.2.8.4.1.1.1 |
|
A unique ID that identifies the session on this ifindex.
|
| etsysPwaAuthSessionOctetsRx |
.1.3.6.1.4.1.5624.1.2.8.4.1.1.2 |
|
The number of octets received in user data frames on this
ifIndex during the session.
|
| etsysPwaAuthSessionOctetsRxOverflow |
.1.3.6.1.4.1.5624.1.2.8.4.1.1.3 |
|
The number of times the associated
etsysPwaAuthSessionOctetsRx counter has overflowed.
|
| etsysPwaAuthSessionOctetsTx |
.1.3.6.1.4.1.5624.1.2.8.4.1.1.4 |
|
The number of octets transmitted in user data frames on
this ifIndex during the session.
|
| etsysPwaAuthSessionOctetsTxOverflow |
.1.3.6.1.4.1.5624.1.2.8.4.1.1.5 |
|
The number of times the associated
etsysPwaAuthSessionOctetsTx counter has overflowed.
|
| etsysPwaAuthSessionFramesRx |
.1.3.6.1.4.1.5624.1.2.8.4.1.1.6 |
|
The number of user data frames received on this ifIndex
during the session.
|
| etsysPwaAuthSessionFramesTx |
.1.3.6.1.4.1.5624.1.2.8.4.1.1.7 |
|
The number of user data frames transmitted on this ifIndex
during the session.
|
| etsysPwaAuthSessionStartTime |
.1.3.6.1.4.1.5624.1.2.8.4.1.1.8 |
|
The start time of the session in hundredths of seconds
since reset.
|
| etsysPwaAuthSessionDuration |
.1.3.6.1.4.1.5624.1.2.8.4.1.1.9 |
|
The duration of the session in hundredths of seconds.
|
| etsysPwaAuthSessionTerminateCause |
.1.3.6.1.4.1.5624.1.2.8.4.1.1.10 |
|
The reason for the session termination. When set to
linkDown(1), the ifindex has no link. When set to
logoff(2), a user has successfully logged off the
network on this ifindex. When set to
authControlForceUnauth(3) an administrator has
terminated the user session on this ifindex by setting
etsysPwaControlledPortControl to forceUnauthorized(1).
When set to portReInit(4) the ifindex has been
re-initialized by setting the object etsysPwaInitializePort.
When set to portDisabled(5) the ifindex has been disabled.
When set notTerminatedYet(999) the ifindex has an active
session.
|
| etsysPwaAuthSessionMacAddress |
.1.3.6.1.4.1.5624.1.2.8.4.1.1.11 |
|
The mac address of the remote user of this session entry
stored for this ifIndex.
|
| etsysPwaAuthSessionIPAddressType |
.1.3.6.1.4.1.5624.1.2.8.4.1.1.12 |
|
A value that represents a type of
etsysPwaAuthSessionIPAddress.
unknown(0) An unknown address type. This value MUST
be used if the value of the corresponding
InetAddress object is a zero-length string.
It may also be used to indicate an IP address
which is not in one of the formats defined
below.
ipv4(1) An IPv4 address as defined by the
InetAddressIPv4 textual convention.
ipv6(2) An IPv6 address as defined by the
InetAddressIPv6 textual convention.
|
| etsysPwaAuthSessionIPAddress |
.1.3.6.1.4.1.5624.1.2.8.4.1.1.13 |
|
The ip address of the remote user of this session entry
stored for this ifIndex. The format of this object is
defined in the etsysPwaAuthSessionIPAddressType object.
|
| etsysPwaAuthSessionUserName |
.1.3.6.1.4.1.5624.1.2.8.4.1.1.14 |
|
The username that logged on to this ifIndex.
|
| etsysPwaAuthSessionHCID |
.1.3.6.1.4.1.5624.1.2.8.4.2.1.1 |
|
A unique ID that identifies the session on this ifindex.
|
| etsysPwaAuthSessionOctetsRxHc |
.1.3.6.1.4.1.5624.1.2.8.4.2.1.2 |
|
The number of octets received in user data frames on this
ifIndex during the session.
|
| etsysPwaAuthSessionOctetsTxHc |
.1.3.6.1.4.1.5624.1.2.8.4.2.1.3 |
|
The number of octets transmitted in user data frames on
this ifIndex during the session.
|
