| etsysWPAConfigIndex |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.1 |
|
Each 802.11 interface is represented by an entry in the
ifTable. If this index is zero, the information in this
table shall apply to all 802.11 interfaces.
|
| etsysWPAConfigOptionImplemented |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.2 |
|
This variable indicates whether the entity is WPA-capable.
|
| etsysWPAConfigEnabled |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.3 |
|
When this object is set to TRUE, this shall indicate that
WPA is enabled on this entity. The entity will advertise the
WPA Information Element in its Beacons and Probe Responses.
This object requires that dot11PrivacyInvoked also be set
to TRUE.
If dot11PrivacyInvoked is TRUE and etsysWPAConfigEnabled is
FALSE, the security mechanism used is WEP.
|
| etsysWPAConfigTKIPNumberOfReplayCounters |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.4 |
|
Specifies the number of replay counters:
(0) - 1 replay counter,
(1) - 2 replay counters,
(2) - 4 replay counters,
(3) - 16 replay counters.
|
| etsysWPAConfigVersion |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.5 |
|
The highest WPA version this entity supports.
|
| etsysWPAConfigPairwiseKeysSupported |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.6 |
|
This object indicates how many pairwise keys the entity
supports for WPA. When zero, it only supports (four)
group keys.
|
| etsysWPAConfigMulticastCipher |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.7 |
|
This object indicates the multicast cipher suite selector
the entity must use. The multicast cipher suite in the WPA
Information Element shall take its value from this variable.
It consists of an OUI (the three most significant octets)
and a cipher suite identifier (the least significant octet).
The network administrator can always override the
automatically selected multicast cipher suite by writing
this object.
|
| etsysWPAConfigGroupRekeyMethod |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.8 |
|
This object selects a mechanism for rekeying the WPA Group Key.
The default is time-based, once per day. Rekeying the Group
key is only applicable to an entity acting in the Authenticator
role (an AP in an ESS).
|
| etsysWPAConfigGroupRekeyTime |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.9 |
|
The time in seconds after which the WPA group key
must be refreshed. The timer shall start at the moment
the group key was set using the MLME-SetKeys primitive.
The fine granularity (seconds) also enables the network
Administrator to 'immediately' refresh the group key.
|
| etsysWPAConfigGroupRekeyPackets |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.10 |
|
A packet count (in 1000s of packets) after which the WPA
group key shall be refreshed. The packet counter shall
start at the moment the group key was set using the
MLME-SetKeys primitive and it shall count all packets
encrypted using the current group key.
|
| etsysWPAConfigGroupRekeyStrict |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.11 |
|
This object signals that the WPA group key shall be
refreshed whenever a Station leaves the BSS.
|
| etsysWPAConfigPSKValue |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.12 |
|
The Pre-Shared Key (PSK) for when WPA in PSK mode is
the selected authentication suite. In that case, the PMK
will obtain its value from this object.
A string of all 0x00 octets has the meaning 'clear the
key'.
This object is logically write-only. Reading this
variable shall return unsuccessful status or null or zero.
|
| etsysWPAConfigPSKPassPhrase |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.13 |
|
The PSK, for when WPA in PSK mode is the selected
authentication suite, is configured by etsysWPAConfigPSKValue.
An alternative manner of setting the PSK uses the
password-to-key algorithm defined in section XXX. This
variable provides a means to enter a pass phrase. When
this object is written, the WPA entity shall use the
password-to-key algorithm specified in section XXX to
derive a pre-shared key and populate etsysWPAConfigPSKValue
with this key.
This object is logically write-only. Reading this
variable shall return unsuccessful status or null
or zero.
|
| etsysWPAConfigPSKValueEntered |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.14 |
|
Indicates whether the Pre-Shared Key (etsysWPAConfigPSKValue)
is set. This allows a network management system to prompt
the network manager, when appropriate, to enter the initial
value of the key.
|
| etsysWPAConfigMultipleAuthSuitesSupported |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.15 |
|
Indicates whether the entity can take advantage of multiple
selections in the etsysWPAConfigAuthenticationSuitesTable.
On radios that allow use of only one key management suite at
a time, the access point may choose among the selected suites
in an arbitrary fashion.
|
| etsysWPAConfigGroupMasterRekeyTime |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.16 |
|
The time in seconds after which the WPA group master
key must be changed. The timer shall start at the
moment the group master key was set.
A group key refresh will occur on a group master key
change.
The fine granularity (seconds) also enables the network
Administrator to 'immediately' refresh the group master key.
|
| etsysWPAConfigGroupUpdateTimeOut |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.17 |
|
The time in seconds after which the WPA group
update handshake will be retried. The timer shall
start at the moment the group update message is sent.
|
| etsysWPAConfigGroupUpdateCount |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.18 |
|
The number of times the WPA Group update will be retried.
|
| etsysWPAConfigPairwiseUpdateTimeOut |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.19 |
|
The time in seconds after which the WPA 4-way handshake
will be retried. The timer shall start at the moment a
4-way message is sent.
|
| etsysWPAConfigPairwiseUpdateCount |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.20 |
|
The number of times the WPA 4-way handshake will be retried.
|
| etsysWPAConfigLegacyOptionSupported |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.21 |
|
This object indicates whether the entity supports the 'Allow
Legacy Clients' option. The answer may vary depending upon
the currently-installed radio card model.
|
| etsysWPAConfigAllowLegacyClients |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.22 |
|
This object provides a way to indicate that an access point in
WPA mode should accept associations from both WPA clients and
legacy (pre-WPA, pre-RSN) clients.
When this object is true(1), the etsysWPAConfigMulticastCipher
must be WEP-40 or WEP-104 (a.k.a. 128-bit WEP).
Using WEP Group keys and letting legacy clients associate may
weaken security. To minimize this,
1. Enable legacy associations only on radios that support
Pairwise keys.
2. Enable frequent Group key rekeying. With TKIP and AES,
there's much less threat of key cracking than with WEP,
so the default is 'once in a blue moon'. With WEP, you
need to think more in terms of Rapid Rekeying.
Access points implementing this feature are under no obligation
to support non-802.1X clients. For instance, an access point
might use one-time dynamic WEP keys when WPA Group key rotation
is disabled. Static WEP clients would not know these keys.
|
| etsysWPAConfigRekeyPairwiseWEP |
.1.3.6.1.4.1.5624.1.2.32.1.1.1.23 |
|
This object applies when WPA is enabled (dot11PrivacyInvoked,
etsysWPAConfigEnabled) and management has chosen to allow a mix
of WPA and non-WPA clients (etsysWPAConfigAllowLegacyClients).
It specifies whether the access point should tumble Pairwise
WEP keys belonging to non-WPA clients. The access point uses
Group key rotation as a trigger for Pairwise WEP key tumbling;
if you want the latter, be sure to configure the former.
See also: etsysDot1xRekeyPairwise.
|
| etsysWPAConfigUnicastCipherIndex |
.1.3.6.1.4.1.5624.1.2.32.1.2.1.1 |
|
The auxiliary index into the
etsysWPAConfigUnicastCiphersTable.
|
| etsysWPAConfigUnicastCipher |
.1.3.6.1.4.1.5624.1.2.32.1.2.1.2 |
|
The selector of a supported unicast cipher. It consists of
an OUI (the three most significant octets) and a cipher
suite identifier (the least significant octet).
|
| etsysWPAConfigUnicastCipherEnabled |
.1.3.6.1.4.1.5624.1.2.32.1.2.1.3 |
|
This object enables or disables the unicast cipher.
|
| etsysWPAConfigAuthenticationSuiteIndex |
.1.3.6.1.4.1.5624.1.2.32.1.3.1.1 |
|
The auxiliary variable used as an index into
the etsysWPAConfigAuthenticationSuitesTable.
|
| etsysWPAConfigAuthenticationSuite |
.1.3.6.1.4.1.5624.1.2.32.1.3.1.2 |
|
The selector of an authentication suite. It consists of an
OUI (the three most significant octets) and a cipher suite
identifier (the least significant octet).
|
| etsysWPAConfigAuthenticationSuiteEnabled |
.1.3.6.1.4.1.5624.1.2.32.1.3.1.3 |
|
This variable indicates whether the corresponding
authentication suite is enabled/disabled.
|
| etsysWPAStatsIndex |
.1.3.6.1.4.1.5624.1.2.32.1.4.1.1 |
|
An auxiliary index into the etsysWPAStatsTable.
|
| etsysWPAStatsSTAAddress |
.1.3.6.1.4.1.5624.1.2.32.1.4.1.2 |
|
The MAC address of the station the statistics in this
conceptual row belong to.
|
| etsysWPAStatsVersion |
.1.3.6.1.4.1.5624.1.2.32.1.4.1.3 |
|
The WPA version which the station associated with.
|
| etsysWPAStatsSelectedUnicastCipher |
.1.3.6.1.4.1.5624.1.2.32.1.4.1.4 |
|
The Authentication Suite the station selected
during association. The value consists of a three
octet OUI followed by a one octet Type as follows:
OUI Value Authentication Type Key Management Type
-------- ----- ------------------- -------------------
00:00:00 0 Reserved Reserved
00:00:00 1 Unspecified authentication 802.1X Key Management
over 802.1X
00:00:00 2 None 802.1X Key Management
using pre-shared Key
00:00:00 3-255 Reserved Reserved
Vendor any Vendor Specific Vendor Specific
other any Reserved Reserved
|
| etsysWPAStatsTKIPICVErrors |
.1.3.6.1.4.1.5624.1.2.32.1.4.1.5 |
|
Counts the number of TKIP ICV errors encountered
when decrypting packets for the station.
|
| etsysWPAStatsTKIPLocalMICFailures |
.1.3.6.1.4.1.5624.1.2.32.1.4.1.6 |
|
Counts the number of Michael MIC failure encountered
when checking the integrity of packets received from
the station at this entity.
|
| etsysWPAStatsTKIPRemoteMICFailures |
.1.3.6.1.4.1.5624.1.2.32.1.4.1.7 |
|
Counts the number of Michael MIC failures encountered
by the station identified by dot11StatsSTAAddress and
reported back to this entity.
|
| etsysWPAStatsTKIPCounterMeasuresInvoked |
.1.3.6.1.4.1.5624.1.2.32.1.4.1.8 |
|
Counts the number of times a MIC failure occurred two
times within 60 seconds and counter-measures were
invoked. This variables counts this for both local and
remote. It counts every time countermeasures are
invoked.
|
