1 RADIUS-AUTH-SERVER-MIB DEFINITIONS ::= BEGIN
4 MODULE-IDENTITY, OBJECT-TYPE, OBJECT-IDENTITY,
6 IpAddress, TimeTicks, mib-2 FROM SNMPv2-SMI
7 SnmpAdminString FROM SNMP-FRAMEWORK-MIB
8 InetAddressType, InetAddress FROM INET-ADDRESS-MIB
9 MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF;
11 radiusAuthServMIB MODULE-IDENTITY
12 LAST-UPDATED "200608210000Z" -- 21 August 2006
13 ORGANIZATION "IETF RADIUS Extensions Working Group."
20 Phone: +1 425 936 6605
24 EMail: bernarda@microsoft.com"
26 "The MIB module for entities implementing the server
27 side of the Remote Authentication Dial-In User
28 Service (RADIUS) authentication protocol. Copyright
29 (C) The Internet Society (2006). This version of this
30 MIB module is part of RFC 4669; see the RFC itself for
32 REVISION "200608210000Z" -- 21 August 2006
34 "Revised version as published in RFC 4669. This
35 version obsoletes that of RFC 2619 by deprecating the
36 MIB table containing IPv4-only address formats and
37 defining a new table to add support for version-neutral
38 IP address formats. The remaining MIB objects from RFC
39 2619 are carried forward into this version."
40 REVISION "199906110000Z" -- 11 Jun 1999
41 DESCRIPTION "Initial version as published in RFC 2619."
42 ::= { radiusAuthentication 1 }
44 radiusMIB OBJECT-IDENTITY
47 "The OID assigned to RADIUS MIB work by the IANA."
50 radiusAuthentication OBJECT IDENTIFIER ::= {radiusMIB 1}
52 radiusAuthServMIBObjects OBJECT IDENTIFIER
53 ::= { radiusAuthServMIB 1 }
55 radiusAuthServ OBJECT IDENTIFIER
56 ::= { radiusAuthServMIBObjects 1 }
58 radiusAuthServIdent OBJECT-TYPE
59 SYNTAX SnmpAdminString
63 "The implementation identification string for the
64 RADIUS authentication server software in use on the
65 system, for example, 'FNS-2.1'."
66 ::= {radiusAuthServ 1}
68 radiusAuthServUpTime OBJECT-TYPE
76 "If the server has a persistent state (e.g., a
77 process), this value will be the time elapsed (in
78 hundredths of a second) since the server process
79 was started. For software without persistent state,
80 this value will be zero."
81 ::= {radiusAuthServ 2}
83 radiusAuthServResetTime OBJECT-TYPE
88 "If the server has a persistent state (e.g., a process)
89 and supports a 'reset' operation (e.g., can be told to
90 re-read configuration files), this value will be the
91 time elapsed (in hundredths of a second) since the
92 server was 'reset.' For software that does not
93 have persistence or does not support a 'reset'
94 operation, this value will be zero."
95 ::= {radiusAuthServ 3}
97 radiusAuthServConfigReset OBJECT-TYPE
98 SYNTAX INTEGER { other(1),
102 MAX-ACCESS read-write
105 "Status/action object to reinitialize any persistent
106 server state. When set to reset(2), any persistent
107 server state (such as a process) is reinitialized as
108 if the server had just been started. This value will
109 never be returned by a read operation. When read,
110 one of the following values will be returned:
111 other(1) - server in some unknown state;
112 initializing(3) - server (re)initializing;
113 running(4) - server currently running."
114 ::= {radiusAuthServ 4}
116 radiusAuthServTotalAccessRequests OBJECT-TYPE
122 "The number of packets received on the
126 authentication port."
127 REFERENCE "RFC 2865 section 4.1"
128 ::= { radiusAuthServ 5}
130 radiusAuthServTotalInvalidRequests OBJECT-TYPE
136 "The number of RADIUS Access-Request packets
137 received from unknown addresses."
138 REFERENCE "RFC 2865 section 4.1"
139 ::= { radiusAuthServ 6 }
141 radiusAuthServTotalDupAccessRequests OBJECT-TYPE
147 "The number of duplicate RADIUS Access-Request
149 REFERENCE "RFC 2865 section 4.1"
150 ::= { radiusAuthServ 7 }
152 radiusAuthServTotalAccessAccepts OBJECT-TYPE
158 "The number of RADIUS Access-Accept packets sent."
159 REFERENCE "RFC 2865 section 4.2"
160 ::= { radiusAuthServ 8 }
162 radiusAuthServTotalAccessRejects OBJECT-TYPE
168 "The number of RADIUS Access-Reject packets sent."
169 REFERENCE "RFC 2865 section 4.3"
170 ::= { radiusAuthServ 9 }
172 radiusAuthServTotalAccessChallenges OBJECT-TYPE
181 "The number of RADIUS Access-Challenge packets sent."
182 REFERENCE "RFC 2865 section 4.4"
183 ::= { radiusAuthServ 10 }
185 radiusAuthServTotalMalformedAccessRequests OBJECT-TYPE
191 "The number of malformed RADIUS Access-Request
192 packets received. Bad authenticators
193 and unknown types are not included as
194 malformed Access-Requests."
195 REFERENCE "RFC 2865 section 4.1"
196 ::= { radiusAuthServ 11 }
198 radiusAuthServTotalBadAuthenticators OBJECT-TYPE
204 "The number of RADIUS Authentication-Request packets
205 that contained invalid Message Authenticator
206 attributes received."
207 REFERENCE "RFC 2865 section 3"
208 ::= { radiusAuthServ 12 }
210 radiusAuthServTotalPacketsDropped OBJECT-TYPE
216 "The number of incoming packets
217 silently discarded for some reason other
218 than malformed, bad authenticators or
220 REFERENCE "RFC 2865 section 3"
221 ::= { radiusAuthServ 13 }
223 radiusAuthServTotalUnknownTypes OBJECT-TYPE
232 "The number of RADIUS packets of unknown type that
234 REFERENCE "RFC 2865 section 4"
235 ::= { radiusAuthServ 14 }
238 radiusAuthClientTable OBJECT-TYPE
239 SYNTAX SEQUENCE OF RadiusAuthClientEntry
240 MAX-ACCESS not-accessible
243 "The (conceptual) table listing the RADIUS
244 authentication clients with which the server shares
246 ::= { radiusAuthServ 15 }
249 radiusAuthClientEntry OBJECT-TYPE
250 SYNTAX RadiusAuthClientEntry
251 MAX-ACCESS not-accessible
254 "An entry (conceptual row) representing a RADIUS
255 authentication client with which the server shares a
257 INDEX { radiusAuthClientIndex }
258 ::= { radiusAuthClientTable 1 }
260 RadiusAuthClientEntry ::= SEQUENCE {
261 radiusAuthClientIndex Integer32,
262 radiusAuthClientAddress IpAddress,
263 radiusAuthClientID SnmpAdminString,
264 radiusAuthServAccessRequests Counter32,
265 radiusAuthServDupAccessRequests Counter32,
266 radiusAuthServAccessAccepts Counter32,
267 radiusAuthServAccessRejects Counter32,
268 radiusAuthServAccessChallenges Counter32,
269 radiusAuthServMalformedAccessRequests Counter32,
270 radiusAuthServBadAuthenticators Counter32,
271 radiusAuthServPacketsDropped Counter32,
272 radiusAuthServUnknownTypes Counter32
275 radiusAuthClientIndex OBJECT-TYPE
279 SYNTAX Integer32 (1..2147483647)
280 MAX-ACCESS not-accessible
283 "A number uniquely identifying each RADIUS
284 authentication client with which this server
286 ::= { radiusAuthClientEntry 1 }
288 radiusAuthClientAddress OBJECT-TYPE
293 "The NAS-IP-Address of the RADIUS authentication client
294 referred to in this table entry."
295 REFERENCE "RFC 2865 section 2"
296 ::= { radiusAuthClientEntry 2 }
298 radiusAuthClientID OBJECT-TYPE
299 SYNTAX SnmpAdminString
303 "The NAS-Identifier of the RADIUS authentication client
304 referred to in this table entry. This is not
305 necessarily the same as sysName in MIB II."
306 REFERENCE "RFC 2865 section 5.32"
307 ::= { radiusAuthClientEntry 3 }
312 -- Responses = AccessAccepts + AccessRejects + AccessChallenges
314 -- Requests - DupRequests - BadAuthenticators - MalformedRequests -
315 -- UnknownTypes - PacketsDropped - Responses = Pending
317 -- Requests - DupRequests - BadAuthenticators - MalformedRequests -
318 -- UnknownTypes - PacketsDropped = entries logged
320 radiusAuthServAccessRequests OBJECT-TYPE
326 "The number of packets received on the authentication
330 port from this client."
331 REFERENCE "RFC 2865 section 4.1"
332 ::= { radiusAuthClientEntry 4 }
334 radiusAuthServDupAccessRequests OBJECT-TYPE
340 "The number of duplicate RADIUS Access-Request
341 packets received from this client."
342 REFERENCE "RFC 2865 section 4.1"
343 ::= { radiusAuthClientEntry 5 }
345 radiusAuthServAccessAccepts OBJECT-TYPE
351 "The number of RADIUS Access-Accept packets
352 sent to this client."
353 REFERENCE "RFC 2865 section 4.2"
354 ::= { radiusAuthClientEntry 6 }
356 radiusAuthServAccessRejects OBJECT-TYPE
362 "The number of RADIUS Access-Reject packets
363 sent to this client."
364 REFERENCE "RFC 2865 section 4.3"
365 ::= { radiusAuthClientEntry 7 }
367 radiusAuthServAccessChallenges OBJECT-TYPE
373 "The number of RADIUS Access-Challenge packets
374 sent to this client."
375 REFERENCE "RFC 2865 section 4.4"
376 ::= { radiusAuthClientEntry 8 }
381 radiusAuthServMalformedAccessRequests OBJECT-TYPE
387 "The number of malformed RADIUS Access-Request
388 packets received from this client.
389 Bad authenticators and unknown types are not included
390 as malformed Access-Requests."
391 REFERENCE "RFC 2865 section 3"
392 ::= { radiusAuthClientEntry 9 }
394 radiusAuthServBadAuthenticators OBJECT-TYPE
400 "The number of RADIUS Authentication-Request packets
401 that contained invalid Message Authenticator
402 attributes received from this client."
403 REFERENCE "RFC 2865 section 3"
404 ::= { radiusAuthClientEntry 10 }
406 radiusAuthServPacketsDropped OBJECT-TYPE
412 "The number of incoming packets from this
413 client silently discarded for some reason other
414 than malformed, bad authenticators or
416 REFERENCE "RFC 2865 section 3"
417 ::= { radiusAuthClientEntry 11 }
419 radiusAuthServUnknownTypes OBJECT-TYPE
425 "The number of RADIUS packets of unknown type that
426 were received from this client."
427 REFERENCE "RFC 2865 section 4"
428 ::= { radiusAuthClientEntry 12 }
432 -- New MIB objects added in this revision
434 radiusAuthClientExtTable OBJECT-TYPE
435 SYNTAX SEQUENCE OF RadiusAuthClientExtEntry
436 MAX-ACCESS not-accessible
439 "The (conceptual) table listing the RADIUS
440 authentication clients with which the server shares
442 ::= { radiusAuthServ 16 }
444 radiusAuthClientExtEntry OBJECT-TYPE
445 SYNTAX RadiusAuthClientExtEntry
446 MAX-ACCESS not-accessible
449 "An entry (conceptual row) representing a RADIUS
450 authentication client with which the server shares a
452 INDEX { radiusAuthClientExtIndex }
453 ::= { radiusAuthClientExtTable 1 }
455 RadiusAuthClientExtEntry ::= SEQUENCE {
456 radiusAuthClientExtIndex Integer32,
457 radiusAuthClientInetAddressType InetAddressType,
458 radiusAuthClientInetAddress InetAddress,
459 radiusAuthClientExtID SnmpAdminString,
460 radiusAuthServExtAccessRequests Counter32,
461 radiusAuthServExtDupAccessRequests Counter32,
462 radiusAuthServExtAccessAccepts Counter32,
463 radiusAuthServExtAccessRejects Counter32,
464 radiusAuthServExtAccessChallenges Counter32,
465 radiusAuthServExtMalformedAccessRequests Counter32,
466 radiusAuthServExtBadAuthenticators Counter32,
467 radiusAuthServExtPacketsDropped Counter32,
468 radiusAuthServExtUnknownTypes Counter32,
469 radiusAuthServCounterDiscontinuity TimeTicks
472 radiusAuthClientExtIndex OBJECT-TYPE
473 SYNTAX Integer32 (1..2147483647)
474 MAX-ACCESS not-accessible
477 "A number uniquely identifying each RADIUS
478 authentication client with which this server
483 ::= { radiusAuthClientExtEntry 1 }
485 radiusAuthClientInetAddressType OBJECT-TYPE
486 SYNTAX InetAddressType
490 "The type of address format used for the
491 radiusAuthClientInetAddress object."
492 ::= { radiusAuthClientExtEntry 2 }
494 radiusAuthClientInetAddress OBJECT-TYPE
499 "The IP address of the RADIUS authentication
500 client referred to in this table entry, using
501 the version-neutral IP address format."
502 ::= { radiusAuthClientExtEntry 3 }
505 radiusAuthClientExtID OBJECT-TYPE
506 SYNTAX SnmpAdminString
510 "The NAS-Identifier of the RADIUS authentication client
511 referred to in this table entry. This is not
512 necessarily the same as sysName in MIB II."
513 REFERENCE "RFC 2865 section 5.32"
514 ::= { radiusAuthClientExtEntry 4 }
519 -- Responses = AccessAccepts + AccessRejects + AccessChallenges
521 -- Requests - DupRequests - BadAuthenticators - MalformedRequests -
522 -- UnknownTypes - PacketsDropped - Responses = Pending
524 -- Requests - DupRequests - BadAuthenticators - MalformedRequests -
525 -- UnknownTypes - PacketsDropped = entries logged
527 radiusAuthServExtAccessRequests OBJECT-TYPE
536 "The number of packets received on the authentication
537 port from this client. This counter may experience a
538 discontinuity when the RADIUS Server module within the
539 managed entity is reinitialized, as indicated by the
540 current value of radiusAuthServCounterDiscontinuity."
541 REFERENCE "RFC 2865 section 4.1"
542 ::= { radiusAuthClientExtEntry 5 }
544 radiusAuthServExtDupAccessRequests OBJECT-TYPE
550 "The number of duplicate RADIUS Access-Request
551 packets received from this client. This counter may
552 experience a discontinuity when the RADIUS Server
553 module within the managed entity is reinitialized, as
554 indicated by the current value of
555 radiusAuthServCounterDiscontinuity."
556 REFERENCE "RFC 2865 section 4.1"
557 ::= { radiusAuthClientExtEntry 6 }
559 radiusAuthServExtAccessAccepts OBJECT-TYPE
565 "The number of RADIUS Access-Accept packets
566 sent to this client. This counter may experience a
567 discontinuity when the RADIUS Server module within the
568 managed entity is reinitialized, as indicated by the
569 current value of radiusAuthServCounterDiscontinuity."
570 REFERENCE "RFC 2865 section 4.2"
571 ::= { radiusAuthClientExtEntry 7 }
573 radiusAuthServExtAccessRejects OBJECT-TYPE
579 "The number of RADIUS Access-Reject packets
580 sent to this client. This counter may experience a
581 discontinuity when the RADIUS Server module within the
585 managed entity is reinitialized, as indicated by the
586 current value of radiusAuthServCounterDiscontinuity."
587 REFERENCE "RFC 2865 section 4.3"
588 ::= { radiusAuthClientExtEntry 8 }
590 radiusAuthServExtAccessChallenges OBJECT-TYPE
596 "The number of RADIUS Access-Challenge packets
597 sent to this client. This counter may experience a
598 discontinuity when the RADIUS Server module within the
599 managed entity is reinitialized, as indicated by the
600 current value of radiusAuthServCounterDiscontinuity."
601 REFERENCE "RFC 2865 section 4.4"
602 ::= { radiusAuthClientExtEntry 9 }
604 radiusAuthServExtMalformedAccessRequests OBJECT-TYPE
610 "The number of malformed RADIUS Access-Request
611 packets received from this client. Bad authenticators
612 and unknown types are not included as malformed
613 Access-Requests. This counter may experience a
614 discontinuity when the RADIUS Server module within the
615 managed entity is reinitialized, as indicated by the
616 current value of radiusAuthServCounterDiscontinuity."
617 REFERENCE "RFC 2865 sections 3, 4.1"
618 ::= { radiusAuthClientExtEntry 10 }
620 radiusAuthServExtBadAuthenticators OBJECT-TYPE
626 "The number of RADIUS Authentication-Request packets
627 that contained invalid Message Authenticator
628 attributes received from this client. This counter
629 may experience a discontinuity when the RADIUS Server
630 module within the managed entity is reinitialized, as
631 indicated by the current value of
632 radiusAuthServCounterDiscontinuity."
636 REFERENCE "RFC 2865 section 3"
637 ::= { radiusAuthClientExtEntry 11 }
639 radiusAuthServExtPacketsDropped OBJECT-TYPE
645 "The number of incoming packets from this client
646 silently discarded for some reason other than
647 malformed, bad authenticators or unknown types.
648 This counter may experience a discontinuity when the
649 RADIUS Server module within the managed entity is
650 reinitialized, as indicated by the current value of
651 radiusAuthServCounterDiscontinuity."
652 REFERENCE "RFC 2865 section 3"
653 ::= { radiusAuthClientExtEntry 12 }
655 radiusAuthServExtUnknownTypes OBJECT-TYPE
661 "The number of RADIUS packets of unknown type that
662 were received from this client. This counter may
663 experience a discontinuity when the RADIUS Server
664 module within the managed entity is reinitialized, as
665 indicated by the current value of
666 radiusAuthServCounterDiscontinuity."
667 REFERENCE "RFC 2865 section 4"
668 ::= { radiusAuthClientExtEntry 13 }
670 radiusAuthServCounterDiscontinuity OBJECT-TYPE
676 "The number of centiseconds since the last
677 discontinuity in the RADIUS Server counters.
678 A discontinuity may be the result of a
679 reinitialization of the RADIUS Server module
680 within the managed entity."
681 ::= { radiusAuthClientExtEntry 14 }
687 -- conformance information
689 radiusAuthServMIBConformance OBJECT IDENTIFIER
690 ::= { radiusAuthServMIB 2 }
692 radiusAuthServMIBCompliances OBJECT IDENTIFIER
693 ::= { radiusAuthServMIBConformance 1 }
695 radiusAuthServMIBGroups OBJECT IDENTIFIER
696 ::= { radiusAuthServMIBConformance 2 }
698 -- compliance statements
700 radiusAuthServMIBCompliance MODULE-COMPLIANCE
703 "The compliance statement for authentication
704 servers implementing the RADIUS Authentication
705 Server MIB. Implementation of this module is for
706 IPv4-only entities, or for backwards compatibility
707 use with entities that support both IPv4 and
709 MODULE -- this module
710 MANDATORY-GROUPS { radiusAuthServMIBGroup }
712 OBJECT radiusAuthServConfigReset
713 WRITE-SYNTAX INTEGER { reset(2) }
714 DESCRIPTION "The only SETable value is 'reset' (2)."
716 ::= { radiusAuthServMIBCompliances 1 }
719 radiusAuthServMIBExtCompliance MODULE-COMPLIANCE
722 "The compliance statement for authentication
723 servers implementing the RADIUS Authentication
724 Server IPv6 Extensions MIB. Implementation of
725 this module is for entities that support IPv6,
726 or support IPv4 and IPv6."
727 MODULE -- this module
728 MANDATORY-GROUPS { radiusAuthServExtMIBGroup }
730 OBJECT radiusAuthServConfigReset
731 WRITE-SYNTAX INTEGER { reset(2) }
732 DESCRIPTION "The only SETable value is 'reset' (2)."
734 OBJECT radiusAuthClientInetAddressType
738 SYNTAX InetAddressType { ipv4(1), ipv6(2) }
740 "An implementation is only required to support
741 IPv4 and globally unique IPv6 addresses."
743 OBJECT radiusAuthClientInetAddress
744 SYNTAX InetAddress ( SIZE (4|16) )
746 "An implementation is only required to support
747 IPv4 and globally unique IPv6 addresses."
749 ::= { radiusAuthServMIBCompliances 2 }
752 -- units of conformance
754 radiusAuthServMIBGroup OBJECT-GROUP
755 OBJECTS {radiusAuthServIdent,
756 radiusAuthServUpTime,
757 radiusAuthServResetTime,
758 radiusAuthServConfigReset,
759 radiusAuthServTotalAccessRequests,
760 radiusAuthServTotalInvalidRequests,
761 radiusAuthServTotalDupAccessRequests,
762 radiusAuthServTotalAccessAccepts,
763 radiusAuthServTotalAccessRejects,
764 radiusAuthServTotalAccessChallenges,
765 radiusAuthServTotalMalformedAccessRequests,
766 radiusAuthServTotalBadAuthenticators,
767 radiusAuthServTotalPacketsDropped,
768 radiusAuthServTotalUnknownTypes,
769 radiusAuthClientAddress,
771 radiusAuthServAccessRequests,
772 radiusAuthServDupAccessRequests,
773 radiusAuthServAccessAccepts,
774 radiusAuthServAccessRejects,
775 radiusAuthServAccessChallenges,
776 radiusAuthServMalformedAccessRequests,
777 radiusAuthServBadAuthenticators,
778 radiusAuthServPacketsDropped,
779 radiusAuthServUnknownTypes
783 "The collection of objects providing management of
784 a RADIUS Authentication Server."
785 ::= { radiusAuthServMIBGroups 1 }
789 radiusAuthServExtMIBGroup OBJECT-GROUP
790 OBJECTS {radiusAuthServIdent,
791 radiusAuthServUpTime,
792 radiusAuthServResetTime,
793 radiusAuthServConfigReset,
794 radiusAuthServTotalAccessRequests,
795 radiusAuthServTotalInvalidRequests,
796 radiusAuthServTotalDupAccessRequests,
797 radiusAuthServTotalAccessAccepts,
798 radiusAuthServTotalAccessRejects,
799 radiusAuthServTotalAccessChallenges,
800 radiusAuthServTotalMalformedAccessRequests,
801 radiusAuthServTotalBadAuthenticators,
802 radiusAuthServTotalPacketsDropped,
803 radiusAuthServTotalUnknownTypes,
804 radiusAuthClientInetAddressType,
805 radiusAuthClientInetAddress,
806 radiusAuthClientExtID,
807 radiusAuthServExtAccessRequests,
808 radiusAuthServExtDupAccessRequests,
809 radiusAuthServExtAccessAccepts,
810 radiusAuthServExtAccessRejects,
811 radiusAuthServExtAccessChallenges,
812 radiusAuthServExtMalformedAccessRequests,
813 radiusAuthServExtBadAuthenticators,
814 radiusAuthServExtPacketsDropped,
815 radiusAuthServExtUnknownTypes,
816 radiusAuthServCounterDiscontinuity
820 "The collection of objects providing management of
821 a RADIUS Authentication Server."
822 ::= { radiusAuthServMIBGroups 2 }