-- This file is corresponding to Release 9.1.10.101 from 2014/08/11 00:00:00


---------------------------------------------------------------------------
-- (C)opyright 2006-2014 bintec elmeg GmbH
-- $RCSfile: mib-auth,v $
-- $Revision: 1.7 $
-- $Date: 2014-02-07 10:37:49 $
---------------------------------------------------------------------------

FEC-AUTH-MIB DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE,
    Integer32, Unsigned32, 
    mib-2, enterprises
        FROM SNMPv2-SMI
    TruthValue                              
	FROM SNMPv2-TC
    bibo
	FROM BINTEC-MIB;

---------------------------------------------------------------------------

authMIB MODULE-IDENTITY
    LAST-UPDATED "200605030000Z"
    ORGANIZATION "bintec elmeg GmbH"
    CONTACT-INFO
            "EMail:   info@bintec-elmeg.com
	     Web:     www.bintec-elmeg.com
	    "
    DESCRIPTION
            "The MIB module for authenticator administration entities.
            "
    REVISION      "200605030000Z"
    DESCRIPTION
            "EAPOL authenticator MIB." 

    ::= { bibo 51 }	-- XXX assign new OID below bibo for new subsystem only

---------------------------------------------------------------------------
-- OID groups & all tables 
---------------------------------------------------------------------------
authEapol	OBJECT IDENTIFIER
--        	authEapolPTK1Timeout			1
--        	authEapolPTK3Timeout			2
--        	authEapolGTKTimeout				3
--        	authEapolPairwiseUpdateCount	4
--        	authEapolGroupUpdateCount		5
--        	authEapolSuppTimeout		6
::= { authMIB 1 }

---------------------------------------------------------------------------

---------------------------------------------------------------------------
--  authEapolConfig
---------------------------------------------------------------------------

authEapolPTK1Timeout  OBJECT-TYPE
	SYNTAX 		Integer32 (100..30000)
	UNITS 		"milliseconds"
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"The time after which the first EAPOL-key Message in the pairwise 
		 temporal key negotiation phase (PTK1) is retransmitted if
		 there is no reply from supplicant.
		 Time can be changed in steps of 100 milliseconds."
	DEFVAL { 100 }
::= { authEapol 1 }

authEapolPTK3Timeout  OBJECT-TYPE
	SYNTAX 		Integer32 (100..30000)
	UNITS 		"milliseconds"
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"The time after which the third EAPOL-key Message in the pairwise 
		 temporal key negotiation phase (PTK3) is retransmitted if
		 there is no reply from supplicant.
		 Time can be changed in steps of 100 milliseconds."
	DEFVAL { 100 }
::= { authEapol 2 }

authEapolGTKTimeout  OBJECT-TYPE
	SYNTAX 		Integer32 (100..30000)
	UNITS 		"milliseconds"
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"The time after which the first EAPOL-key Message in the group 
		 temporal key negotiation phase (GTK) is retransmitted if
		 there is no reply from supplicant.
		 Time can be changed in steps of 100 milliseconds."
	DEFVAL { 500 }
::= { authEapol 3 }

authEapolPairwiseUpdateCount OBJECT-TYPE
		SYNTAX 		Unsigned32 (1..4294967295)
		MAX-ACCESS 	read-write
		STATUS 		current
		DESCRIPTION
			"The number of times EAPOL Message 1 and Message 3 in the 
			pairwise temporal key negotiation phase (PTK) will be 
			retried."
		DEFVAL { 3 }
::= { authEapol 4 }

authEapolGroupUpdateCount OBJECT-TYPE
		SYNTAX 		Unsigned32 (1..4294967295)
		MAX-ACCESS 	read-write
		STATUS 		current
		DESCRIPTION
			"The number of times Message 1 in the group temporal key 
			negotiation phase (GTK) will be retried."
		DEFVAL { 3 }
::= { authEapol 5 }

authEapolAuthPeriod  OBJECT-TYPE
	SYNTAX 		Integer32 (1..3600)
	UNITS 		"s"
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"The time after a disassociation/deauthentication
		 should committed by the client if there is no 
		 EAPOL Message from authenticator.
		 Time can be changed in steps of 1 seconds."
	DEFVAL { 30 }
::= { authEapol 6 }

authEapolQuietPeriod  OBJECT-TYPE
	SYNTAX 		Integer32 (1..65535)
	UNITS 		"s"
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"Period of time during which the authenticator will 
		 not attempt to acquire a supplicant.
		 Time can be changed in steps of 1 seconds.
 		 Default value is 60 seconds."
	DEFVAL { 60 }
::= { authEapol 7 }

authEapolTxPeriod  OBJECT-TYPE
	SYNTAX 		Integer32 (0..65535)
	UNITS 		"s"
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"A period used by the authenticator PAE state machine 
		 to determine when an EAPOL PDU is to be transmitted.
		 Time can be changed in steps of 1 seconds.
 		 Default value is 30 seconds."
	DEFVAL { 30 }
::= { authEapol 8 }

authEapolSuppTimeout  OBJECT-TYPE
	SYNTAX 		Integer32 (1..3600)
	UNITS 		"s"
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"A timeout used by the backend authentication state machine 
		 in order to determine timeout conditions in the exchanges 
		 between the authenticator and the supplicant.
		 Time can be changed in steps of 1 seconds.
 		 Default value is 30 seconds."
	DEFVAL { 30 }
::= { authEapol 9 }

authEapolReAuthPeriod  OBJECT-TYPE
	SYNTAX 		Integer32 
	UNITS 		"s"
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"A period used by the reauthentication timer state machine 
		 to determine when reauthentication of the supplicant takes place.
		 Time can be changed in steps of 1 seconds.
 		 Default value is 3600 seconds."
	DEFVAL { 3600 }
::= { authEapol 10 }

authEapolReAuthEnabled  OBJECT-TYPE
	SYNTAX 		TruthValue
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"The state variable reAuthEnabled controls
		 whether periodic reauthentication takes place.
 		 Default value is false."
	DEFVAL { false }
::= { authEapol 11 }

authEapolMaxReq  OBJECT-TYPE
	SYNTAX 		Integer32 (1..10)
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"The maximum number of times that the state machine will 
		 retransmit an EAP Request packet to the supplicant before 
		 it times out the authentication session.
 		 Default value is 2."
	DEFVAL { 2 }
::= { authEapol 12 }

authEapolKeyTxEnabled  OBJECT-TYPE
	SYNTAX 		TruthValue
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"The EAPOL protocol optionally supports the transmission
		 of global key information from the Authenticator to the 
		 Supplicant, following a successful authentication exchange, 
		 in circumstances in which encryption is available between 
		 the Supplicant and Authenticator systems (e.g., where 
		 encryption is used on an 802.11 association between a 
		 station and an access point). The use of this facility is 
		 controlled by the KeyTransmissionEnabled parameter. A 
		 value of TRUE allows key information to be transmitted 
		 following authorization; a value of FALSE disables the 
		 key transmission capability. In Authenticator systems 
		 that do not support this facility, the KeyTransmissionEnabled 
		 parameter is read-only and is set FALSE.

 		 Default value is false."
	DEFVAL { false }
::= { authEapol 13 }

---------------------------------------------------------------------------
END
