-- -----------------------------------------------------------------------------
-- MIB NAME : Security Common mib
-- FILE NAME: Auth.mib
-- DATE     : 2011/10/20
-- VERSION  : 2.18
-- PURPOSE	: To construct the MIB structure of security functions management
--			  for proprietary enterprise
-- -----------------------------------------------------------------------------
-- MODIFICTION HISTORY:
-- -----------------------------------------------------------------------------
-- Version, Date, Author
-- Description:
--	[New Object]
--	[Modification]
-- Notes: (Requested by who and which project)
--
-- Version 2.18, 2011/10/20, Shawn
-- [Modification]
-- 1. Add value list "macJwac(7)" in swCompoundAuthPortMethod.
--	  For support MAC+JWAC compound authentication method.
-- Request by Shawn for project DGS3120
--
-- Version 2.17, 2011/09/30, Shawn
-- [New Object]
-- Add "swRadiusVrfName" in "swRadiusCtrl" to support VRF function.
--
-- Version 2.16, 2011/09/29, Shone
-- [Modification]
-- 1. Modify description in swAuthSessionTime and swDot1xAuthSessionTime.
-- Request by Shone for project DES32XX.
--
-- Version 2.15, 2010/08/13, Shawn Chen
-- [New Object]
-- Add swAuthMACFormatCase, swAuthMACFormatDelimiter 
-- and swAuthMACFormatDelimiterNumber to support the configurable MAC address format.
-- Request by Shawn Chen for project DES35XX.
--
-- Version 2.14, 2010/07/13, Tina He
-- [New Object]
-- Add swDot1xAuthStateTable, swDot1xAuthStatsTable, swDot1xAuthDiagTable, 
-- and swDot1xAuthSessionStatsTable to support 802.1X per VLAN authentication.
-- Request by Tina He for project DES35XX.
--
-- Version 2.13, 2009/08/20, Shawn
-- [Modification]
-- 1. Rename swAuthorizationNetwork to swAuthorizationAttributes.
--	  For support different attributes assignment.
-- 2. Delete value list "vlanbased(3)" in swCompoundAuthPortAuthMode.
-- 3. Modify description in swCompoundAuthPortAuthVLANs.
--	  For support per VLAN authentication in host based mode.
-- Request by Shawn for project DES35XX.
--
-- Version 2.12, 2009/07/22, Shawn
-- [New Object]
-- 1. Add swCompoundAuthPortAuthVLANs in swCompoundAuthPortTable.
--	  For support VLAN based mode.
-- 2. Add swAuthServerFailoverState in swCompoundAuthMgmt.
--	  For support fail over enhancement function.
-- [Modification]
-- 1. Change "Multiple Authentication" to "Compound Authentication".
-- 2. Add value list "vlanbased(3)" in swCompoundAuthPortAuthMode.
--	  For support VLAN based mode.
-- 3. Align the MIB file.
-- Request by Shawn for project DES35XX
--
-- Version 2.11, 2009/06/17, cherry
--[New Object]
-- 1. Add swMacBasedPaeTable for MAC base pae.
-- 2. Add swAuthenticatorPAEState, swAuthBKdAuthState to swAuthStateEntry for
--	  display the Authenticator PAE state and the back Authentication state.
-- 3. According IEEE 802.1X, Rename "swAuthState" to "swAuthAuthControlledStatus".
--	  Modify value lists "authenticated(2)" to "authenticated(2)", "blocked(3)"
--	  to "unauthorized(3)".
-- Request by cherry for project DGS32XX.
--
-- Version 2.10, 2009/05/18, Shawn
--	[Modification]
-- 1. Add value list "macImpb(6)" in swMultiAuthPortMethod.
-- 2. Change value list terminology to "Impb" from "Imp" in swMultiAuthPortMethod.
-- Request by Shawn for project DES35XX
--
-- Version 2.09, 2009/01/21, steven
--[New Object]
-- 1. Add swAuthStateTable
--[Modification]
-- 1. Modify swMacAuthStateTable status to obsolete.
--	  For the new function design of auth state(port-base and mac-base display together).
-- Request by steven for project DGS34XX, DES35XX
--
-- Version 2.08, 2008/12/17, Shawn
--[New Object]
-- 1. Add swAuthorizationNetwork,
--	  System authorization for network
--[Modification]
-- 1. Modify value list in swMultiAuthPortMethod and swMultiAuthPortAuthMode,
--	  the beginning index should be 1.
-- 2. Add impb_wac to swMultiAuthPortMethod,
--	  WAC support Multiple Authentication.
-- 3. Modify swGuestVlanId access state into read-only.
-- Request by Shawn for project DGS34XX, DGS32XX, DES35XX
--
-- Version 2.07, 2008/11/14,  Lina
--[New Object]
-- 1. add swAuthFailOver
-- Request by Lina for project DES35XXR2
--
-- Version 2.06, 2008/08/08,  Shawn
--[New Object]
-- 1. add swMultiAuthMgmt
--	  for Multiple Authentication CLI command.
-- Request by Shawn for project DGS3200
--
-- Version 2.05, 2008/05/30,  Klevin
--[New Object]
-- 1. add swPaeAuthSysFwdPdu,swPaeAuthSysMaxUser and swPaeAuthConfigTable
--	  for new 802.1x CLI command.
-- Request by Kelvin for project DGS3700
--
-- Version 2.04, 2008/03/06,  Bonnie
--[New Object]
-- 1. add node swAuthorizationState
-- Request by Bonnie for project DHS3628R2.1
--
-- Version 2.03, 2007/11/1,  Kelvin
--[Modification]
-- 1. change status of swRadiusServerIpAddr from current to obsolete.
--[New Object]
-- 1. add node swRadiusServerAddrType and swRadiusServerAddr in
--	  swRadiusServerTable.
-- Request by Kelvin for project DGS3200
--
-- Version 2.02, 2007/06/21,  Nic
--[New Object]
-- 1. add node swRadiusServerTimeout and swRadiusServerRetransmit in
--	  swRadiusServerTable.
-- Request by Nic for project DES30XXR4.1
--
-- Version 2.01, 2007/05/10,  Jenny
--[New Object]
-- 1. add swMacBasedPaePortTable table for MAC-based initialization control
--	  or reauthentication control.
-- Request by Jenny for project DES3400
--
-- Version 2.00, 2007/03/27, Yedda
-- This is the first formal version for universal MIB definition.
-- -----------------------------------------------------------------------------


AUTH-MIB DEFINITIONS ::= BEGIN
	IMPORTS
		MODULE-IDENTITY, OBJECT-TYPE,
		Integer32, Unsigned32, Counter32,
		Counter64, TimeTicks							FROM SNMPv2-SMI
		TruthValue, RowStatus, MacAddress				FROM SNMPv2-TC
		SnmpAdminString									FROM SNMP-FRAMEWORK-MIB
		IpAddress										FROM RFC1155-SMI
		DisplayString									FROM RFC1213-MIB
		InterfaceIndex									FROM IF-MIB
		PaeControlledPortStatus, dot1xPaePortNumber		FROM IEEE8021-PAE-MIB
		dlink-common-mgmt								FROM DLINK-ID-REC-MIB
		InetAddressType, InetAddress					FROM INET-ADDRESS-MIB;


		swAuthCtrl MODULE-IDENTITY
			LAST-UPDATED "201110200000Z"
			ORGANIZATION "D-Link Corp."
			CONTACT-INFO
				"http://support.dlink.com"
			DESCRIPTION
					"The Structure of Common Management Information for the
					security functions of the devices."
					::= { dlink-common-mgmt 3 }


-- -------------------------------------------------------------
-- Textual Conventions
-- -------------------------------------------------------------

PortList ::= TEXTUAL-CONVENTION
	STATUS		current
	DESCRIPTION
		"Each octet within this value specifies a set of eight
		ports, with the first octet specifying ports 1 through
		8, the second octet specifying ports 9 through 16, etc.
		Within each octet, the most significant bit represents
		the lowest numbered port, and the least significant bit
		represents the highest numbered port. Thus, each port
		of the bridge is represented by a single bit within the
		value of this object. If that bit has a value of '1'
		then that port is included in the set of ports; the port
		is not included if its bit has a value of '0'."
	SYNTAX		OCTET STRING

VlanId ::= TEXTUAL-CONVENTION
	STATUS		current
	DESCRIPTION
		"A 12-bit VLAN ID used in the VLAN Tag header."
	SYNTAX		INTEGER (1..4094)
-- -------------------------------------------------------------
-- groups in the Auth MIB
-- -------------------------------------------------------------

	swAuthenCtrl				OBJECT IDENTIFIER ::= { swAuthCtrl 1 }
	swRadiusCtrl				OBJECT IDENTIFIER ::= { swAuthCtrl 2 }
	swRadiusAuthInfo			OBJECT IDENTIFIER ::= { swAuthCtrl 3 }
	swRadiusAccountingCtrl		OBJECT IDENTIFIER ::= { swAuthCtrl 4 }
	swRadiusAccountingInfo		OBJECT IDENTIFIER ::= { swAuthCtrl 5 }
	swMacAuthBaseStatsInfo		OBJECT IDENTIFIER ::= { swAuthCtrl 6 }
	swRadiusCommand 			OBJECT IDENTIFIER ::= { swAuthCtrl 7 }
	swAuthenticatedPortInfo 	OBJECT IDENTIFIER ::= { swAuthCtrl 8 }
	swMacBasedPaePortInfo		OBJECT IDENTIFIER ::= { swAuthCtrl 9 }
	swPaeAuthenticator			OBJECT IDENTIFIER ::= { swAuthCtrl 10 }
	swCompoundAuthMgmt			OBJECT IDENTIFIER ::= { swAuthCtrl 11 }


-- -----------------------------------------------------------------------------
-- swAuthenCtrl
-- -----------------------------------------------------------------------------
authProtocol OBJECT-TYPE
	SYNTAX INTEGER {
		authProtocolNone(1),
		authProtocolLocal(2),
		authProtocolRadius(3),
		authProtocolRadiusEap(4),
		authProtocolRadiusChap(5),
		authProtocolTacacs(6)
	}
	MAX-ACCESS read-write
	STATUS current
	DESCRIPTION
		"The authentication method used to authenticate users."
	DEFVAL { authProtocolRadiusEap }
		::= { swAuthenCtrl 1 }

swAuthMode OBJECT-TYPE
	SYNTAX	INTEGER {
		portBase(1),
		macBase(2)
	}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object indicates the authentication mode of the device."
	::= { swAuthenCtrl 2 }

swAuthorizationState OBJECT-TYPE
	SYNTAX	INTEGER {
		enabled(1),
		disabled(2)
	}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object indicates the authorization status."
	::= { swAuthenCtrl 3 }

swAuthFailOver OBJECT-TYPE
	SYNTAX	INTEGER {
		enabled(1),
		disabled(2)
	}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object indicates the fail over status."
	::= { swAuthenCtrl 4}
-- -----------------------------------------------------------------------------
-- swRadiusConfig
-- -----------------------------------------------------------------------------
swRadiusDeadTime OBJECT-TYPE
	SYNTAX	   Unsigned32
	MAX-ACCESS read-write
	STATUS current
	DESCRIPTION
		"Specifies the number of minutes when a RADIUS server
		 that is not responding to authentication requests,
		 is considered unavailable and will no longer accept
		 further requests for RADIUS authentication."
	DEFVAL { 1 }
	::= { swRadiusCtrl 1}

swRadiusTimeout  OBJECT-TYPE
	SYNTAX	   Unsigned32
	MAX-ACCESS read-write
	STATUS current
	DESCRIPTION
		"Specifies the number of seconds the NAS
		 will wait for a reply to a RADIUS request
		 before retransmitting the request."
	DEFVAL { 10 }
	::= { swRadiusCtrl 2 }

swRadiusRetransmitAttempts OBJECT-TYPE
	SYNTAX	   Unsigned32
	MAX-ACCESS read-write
	STATUS current
	DESCRIPTION
		"Specifies the number of times the NAS
		 transmits each RADIUS request to the
		 server before giving up."
	DEFVAL { 2 }
	::= { swRadiusCtrl 3 }


swRadiusServerTable OBJECT-TYPE
	SYNTAX SEQUENCE OF RadiusServerEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		" The RADIUS server table "
	::= { swRadiusCtrl 4 }

swRadiusServerEntry OBJECT-TYPE
	SYNTAX RadiusServerEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		" The entries of the RADIUS server table"
	INDEX { swRadiusServerIndex }
	::= { swRadiusServerTable 1 }

RadiusServerEntry ::=
	SEQUENCE {
		swRadiusServerIndex 		INTEGER,
		swRadiusServerIpAddr		IpAddress,
		swRadiusServerKey			OCTET STRING,
		swRadiusAuthPortNumber		Unsigned32,
		swRadiusAcctPortNumber		Unsigned32,
		swRadiusServerStatus		RowStatus,
		swRadiusServerTimeout		Unsigned32,
		swRadiusServerRetransmit	Unsigned32,
		swRadiusServerAddrType	 	InetAddressType,
		swRadiusServerAddr		 	InetAddress
	}

swRadiusServerIndex  OBJECT-TYPE
	SYNTAX INTEGER {
		swRadiusServerIndex-first(1),
		swRadiusServerIndex-second(2),
		swRadiusServerIndex-third(3)
	}
	MAX-ACCESS read-only
	STATUS current
	DESCRIPTION
		"The index of the RADIUS server"
	::= { swRadiusServerEntry 1 }


swRadiusServerIpAddr	OBJECT-TYPE
	SYNTAX IpAddress
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
			"The IP address of the RADIUS server"
	::= { swRadiusServerEntry 2 }


swRadiusServerKey OBJECT-TYPE
	SYNTAX OCTET STRING( SIZE(1..32))
	MAX-ACCESS	not-accessible
	STATUS current
	DESCRIPTION
		"The key of the RADIUS server"
	::= { swRadiusServerEntry 3 }

swRadiusAuthPortNumber OBJECT-TYPE
	SYNTAX	   Unsigned32
	MAX-ACCESS read-only
	STATUS current
	DESCRIPTION
		"The UDP destination port number used
		 for authentication requests to this
		 server."
	DEFVAL { 1812 }
	::= { swRadiusServerEntry 4 }

swRadiusAcctPortNumber OBJECT-TYPE
	SYNTAX	   Unsigned32
	MAX-ACCESS read-only
	STATUS current
	DESCRIPTION
		"The UDP destination port number used
		 for accounting requests to this
		 server"
	DEFVAL { 1813 }
	::= { swRadiusServerEntry 5 }

swRadiusServerStatus OBJECT-TYPE
	SYNTAX RowStatus
	MAX-ACCESS read-only
	STATUS current
	DESCRIPTION
		"The status of the RADIUS server"
	::= { swRadiusServerEntry 6 }
swRadiusServerTimeout  OBJECT-TYPE
	SYNTAX	   Unsigned32
	MAX-ACCESS read-only
	STATUS current
	DESCRIPTION
		"Specifies the number of seconds the NAS
		 will wait for a reply to a RADIUS request
		 before retransmitting the request."
	DEFVAL { 5 }
	::= { swRadiusServerEntry 7 }

swRadiusServerRetransmit OBJECT-TYPE
	SYNTAX	   Unsigned32
	MAX-ACCESS read-only
	STATUS current
	DESCRIPTION
		"Specifies the number of times the NAS
		 transmits RADIUS requests to the
		 server before giving up."
	DEFVAL { 2 }
	::= { swRadiusServerEntry 8 }

swRadiusServerAddrType OBJECT-TYPE
	SYNTAX		  InetAddressType
	MAX-ACCESS	  read-only
	STATUS		  current
	DESCRIPTION
		"The type of RADIUS Server address as specified by
		 object 'swRadiusServerAddr'."
	DEFVAL { ipv4 }
	::= { swRadiusServerEntry 9 }

swRadiusServerAddr OBJECT-TYPE
	SYNTAX		  InetAddress
	MAX-ACCESS	  read-only
	STATUS		  current
	DESCRIPTION
		"The address of the RADIUS Server."
	::= { swRadiusServerEntry 10 }

swRadiusVrfName OBJECT-TYPE
	    SYNTAX DisplayString(SIZE(0..12))
	    MAX-ACCESS read-write
	    STATUS current
	    DESCRIPTION
	        "This object is used to add or remove the VRF for 802.1X RADIUS"

	    ::= { swRadiusCtrl 5 }

-- -----------------------------------------------------------------------------
-- swRadiusAuth
-- -----------------------------------------------------------------------------
swRadiusAuthClientIdentifier OBJECT-TYPE
	SYNTAX	   OCTET STRING(SIZE (0..40))
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		"NAS Identifier. It was made obsolete by RFC 2618 and RFC 2620."
	::= { swRadiusAuthInfo 1 }

swRadiusAuthClientInvalidServerAddresses OBJECT-TYPE
	SYNTAX	Counter32
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		"Statistics infomation - The number of RADIUS
		 Access-Response packets received from unknown
		 addresses. It was made obsolete by RFC 2618 and RFC 2620."
	::= { swRadiusAuthInfo 2 }

swRadiusAuthServerTable OBJECT-TYPE
	SYNTAX SEQUENCE OF RadiusAuthServerEntry
			MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
			"The authenticate table for the RADIUS server."
	::= { swRadiusAuthInfo 3 }

swRadiusAuthServerEntry OBJECT-TYPE
	SYNTAX RadiusAuthServerEntry
	MAX-ACCESS not-accessible
	STATUS obsolete
	DESCRIPTION
		"A list of RADIUS authentication servers. It was made obsolete by RFC 2618 and RFC 2620."
	INDEX  { swRadiusAuthServerIndex }
	::= { swRadiusAuthServerTable 1 }

RadiusAuthServerEntry ::=
	SEQUENCE {
		swRadiusAuthServerIndex 					Integer32,
		swRadiusAuthServerAddress					IpAddress,
		swRadiusAuthClientServerPortNumber			Unsigned32,
		swRadiusAuthClientRoundTripTime 			Counter32,
		swRadiusAuthClientAccessRequests			Counter32,
		swRadiusAuthClientAccessRetransmissions 	Counter32,
		swRadiusAuthClientAccessAccepts 			Counter32,
		swRadiusAuthClientAccessRejects 			Counter32,
		swRadiusAuthClientAccessChallenges			Counter32,
		swRadiusAuthClientMalformedAccessResponses	Counter32,
		swRadiusAuthClientBadAuthenticators 		Counter32,
		swRadiusAuthClientPendingRequests			Counter32,
		swRadiusAuthClientTimeouts					Counter32,
		swRadiusAuthClientUnknownTypes				Counter32,
		swRadiusAuthClientPacketsDropped			Counter32
  }

swRadiusAuthServerIndex OBJECT-TYPE
	SYNTAX Integer32
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		"The RADIUS Server Index. It was made obsolete by RFC 2618 and RFC 2620."
	::= { swRadiusAuthServerEntry 1 }

swRadiusAuthServerAddress OBJECT-TYPE
	SYNTAX IpAddress
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		"The RADIUS authentication server address. It was made obsolete by RFC 2618 and RFC 2620."
	::= { swRadiusAuthServerEntry 2 }

swRadiusAuthClientServerPortNumber OBJECT-TYPE
	SYNTAX Unsigned32
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		"The UDP socket port numbers. It was made obsolete by RFC 2618 and RFC 2620."
	DEFVAL { 1812 }
	::= { swRadiusAuthServerEntry 3 }

swRadiusAuthClientRoundTripTime OBJECT-TYPE
	SYNTAX Counter32
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		"The round trip time counter from the RADIUS Authentication Client. It was made
		 obsolete by RFC 2618 and RFC 2620."
	::= { swRadiusAuthServerEntry 4 }

swRadiusAuthClientAccessRequests OBJECT-TYPE
	SYNTAX Counter32
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		" The number of access requests from a RADIUS Authentication Client. It
		was made obsolete by RFC 2618 and RFC 2620."
	::= { swRadiusAuthServerEntry 5 }

swRadiusAuthClientAccessRetransmissions OBJECT-TYPE
	SYNTAX Counter32
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		" The number of retransmissions sent from the RADIUS Authentication Client. It
		 was made obsolete by RFC 2618 and RFC 2620."
	::= { swRadiusAuthServerEntry 6 }

swRadiusAuthClientAccessAccepts  OBJECT-TYPE
	SYNTAX Counter32
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		"The number of authentication access attempts from the RADIUS Authentication Client.
		 It was made obsolete by RFC 2618 and RFC 2620."
	::= { swRadiusAuthServerEntry 7 }

swRadiusAuthClientAccessRejects  OBJECT-TYPE
	SYNTAX Counter32
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		"The counter stating the Client Access Authentication rejections. It was made obsolete
		 by RFC 2618 and RFC 2620."
	::= { swRadiusAuthServerEntry 8 }

swRadiusAuthClientAccessChallenges OBJECT-TYPE
	SYNTAX Counter32
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		"The counter stating the number of Access challenges from RADIUS authentication attempts.
		It was made obsolete by RFC 2618 and RFC 2620."
	::= { swRadiusAuthServerEntry 9 }

swRadiusAuthClientMalformedAccessResponses OBJECT-TYPE
	SYNTAX Counter32
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		"The counter for malformed access responses from RADIUS Authentication Clients.
		It was made obsolete by RFC 2618 and RFC 2620."
	::= { swRadiusAuthServerEntry 10 }

swRadiusAuthClientBadAuthenticators OBJECT-TYPE
	SYNTAX Counter32
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		"The counter of bad authenticators from the RADIUS Authentication Client.
		It was made obsolete by RFC 2618 and RFC 2620."
	::= { swRadiusAuthServerEntry 11 }

swRadiusAuthClientPendingRequests OBJECT-TYPE
	SYNTAX Counter32
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		"The counter of pending requests from the RADIUS Authentication Client.
		It was made obsolete by RFC 2618 and RFC 2620."
	::= { swRadiusAuthServerEntry 12 }

swRadiusAuthClientTimeouts	  OBJECT-TYPE
	SYNTAX Counter32
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		"The counter of timeouts from a RADIUS Authentication Client. It was
		made obsolete by RFC 2618 and RFC 2620."
	::= { swRadiusAuthServerEntry 13 }

swRadiusAuthClientUnknownTypes OBJECT-TYPE
	SYNTAX Counter32
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		"The counter for unknown types from a RADIUS Authentication Client. It
		was made obsolete by RFC 2618 and RFC 2620."
	::= { swRadiusAuthServerEntry 14 }

swRadiusAuthClientPacketsDropped  OBJECT-TYPE
	SYNTAX Counter32
	MAX-ACCESS read-only
	STATUS obsolete
	DESCRIPTION
		"The counter of dropped packets from a RADIUS Authentication Client.
		It was made obsolete by RFC 2618 and RFC 2620. "
	::= { swRadiusAuthServerEntry 15 }

-- -----------------------------------------------------------------------------
-- accountingConfig
-- -----------------------------------------------------------------------------
swRadiusAcctUpdateInterval OBJECT-TYPE
	SYNTAX	   Unsigned32
	MAX-ACCESS read-write
	STATUS current
	DESCRIPTION
		"Time interval after which this RADIUS record
		 should be updated and sent to an
		 accounting server."
	::= { swRadiusAccountingCtrl 1 }

swRadiusAcctSuppressNullUserName OBJECT-TYPE
	SYNTAX	TruthValue
	MAX-ACCESS read-write
	STATUS current
	DESCRIPTION
		"Indicates whether or not accounting records will be generated for users with null names."
	::= { swRadiusAccountingCtrl 2 }

swRadiusAcctServiceTable OBJECT-TYPE
	SYNTAX SEQUENCE OF AcctServiceEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"RADIUS accounting Table"
	::= { swRadiusAccountingCtrl 3 }



swRadiusAcctServiceEntry OBJECT-TYPE
	SYNTAX AcctServiceEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"The list of accounting services."
	INDEX { swRadiusAcctServiceIndex }
	::= { swRadiusAcctServiceTable 1 }

AcctServiceEntry ::=
	SEQUENCE {
		swRadiusAcctServiceIndex
			INTEGER,
		swRadiusAcctServiceMethod
			INTEGER,
		swRadiusAcctServiceMode
			INTEGER
	}

swRadiusAcctServiceIndex OBJECT-TYPE
	SYNTAX INTEGER {
		acctServiceIndex-network(1),
		acctServiceIndex-exec(2),
		acctServiceIndex-system(3)
	}
	MAX-ACCESS read-only
	STATUS current
	DESCRIPTION
		"The Accounting table index"
	::= { swRadiusAcctServiceEntry 1}

swRadiusAcctServiceMethod OBJECT-TYPE
	SYNTAX INTEGER {
		swRadiusAcctServiceMethodNone(1),
		swRadiusAcctServiceMethodRadius(2)
	}
	MAX-ACCESS read-write
	STATUS current
	DESCRIPTION
		"The accounting service method"
	DEFVAL { 2 }
	::= { swRadiusAcctServiceEntry 2 }

swRadiusAcctServiceMode OBJECT-TYPE
	SYNTAX INTEGER {
		radiusAcctServiceModeNone(1),
		radiusAcctServiceModeStartStop(2),
		radiusAcctServiceModeStopOnly(3)
	}
	MAX-ACCESS read-write
	STATUS current
	DESCRIPTION
		"The accounting service mode"
	DEFVAL { 2 }
	::= { swRadiusAcctServiceEntry 3 }

-- -----------------------------------------------------------------------------
-- swRadiusAccounting  is support in rfc2620.mib , remove from this mib file
-- -----------------------------------------------------------------------------


-- -----------------------------------------------------------------------------
-- The Mac-base Authenticator State Table
-- -----------------------------------------------------------------------------
swMacAuthStateTable OBJECT-TYPE
	SYNTAX		SEQUENCE OF SwMacAuthStateEntry
	MAX-ACCESS	not-accessible
	STATUS		obsolete
	DESCRIPTION
		"A table that contains the status objects for the
		Authenticator PAE associated with each virtual port (MAC address).
		An entry appears in this table for each virtual port that may
		authenticate access to itself."
	::= { swMacAuthBaseStatsInfo 1 }

swMacAuthStateEntry OBJECT-TYPE
	SYNTAX		SwMacAuthStateEntry
	MAX-ACCESS	not-accessible
	STATUS		obsolete
	DESCRIPTION
		"The information for an Authenticator
		PAE."
	INDEX {swPaeMacAddr ,swPaePortNumber}
	::= { swMacAuthStateTable 1 }

SwMacAuthStateEntry ::=
	SEQUENCE {
		swPaeMacAddr
			MacAddress,
		swPaePortNumber
			InterfaceIndex,
		swAuthPaeState
			INTEGER,
		swAuthBackendAuthState
			INTEGER,
		swAuthAuthControlledPortStatus
			PaeControlledPortStatus
	}

swPaeMacAddr OBJECT-TYPE
	SYNTAX		MacAddress
	MAX-ACCESS	not-accessible
	STATUS		obsolete
	DESCRIPTION
		"The address associated with this MAC address."
	::= { swMacAuthStateEntry 1 }

swPaePortNumber OBJECT-TYPE
	SYNTAX		InterfaceIndex
	MAX-ACCESS	not-accessible
	STATUS		obsolete
	DESCRIPTION
		"The PAE Port number associated with this Port."
	::= { swMacAuthStateEntry 2 }

swAuthPaeState OBJECT-TYPE
	SYNTAX		INTEGER {
		initialize(1),
		disconnected(2),
		connecting(3),
		authenticating(4),
		authenticated(5),
		aborting(6),
		held(7),
		forceAuth(8),
		forceUnauth(9)
	}
	MAX-ACCESS	read-only
	STATUS		obsolete
	DESCRIPTION
		"The current value of the Authenticator PAE state
		machine."
	::= { swMacAuthStateEntry  3 }

swAuthBackendAuthState OBJECT-TYPE
	SYNTAX		INTEGER {
		request(1),
		response(2),
		success(3),
		fail(4),
		timeout(5),
		idle(6),
		initialize(7)
	}
	MAX-ACCESS	read-only
	STATUS		obsolete
	DESCRIPTION
		"The current state of the Backend Authentication
		state machine."
	::= { swMacAuthStateEntry  4 }

swAuthAuthControlledPortStatus OBJECT-TYPE
	SYNTAX		PaeControlledPortStatus
	MAX-ACCESS	read-only
	STATUS		obsolete
	DESCRIPTION
		"The current value of the controlled Port
		status parameter for the Port."
	::= { swMacAuthStateEntry  5 }


-- -----------------------------------------------------------------------------
-- The Authenticator Statistics Table
-- -----------------------------------------------------------------------------
swMacAuthStatsTable OBJECT-TYPE
	SYNTAX		SEQUENCE OF SwMacAuthStatsEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"A table that contains the statistics objects for the
		 Authenticator PAE associated with each MAC address.
		 An entry appears in this table for each MAC address that may
		 authenticate access to itself."
	::= { swMacAuthBaseStatsInfo 2 }

swMacAuthStatsEntry OBJECT-TYPE
	SYNTAX		SwMacAuthStatsEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"The statistics information for an Authenticator PAE."
	INDEX { swPaeMacAddr  ,swPaePortNumber}
	::= { swMacAuthStatsTable 1 }

SwMacAuthStatsEntry ::=
	SEQUENCE {
		swAuthEapolFramesRx
			Counter32,
		swAuthEapolFramesTx
			Counter32,
		swAuthEapolStartFramesRx
			Counter32,
		swAuthEapolLogoffFramesRx
			Counter32,
		swAuthEapolRespIdFramesRx
			Counter32,
		swAuthEapolRespFramesRx
			Counter32,
		swAuthEapolReqIdFramesTx
			Counter32,
		swAuthEapolReqFramesTx
			Counter32,
		swAuthInvalidEapolFramesRx
			Counter32,
		swAuthEapLengthErrorFramesRx
			Counter32,
		swAuthLastEapolFrameVersion
			Unsigned32,
		swAuthLastEapolFrameSource
			MacAddress
	}



swAuthEapolFramesRx OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The number of valid EAPOL frames of any type
		that have been received by this Authenticator."
	REFERENCE
		"9.4.2, EAPOL frames received"
	::= { swMacAuthStatsEntry 1 }

swAuthEapolFramesTx OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The number of EAPOL frames of any type
		that have been transmitted by this Authenticator."
	REFERENCE
		"9.4.2, EAPOL frames transmitted"
	::= { swMacAuthStatsEntry 2 }

swAuthEapolStartFramesRx OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The number of EAPOL Start frames that have
		been received by this Authenticator."
	REFERENCE
		"9.4.2, EAPOL Start frames received"
	::= { swMacAuthStatsEntry 3 }

swAuthEapolLogoffFramesRx OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The number of EAPOL logoff frames that have
		been received by this Authenticator."
	REFERENCE
		"9.4.2, EAPOL Logoff frames received"
	::= { swMacAuthStatsEntry 4 }

swAuthEapolRespIdFramesRx OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The number of EAP Resp/Id frames that have
		been received by this Authenticator."
	REFERENCE
		"9.4.2, EAPOL Resp/Id frames received"
	::= { swMacAuthStatsEntry 5 }

swAuthEapolRespFramesRx OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The number of valid EAP Response frames,
		other than Resp/Id frames, that have been
		received by this Authenticator."
	REFERENCE
		"9.4.2, EAPOL Response frames received"
	::= { swMacAuthStatsEntry 6 }

swAuthEapolReqIdFramesTx OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The number of EAP Req/Id frames that have been
		transmitted by this Authenticator."
	REFERENCE
		"9.4.2, EAPOL Req/Id frames transmitted"
	::= { swMacAuthStatsEntry 7 }

swAuthEapolReqFramesTx OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The number of EAP Request frames,
		other than Rq/Id frames, that have been
		transmitted by this Authenticator."
	REFERENCE
		"9.4.2, EAPOL Request frames transmitted"
	::= { swMacAuthStatsEntry 8 }

swAuthInvalidEapolFramesRx OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The number of EAPOL frames that have been
		received by this Authenticator for which the
		frame type is not recognized."
	REFERENCE
		"9.4.2, Invalid EAPOL frames received"
	::= { swMacAuthStatsEntry 9 }

swAuthEapLengthErrorFramesRx OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The number of EAPOL frames that have been received
		by this Authenticator for which the Packet Body
		Length field is invalid."
	REFERENCE
		"9.4.2, EAP length error frames received"
	::= { swMacAuthStatsEntry 10 }

swAuthLastEapolFrameVersion OBJECT-TYPE
	SYNTAX		Unsigned32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The protocol version number carried in the
		most recently received EAPOL frame."
	REFERENCE
		"9.4.2, Last EAPOL frame version"
	::= { swMacAuthStatsEntry 11 }

swAuthLastEapolFrameSource OBJECT-TYPE
	SYNTAX		MacAddress
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The source MAC address carried in the
		most recently received EAPOL frame."
	REFERENCE
		"9.4.2, Last EAPOL frame source"
	::= { swMacAuthStatsEntry 12 }

-- -----------------------------------------------------------------------------
-- The Authenticator Diagnostics Table
-- -----------------------------------------------------------------------------
swMacAuthDiagTable OBJECT-TYPE
	SYNTAX		SEQUENCE OF SwMacAuthDiagEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"A table that contains the diagnostics objects for the
		 Authenticator PAE associated with each MAC address.
		 An entry appears in this table for each MAC address that may
		 authenticate access to itself."
	::= { swMacAuthBaseStatsInfo 3 }

swMacAuthDiagEntry OBJECT-TYPE
	SYNTAX		SwMacAuthDiagEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"The diagnostics information for an Authenticator PAE."
	INDEX { swPaeMacAddr ,swPaePortNumber }
	::= { swMacAuthDiagTable 1 }

SwMacAuthDiagEntry ::=
	SEQUENCE {
		swAuthEntersConnecting
			Counter32,
		swAuthEapLogoffsWhileConnecting
			Counter32,
		swAuthEntersAuthenticating
			Counter32,
		swAuthAuthSuccessWhileAuthenticating
			Counter32,
		swAuthAuthTimeoutsWhileAuthenticating
			Counter32,
		swAuthAuthFailWhileAuthenticating
			Counter32,
		swAuthAuthReauthsWhileAuthenticating
			Counter32,
		swAuthAuthEapStartsWhileAuthenticating
			Counter32,
		swAuthAuthEapLogoffWhileAuthenticating
			Counter32,
		swAuthAuthReauthsWhileAuthenticated
			Counter32,
		swAuthAuthEapStartsWhileAuthenticated
			Counter32,
		swAuthAuthEapLogoffWhileAuthenticated
			Counter32,
		swAuthBackendResponses
			Counter32,
		swAuthBackendAccessChallenges
			Counter32,
		swAuthBackendOtherRequestsToSupplicant
			Counter32,
		swAuthBackendNonNakResponsesFromSupplicant
			Counter32,
		swAuthBackendAuthSuccesses
			Counter32,
		swAuthBackendAuthFails
			Counter32
	}

swAuthEntersConnecting OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		transitions to a CONNECTING state from any other
		state."
	REFERENCE
		"9.4.2, 8.5.4.2.1"
	::= { swMacAuthDiagEntry 1 }

swAuthEapLogoffsWhileConnecting OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		transitions from CONNECTING to DISCONNECTED as a result
		of receiving an EAPOL-Logoff message."
	REFERENCE
		"9.4.2, 8.5.4.2.2"
	::= { swMacAuthDiagEntry 2 }

swAuthEntersAuthenticating OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		transitions from CONNECTING to AUTHENTICATING, as a
		result of an EAP-Response/Identity message being
		received from the Supplicant."
	REFERENCE
		"9.4.2, 8.5.4.2.3"
	::= { swMacAuthDiagEntry 3 }

swAuthAuthSuccessWhileAuthenticating OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		transitions from AUTHENTICATING to AUTHENTICATED, as a
		result of the Backend Authentication state machine,
		indicating successful authentication of the Supplicant
		(authSuccess = TRUE)."
	REFERENCE
		"9.4.2, 8.5.4.2.4"
	::= { swMacAuthDiagEntry 4 }

swAuthAuthTimeoutsWhileAuthenticating OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		transitions from AUTHENTICATING to ABORTING, as a result
		of the Backend Authentication state machine indicating
		authentication timeout (authTimeout = TRUE)."
	REFERENCE
		"9.4.2, 8.5.4.2.5"
	::= { swMacAuthDiagEntry 5 }

swAuthAuthFailWhileAuthenticating OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		transitions from AUTHENTICATING to HELD, as a result
		of the Backend Authentication state machine indicating
		authentication failure (authFail = TRUE)."
	REFERENCE
		"9.4.2, 8.5.4.2.6"
	::= { swMacAuthDiagEntry 6 }

swAuthAuthReauthsWhileAuthenticating OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		transitions from AUTHENTICATING to ABORTING, as a result
		of a reauthentication request (reAuthenticate = TRUE)."
	REFERENCE
		"9.4.2, 8.5.4.2.7"
	::= { swMacAuthDiagEntry 7 }

swAuthAuthEapStartsWhileAuthenticating OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		transitions from AUTHENTICATING to ABORTING, as a result
		of an EAPOL-Start message being received
		from the Supplicant."
	REFERENCE
		"9.4.2, 8.5.4.2.8"
	::= { swMacAuthDiagEntry 8 }

swAuthAuthEapLogoffWhileAuthenticating OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		transitions from AUTHENTICATING to ABORTING, as a result
		of an EAPOL-Logoff message being received
		from the Supplicant."
	REFERENCE
		"9.4.2, 8.5.4.2.9"
	::= { swMacAuthDiagEntry 9 }

swAuthAuthReauthsWhileAuthenticated OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		transitions from AUTHENTICATED to CONNECTING, as a
		result of a reauthentication request
		(reAuthenticate = TRUE)."
	REFERENCE
		"9.4.2, 8.5.4.2.10"
	::= { swMacAuthDiagEntry 10 }

swAuthAuthEapStartsWhileAuthenticated OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		transitions from AUTHENTICATED to CONNECTING, as a
		result of an EAPOL-Start message received from the
		Supplicant."
	REFERENCE
		"9.4.2, 8.5.4.2.11"
	::= { swMacAuthDiagEntry 11 }

swAuthAuthEapLogoffWhileAuthenticated OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		transitions from AUTHENTICATED to DISCONNECTED, as a
		result of an EAPOL-Logoff message received from
		the Supplicant."
	REFERENCE
		"9.4.2, 8.5.4.2.12"
	::= { swMacAuthDiagEntry 12 }

swAuthBackendResponses OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine sends
		an initial Access-Request packet to the Authentication
		server (i.e., executes sendRespToServer on entry to the
		RESPONSE state). Indicates that the Authenticator
		attempted communication with the Authentication Server."
	REFERENCE
		"9.4.2, 8.5.6.2.1"
	::= { swMacAuthDiagEntry 13 }

swAuthBackendAccessChallenges OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		receives an initial Access-Challenge packet from the
		Authentication server (i.e., aReq becomes TRUE,
		causing exit from the RESPONSE state). Indicates that
		the Authentication Server has communication with
		the Authenticator."
	REFERENCE
		"9.4.2, 8.5.6.2.2"
	::= { swMacAuthDiagEntry 14 }

swAuthBackendOtherRequestsToSupplicant OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		sends an EAP-Request packet (other than an Identity,
		Notification, Failure or Success message) to the
		Supplicant (i.e., executes txReq on entry to the
		REQUEST state). Indicates that the Authenticator chose
		an EAP-method."
	REFERENCE
		"9.4.2, 8.5.6.2.3"
	::= { swMacAuthDiagEntry 15 }

swAuthBackendNonNakResponsesFromSupplicant OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		receives a response from the Supplicant to an initial
		EAP-Request, and the response is something other than
		EAP-NAK (i.e., rxResp becomes TRUE, causing the state
		machine to transition from REQUEST to RESPONSE,
		and the response is not an EAP-NAK). Indicates that
		the Supplicant can respond to the Authenticator's
		chosen EAP-method."
	REFERENCE
		"9.4.2, 8.5.6.2.4"
	::= { swMacAuthDiagEntry 16 }

swAuthBackendAuthSuccesses OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		receives an EAP-Success message from the Authentication
		Server (i.e., a Success becomes TRUE, causing a
		transition from RESPONSE to SUCCESS). Indicates that
		the Supplicant has successfully authenticated to
		the Authentication Server."
	REFERENCE
		"9.4.2, 8.5.6.2.5"
	::= { swMacAuthDiagEntry 17 }

swAuthBackendAuthFails OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"Counts the number of times that the state machine
		receives an EAP-Failure message from the Authentication
		Server (i.e., a Fail becomes TRUE, causing a transition
		from RESPONSE to FAIL). Indicates that the Supplicant
		has not authenticated to the Authentication Server."
	REFERENCE
		"9.4.2, 8.5.6.2.6"
	::= { swMacAuthDiagEntry 18 }

-- -----------------------------------------------------------------------------
-- The Authenticator Session Statistics Table
-- -----------------------------------------------------------------------------
swMacAuthSessionStatsTable OBJECT-TYPE
	SYNTAX		SEQUENCE OF SwMacAuthSessionStatsEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"A table that contains the session statistics objects
		for the Authenticator PAE associated with each MAC address.
		An entry appears in this table for each MAC address that may
		authenticate access to itself."
	::= { swMacAuthBaseStatsInfo 4 }

swMacAuthSessionStatsEntry OBJECT-TYPE
	SYNTAX		SwMacAuthSessionStatsEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"The session statistics information for an Authenticator
		PAE. This shows the current values being collected for
		each session that is still in progress, or the final
		values for the last valid session on each MAC address where
		there is no session currently active."
	INDEX { swPaeMacAddr ,swPaePortNumber }
	::= { swMacAuthSessionStatsTable 1 }

SwMacAuthSessionStatsEntry ::=
	SEQUENCE {
		swAuthSessionOctetsRx
			Counter64,
		swAuthSessionOctetsTx
			Counter64,
		swAuthSessionFramesRx
			Counter32,
		swAuthSessionFramesTx
			Counter32,
		swAuthSessionId
			SnmpAdminString,
		swAuthSessionAuthenticMethod
			INTEGER,
		swAuthSessionTime
			TimeTicks,
		swAuthSessionTerminateCause
			INTEGER,
		swAuthSessionUserName
			SnmpAdminString
	}

swAuthSessionOctetsRx OBJECT-TYPE
	SYNTAX		Counter64
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The number of octets received in user data
		frames from this MAC address during the session."
	REFERENCE
		"9.4.4, Session Octets Received"
	::= { swMacAuthSessionStatsEntry 1 }

swAuthSessionOctetsTx OBJECT-TYPE
	SYNTAX		Counter64
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The number of octets transmitted in user data
		frames to this MAC address during the session."
	::= { swMacAuthSessionStatsEntry 2 }

swAuthSessionFramesRx OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The number of user data frames received
		from this MAC address during the session."
	::= { swMacAuthSessionStatsEntry 3 }

swAuthSessionFramesTx OBJECT-TYPE
	SYNTAX		Counter32
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The number of user data frames transmitted
		to this MAC address during the session."
	REFERENCE
		"9.4.4, Session Frames Transmitted"
	::= { swMacAuthSessionStatsEntry 4 }

swAuthSessionId OBJECT-TYPE
	SYNTAX		SnmpAdminString
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"A unique identifier for the session, in the
		form of a printable ASCII string of at least
		three characters."
	REFERENCE
		"9.4.4, Session Identifier"
	::= { swMacAuthSessionStatsEntry 5 }

swAuthSessionAuthenticMethod OBJECT-TYPE
	SYNTAX		INTEGER {
		remoteAuthServer(1),
		localAuthServer(2)
	}
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The authentication method used to establish the
		session."
	REFERENCE
		"9.4.4, Session Authentication Method"
	::= { swMacAuthSessionStatsEntry 6 }

swAuthSessionTime OBJECT-TYPE
	SYNTAX		TimeTicks
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The duration of the session in units of hundredth of a second."
	REFERENCE
		"9.4.4, Session Time"
	::= { swMacAuthSessionStatsEntry 7 }

swAuthSessionTerminateCause OBJECT-TYPE
	SYNTAX		INTEGER {
		supplicantLogoff(1),
		portFailure(2),
		supplicantRestart(3),
		reauthFailed(4),
		authControlForceUnauth(5),
		portReInit(6),
		portAdminDisabled(7),
		notTerminatedYet(999)
	}
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The reason for the session termination."
	REFERENCE
		"9.4.4, Session Terminate Cause"
	::= { swMacAuthSessionStatsEntry 8 }

swAuthSessionUserName OBJECT-TYPE
	SYNTAX	   SnmpAdminString
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The User-Name representing the identity of the
		Supplicant PAE."
	REFERENCE
		"9.4.4, Session User Name"
	::= { swMacAuthSessionStatsEntry 9 }
-- -----------------------------------------------------------------------------
-- The Dot1x Authenticator State Table
-- -----------------------------------------------------------------------------
swDot1xAuthStateTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF SwDot1xAuthStateEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "A table that contains the status objects for the
        Authenticator PAE associated with each host. An
        entry appears in this table for each host that may
        authenticate access to itself."
    ::= { swMacAuthBaseStatsInfo 5 }

swDot1xAuthStateEntry OBJECT-TYPE
    SYNTAX      SwDot1xAuthStateEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The information for an Authenticator PAE."
    INDEX {swDot1xAuthPortNumber ,swDot1xAuthVID ,swDot1xAuthMACAddress}
    ::= { swDot1xAuthStateTable 1 }

SwDot1xAuthStateEntry ::=
    SEQUENCE {
        swDot1xAuthPortNumber
            InterfaceIndex,
        swDot1xAuthVID
            INTEGER,
        swDot1xAuthMACAddress
            MacAddress,
         swDot1xAuthenticatorPAEState
            INTEGER,
        swDot1xAuthBackendAuthState
            INTEGER,
        swDot1xAuthAuthControlledStatus
            INTEGER,
        swDot1xAuthAssignVID
            INTEGER,
        swDot1xAuthAssignPriority
            INTEGER
        }

swDot1xAuthPortNumber OBJECT-TYPE
    SYNTAX      InterfaceIndex
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The Port number associated with this host."
    ::= { swDot1xAuthStateEntry 1 }

swDot1xAuthVID OBJECT-TYPE
    SYNTAX      INTEGER
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The Original VID associated with this host."
    ::= { swDot1xAuthStateEntry  2 }

swDot1xAuthMACAddress OBJECT-TYPE
    SYNTAX      MacAddress
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The MAC address associated with this host."
    ::= { swDot1xAuthStateEntry 3 }
    
swDot1xAuthenticatorPAEState OBJECT-TYPE
    SYNTAX      INTEGER {
                    initialize(1),
                    disconnected(2),
                    connecting(3),
                    authenticating(4),
                    authenticated(5),
                    aborting(6),
                    held(7),
                    forceAuth(8),
                    forceUnauth(9)
                }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The current value of the Authenticator PAE state
        machine."
    ::= { swDot1xAuthStateEntry  4 }

swDot1xAuthBackendAuthState OBJECT-TYPE
    SYNTAX      INTEGER {
                    request(1),
                    response(2),
                    success(3),
                    fail(4),
                    timeout(5),
                    idle(6),
                    initialize(7)
                }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The current state of the Backend Authentication
        state machine."
    ::= { swDot1xAuthStateEntry  5 }
    
swDot1xAuthAuthControlledStatus OBJECT-TYPE
    SYNTAX       INTEGER {
                    authenticating(1),
                    authorized(2),
                    unauthorized(3)
                }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The authenticate state of the host."
    ::= { swDot1xAuthStateEntry  6}

swDot1xAuthAssignVID OBJECT-TYPE
    SYNTAX      INTEGER
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The VID assigned by the RADIUS server."
    ::= { swDot1xAuthStateEntry  7 }

swDot1xAuthAssignPriority OBJECT-TYPE
    SYNTAX      INTEGER
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The priority assigned by the RADIUS server."
    ::= { swDot1xAuthStateEntry  8 }

-- -----------------------------------------------------------------------------
-- The Dot1x Authenticator Statistics Table
-- -----------------------------------------------------------------------------
swDot1xAuthStatsTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF SwDot1xAuthStatsEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "A table that contains the statistics objects for the
         Authenticator PAE associated with each host. An entry
         appears in this table for each host that may
         authenticate access to itself."
    ::= { swMacAuthBaseStatsInfo 6 }

swDot1xAuthStatsEntry OBJECT-TYPE
    SYNTAX      SwDot1xAuthStatsEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The statistics information for an Authenticator PAE."
    INDEX {swDot1xAuthPortNumber ,swDot1xAuthVID ,swDot1xAuthMACAddress}
    ::= { swDot1xAuthStatsTable 1 }

SwDot1xAuthStatsEntry ::=
    SEQUENCE {
        swDot1xAuthEapolFramesRx
            Counter32,
        swDot1xAuthEapolFramesTx
            Counter32,
        swDot1xAuthEapolStartFramesRx
            Counter32,
        swDot1xAuthEapolLogoffFramesRx
            Counter32,
        swDot1xAuthEapolRespIdFramesRx
            Counter32,
        swDot1xAuthEapolRespFramesRx
            Counter32,
        swDot1xAuthEapolReqIdFramesTx
            Counter32,
        swDot1xAuthEapolReqFramesTx
            Counter32,
        swDot1xAuthInvalidEapolFramesRx
            Counter32,
        swDot1xAuthEapLengthErrorFramesRx
            Counter32,
        swDot1xAuthLastEapolFrameVersion
            Unsigned32,
        swDot1xAuthLastEapolFrameSource
            MacAddress
        }

swDot1xAuthEapolFramesRx OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The number of valid EAPOL frames of any type
        that have been received by this Authenticator."
    REFERENCE
        "9.4.2, EAPOL frames received"
    ::= { swDot1xAuthStatsEntry 1 }

swDot1xAuthEapolFramesTx OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The number of EAPOL frames of any type
        that have been transmitted by this Authenticator."
    REFERENCE
        "9.4.2, EAPOL frames transmitted"
    ::= { swDot1xAuthStatsEntry 2 }

swDot1xAuthEapolStartFramesRx OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The number of EAPOL Start frames that have
        been received by this Authenticator."
    REFERENCE
        "9.4.2, EAPOL Start frames received"
    ::= { swDot1xAuthStatsEntry 3 }

swDot1xAuthEapolLogoffFramesRx OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The number of EAPOL Logoff frames that have
        been received by this Authenticator."
    REFERENCE
        "9.4.2, EAPOL Logoff frames received"
    ::= { swDot1xAuthStatsEntry 4 }

swDot1xAuthEapolRespIdFramesRx OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The number of EAP Resp/Id frames that have
        been received by this Authenticator."
    REFERENCE
        "9.4.2, EAPOL Resp/Id frames received"
    ::= { swDot1xAuthStatsEntry 5 }

swDot1xAuthEapolRespFramesRx OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The number of valid EAP Response frames
        (other than Resp/Id frames) that have been
        received by this Authenticator."
    REFERENCE
        "9.4.2, EAPOL Response frames received"
    ::= { swDot1xAuthStatsEntry 6 }

swDot1xAuthEapolReqIdFramesTx OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The number of EAP Req/Id frames that have been
        transmitted by this Authenticator."
    REFERENCE
        "9.4.2, EAPOL Req/Id frames transmitted"
    ::= { swDot1xAuthStatsEntry 7 }

swDot1xAuthEapolReqFramesTx OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The number of EAP Request frames
        (other than Rq/Id frames) that have been
        transmitted by this Authenticator."
    REFERENCE
        "9.4.2, EAPOL Request frames transmitted"
    ::= { swDot1xAuthStatsEntry 8 }

swDot1xAuthInvalidEapolFramesRx OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The number of EAPOL frames that have been
        received by this Authenticator for which the
        frame type is not recognized."
    REFERENCE
        "9.4.2, Invalid EAPOL frames received"
    ::= { swDot1xAuthStatsEntry 9 }

swDot1xAuthEapLengthErrorFramesRx OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The number of EAPOL frames that have been received
        by this Authenticator for which the Packet Body
        Length field is invalid."
    REFERENCE
        "9.4.2, EAP length error frames received"
    ::= { swDot1xAuthStatsEntry 10 }

swDot1xAuthLastEapolFrameVersion OBJECT-TYPE
    SYNTAX      Unsigned32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The protocol version number carried in the
        most recently received EAPOL frame."
    REFERENCE
        "9.4.2, Last EAPOL frame version"
    ::= { swDot1xAuthStatsEntry 11 }

swDot1xAuthLastEapolFrameSource OBJECT-TYPE
    SYNTAX      MacAddress
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The source MAC address carried in the
        most recently received EAPOL frame."
    REFERENCE
        "9.4.2, Last EAPOL frame source"
    ::= { swDot1xAuthStatsEntry 12 }
-- -----------------------------------------------------------------------------
-- The Dot1x Authenticator Diagnostics Table
-- -----------------------------------------------------------------------------
swDot1xAuthDiagTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF SwDot1xAuthDiagEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "A table that contains the diagnostics objects for the
         Authenticator PAE associated with each host. An entry
         appears in this table for each MAC address that may
         authenticate access to itself."

    ::= { swMacAuthBaseStatsInfo 7 }

swDot1xAuthDiagEntry OBJECT-TYPE
    SYNTAX      SwDot1xAuthDiagEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The diagnostics information for an Authenticator PAE."
    INDEX {swDot1xAuthPortNumber ,swDot1xAuthVID ,swDot1xAuthMACAddress}
    ::= { swDot1xAuthDiagTable 1 }

SwDot1xAuthDiagEntry ::=
    SEQUENCE {
        swDot1xAuthEntersConnecting
            Counter32,
        swDot1xAuthEapLogoffsWhileConnecting
            Counter32,
        swDot1xAuthEntersAuthenticating
            Counter32,
        swDot1xAuthAuthSuccessWhileAuthenticating
            Counter32,
        swDot1xAuthAuthTimeoutsWhileAuthenticating
            Counter32,
        swDot1xAuthAuthFailWhileAuthenticating
            Counter32,
        swDot1xAuthAuthReauthsWhileAuthenticating
            Counter32,
        swDot1xAuthAuthEapStartsWhileAuthenticating
            Counter32,
        swDot1xAuthAuthEapLogoffWhileAuthenticating
            Counter32,
        swDot1xAuthAuthReauthsWhileAuthenticated
            Counter32,
        swDot1xAuthAuthEapStartsWhileAuthenticated
            Counter32,
        swDot1xAuthAuthEapLogoffWhileAuthenticated
            Counter32,
        swDot1xAuthBackendResponses
            Counter32,
        swDot1xAuthBackendAccessChallenges
            Counter32,
        swDot1xAuthBackendOtherRequestsToSupplicant
            Counter32,
        swDot1xAuthBackendNonNakResponsesFromSupplicant
            Counter32,
        swDot1xAuthBackendAuthSuccesses
            Counter32,
        swDot1xAuthBackendAuthFails
            Counter32
        }

swDot1xAuthEntersConnecting OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        transitions to a CONNECTING state from any other
        state."
    REFERENCE
        "9.4.2, 8.5.4.2.1"
    ::= { swDot1xAuthDiagEntry 1 }

swDot1xAuthEapLogoffsWhileConnecting OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        transitions from CONNECTING to DISCONNECTED as a result
        of receiving an EAPOL-Logoff message."
    REFERENCE
        "9.4.2, 8.5.4.2.2"
    ::= { swDot1xAuthDiagEntry 2 }

swDot1xAuthEntersAuthenticating OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        transitions from CONNECTING to AUTHENTICATING, as a
        result of an EAP-Response/Identity message being
        received from the Supplicant."
    REFERENCE
        "9.4.2, 8.5.4.2.3"
    ::= { swDot1xAuthDiagEntry 3 }

swDot1xAuthAuthSuccessWhileAuthenticating OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        transitions from AUTHENTICATING to AUTHENTICATED, as a
        result of the Backend Authentication state machine,
        indicating successful authentication of the Supplicant
        (authSuccess = TRUE)."
    REFERENCE
        "9.4.2, 8.5.4.2.4"
    ::= { swDot1xAuthDiagEntry 4 }

swDot1xAuthAuthTimeoutsWhileAuthenticating OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        transitions from AUTHENTICATING to ABORTING, as a result
        of the Backend Authentication state machine indicating
        an authentication timeout (authTimeout = TRUE)."
    REFERENCE
        "9.4.2, 8.5.4.2.5"
    ::= { swDot1xAuthDiagEntry 5 }

swDot1xAuthAuthFailWhileAuthenticating OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        transitions from AUTHENTICATING to HELD, as a result
        of the Backend Authentication state machine indicating
        an authentication failure (authFail = TRUE)."
    REFERENCE
        "9.4.2, 8.5.4.2.6"
    ::= { swDot1xAuthDiagEntry 6 }

swDot1xAuthAuthReauthsWhileAuthenticating OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        transitions from AUTHENTICATING to ABORTING, as a result
        of a reauthentication request (reAuthenticate = TRUE)."
    REFERENCE
        "9.4.2, 8.5.4.2.7"
    ::= { swDot1xAuthDiagEntry 7 }

swDot1xAuthAuthEapStartsWhileAuthenticating OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        transitions from AUTHENTICATING to ABORTING, as a result
        of an EAPOL-Start message being received
        from the Supplicant."
    REFERENCE
        "9.4.2, 8.5.4.2.8"
    ::= { swDot1xAuthDiagEntry 8 }

swDot1xAuthAuthEapLogoffWhileAuthenticating OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        transitions from AUTHENTICATING to ABORTING, as a result
        of an EAPOL-Logoff message being received
        from the Supplicant."
    REFERENCE
        "9.4.2, 8.5.4.2.9"
    ::= { swDot1xAuthDiagEntry 9 }

swDot1xAuthAuthReauthsWhileAuthenticated OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        transitions from AUTHENTICATED to CONNECTING, as a
        result of a reauthentication request
        (reAuthenticate = TRUE)."
    REFERENCE
        "9.4.2, 8.5.4.2.10"
    ::= { swDot1xAuthDiagEntry 10 }

swDot1xAuthAuthEapStartsWhileAuthenticated OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        transitions from AUTHENTICATED to CONNECTING, as a
        result of an EAPOL-Start message being received from the
        Supplicant."
    REFERENCE
        "9.4.2, 8.5.4.2.11"
    ::= { swDot1xAuthDiagEntry 11 }

swDot1xAuthAuthEapLogoffWhileAuthenticated OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        transitions from AUTHENTICATED to DISCONNECTED, as a
        result of an EAPOL-Logoff message being received from
        the Supplicant."
    REFERENCE
        "9.4.2, 8.5.4.2.12"
    ::= { swDot1xAuthDiagEntry 12 }

swDot1xAuthBackendResponses OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine sends
        an initial Access-Request packet to the Authentication
        server (i.e., executes sendRespToServer on entry to the
        RESPONSE state). Indicates that the Authenticator
        attempted communication with the Authentication Server."
    REFERENCE
        "9.4.2, 8.5.6.2.1"
    ::= { swDot1xAuthDiagEntry 13 }

swDot1xAuthBackendAccessChallenges OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        receives an initial Access-Challenge packet from the
        Authentication server (i.e., aReq becomes TRUE,
        causing exit from the RESPONSE state). Indicates that
        the Authentication Server has communication with
        the Authenticator."
    REFERENCE
        "9.4.2, 8.5.6.2.2"
    ::= { swDot1xAuthDiagEntry 14 }

swDot1xAuthBackendOtherRequestsToSupplicant OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        sends an EAP-Request packet (other than an Identity,
        Notification, Failure or Success message) to the
        Supplicant (i.e., executes txReq on entry to the
        REQUEST state). Indicates that the Authenticator chose
        an EAP-method."
    REFERENCE
        "9.4.2, 8.5.6.2.3"
    ::= { swDot1xAuthDiagEntry 15 }

swDot1xAuthBackendNonNakResponsesFromSupplicant OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        receives a response from the Supplicant to an initial
        EAP-Request, and the response is something other than
        EAP-NAK (i.e., rxResp becomes TRUE, causing the state
        machine to transition from REQUEST to RESPONSE,
        and the response is not an EAP-NAK). Indicates that
        the Supplicant can respond to the Authenticator's
        chosen EAP-method."
    REFERENCE
        "9.4.2, 8.5.6.2.4"
    ::= { swDot1xAuthDiagEntry 16 }

swDot1xAuthBackendAuthSuccesses OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        receives an EAP-Success message from the Authentication
        Server (i.e., a Success becomes TRUE, causing a
        transition from RESPONSE to SUCCESS). Indicates that
        the Supplicant has successfully authenticated to
        the Authentication Server."
    REFERENCE
        "9.4.2, 8.5.6.2.5"
    ::= { swDot1xAuthDiagEntry 17 }

swDot1xAuthBackendAuthFails OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Counts the number of times that the state machine
        receives an EAP-Failure message from the Authentication
        Server (i.e., a Fail becomes TRUE, causing a transition
        from RESPONSE to FAIL). Indicates that the Supplicant
        has not authenticated to the Authentication Server."
    REFERENCE
        "9.4.2, 8.5.6.2.6"
    ::= { swDot1xAuthDiagEntry 18 }
    
-- -----------------------------------------------------------------------------
-- The Dot1x Authenticator Session Statistics Table
-- -----------------------------------------------------------------------------
swDot1xAuthSessionStatsTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF SwDot1xAuthSessionStatsEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "A table that contains the session statistics objects
        for the Authenticator PAE associated with each host.
        An entry appears in this table for each host that may
        authenticate access to itself."

    ::= { swMacAuthBaseStatsInfo 8 }

swDot1xAuthSessionStatsEntry OBJECT-TYPE
    SYNTAX      SwDot1xAuthSessionStatsEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "The session statistics information for an Authenticator
        PAE. This shows the current values being collected for
        each session that is still in progress, or the final
        values for the last valid session on each host where
        there is no session currently active."
    INDEX {swDot1xAuthPortNumber ,swDot1xAuthVID ,swDot1xAuthMACAddress}
    ::= { swDot1xAuthSessionStatsTable 1 }

SwDot1xAuthSessionStatsEntry ::=
    SEQUENCE {
        swDot1xAuthSessionOctetsRx
            Counter64,
        swDot1xAuthSessionOctetsTx
            Counter64,
        swDot1xAuthSessionFramesRx
            Counter32,
        swDot1xAuthSessionFramesTx
            Counter32,
        swDot1xAuthSessionId
            SnmpAdminString,
        swDot1xAuthSessionAuthenticMethod
            INTEGER,
        swDot1xAuthSessionTime
            TimeTicks,
        swDot1xAuthSessionTerminateCause
            INTEGER,
        swDot1xAuthSessionUserName
            SnmpAdminString
    }

swDot1xAuthSessionOctetsRx OBJECT-TYPE
    SYNTAX      Counter64
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The number of octets received in user data
        frames from this host during the session."
    REFERENCE
        "9.4.4, Session Octets Received"
    ::= { swDot1xAuthSessionStatsEntry 1 }

swDot1xAuthSessionOctetsTx OBJECT-TYPE
    SYNTAX      Counter64
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The number of octets transmitted in user data
        frames to this host during the session."

    ::= { swDot1xAuthSessionStatsEntry 2 }

swDot1xAuthSessionFramesRx OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The number of user data frames received
        from this host during the session."

    ::= { swDot1xAuthSessionStatsEntry 3 }

swDot1xAuthSessionFramesTx OBJECT-TYPE
    SYNTAX      Counter32
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The number of user data frames transmitted
        to this host during the session."
    REFERENCE
        "9.4.4, Session Frames Transmitted"
    ::= { swDot1xAuthSessionStatsEntry 4 }

swDot1xAuthSessionId OBJECT-TYPE
    SYNTAX      SnmpAdminString
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "A unique identifier for the session, in the
        form of a printable ASCII string of at least
        three characters."
    REFERENCE
        "9.4.4, Session Identifier"
    ::= { swDot1xAuthSessionStatsEntry 5 }

swDot1xAuthSessionAuthenticMethod OBJECT-TYPE
    SYNTAX      INTEGER {
                    remoteAuthServer(1),
                    localAuthServer(2)
                }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The authentication method used to establish the
        session."
    REFERENCE
        "9.4.4, Session Authentication Method"
    ::= { swDot1xAuthSessionStatsEntry 6 }

swDot1xAuthSessionTime OBJECT-TYPE
    SYNTAX      TimeTicks
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The duration of the session in units of hundredth of a second."
    REFERENCE
        "9.4.4, Session Time"
    ::= { swDot1xAuthSessionStatsEntry 7 }

swDot1xAuthSessionTerminateCause OBJECT-TYPE
    SYNTAX      INTEGER {
                    supplicantLogoff(1),
                    portFailure(2),
                    supplicantRestart(3),
                    reauthFailed(4),
                    authControlForceUnauth(5),
                    portReInit(6),
                    portAdminDisabled(7),
                    notTerminatedYet(999)
                    }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The reason for the session termination."
    REFERENCE
        "9.4.4, Session Terminate Cause"
    ::= { swDot1xAuthSessionStatsEntry 8 }

swDot1xAuthSessionUserName OBJECT-TYPE
    SYNTAX     SnmpAdminString
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The User-Name representing the identity of the
        Supplicant PAE."
    REFERENCE
        "9.4.4, Session User Name"
    ::= { swDot1xAuthSessionStatsEntry 9 }

-- -----------------------------------------------------------------------------
-- The swRadiusCommand
-- -----------------------------------------------------------------------------
swRadiusForceDownPortNumber OBJECT-TYPE
	 SYNTAX 	 Unsigned32
	 MAX-ACCESS  read-write
	 STATUS 	 current
	 DESCRIPTION
		 "The port number on which the RADIUS server is forced to terminate the network
		service."
	 ::= { swRadiusCommand 1}

swRadiusForceDownMacAddr	OBJECT-TYPE
	 SYNTAX 	 MacAddress
	 MAX-ACCESS  read-write
	 STATUS 	 current
	 DESCRIPTION
		 "The user's MAC address on which the RADIUS server is forced to terminate
		 the network service."
	 ::= { swRadiusCommand 2 }

-- -----------------------------------------------------------------------------
-- The Authenticator Port Table
-- -----------------------------------------------------------------------------
swAuthenticatedPortCtrlTable OBJECT-TYPE
	SYNTAX		SEQUENCE OF SwAuthenticatedPortCtrlEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"A table used to configure the port's 802.1x capability."
	::= { swAuthenticatedPortInfo 1 }

swAuthenticatedPortCtrlEntry OBJECT-TYPE
	SYNTAX		SwAuthenticatedPortCtrlEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"The Port number and authenticator control for a Port."
	INDEX { swAuthenticatedPortNumber }
	::= { swAuthenticatedPortCtrlTable 1 }

SwAuthenticatedPortCtrlEntry ::=
	SEQUENCE {
		swAuthenticatedPortNumber
			INTEGER,
		swAuthenticatedPortCapabilities
			INTEGER
	}

swAuthenticatedPortNumber OBJECT-TYPE
	SYNTAX		INTEGER
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"The Authenticated Port number associated with this Port."
	::= { swAuthenticatedPortCtrlEntry 1 }

swAuthenticatedPortCapabilities OBJECT-TYPE
	SYNTAX		INTEGER {
		none(1),
		authenticator(2)
	}
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"Indicates the PAE functionality that this Port
		supports and that it may be managed through this MIB."
	::= { swAuthenticatedPortCtrlEntry 2 }

-- -----------------------------------------------------------------------------
-- The Mac Based Pae Port Table
-- -----------------------------------------------------------------------------
swMacBasedPaePortTable OBJECT-TYPE
	SYNTAX		SEQUENCE OF SwMacBasedPaePortEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"A table of system level information for each port
		supported by the MAC-based Port Access Entity. An entry appears
		in this table for each port of this system."
	::= { swMacBasedPaePortInfo 1 }

swMacBasedPaePortEntry OBJECT-TYPE
	SYNTAX		SwMacBasedPaePortEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"The port number, protocol version and
		initialization control for a Port by MAC based mode."
	INDEX { swMacBasedPaePortNumber }
	::= { swMacBasedPaePortTable 1 }

SwMacBasedPaePortEntry ::=
	SEQUENCE {
		swMacBasedPaePortNumber
			InterfaceIndex,
		swMacBasedPaeMacAddress
			MacAddress,
		swMacBasedPaePortInitializeOrReauthStatus
			INTEGER
	}

swMacBasedPaePortNumber OBJECT-TYPE
	SYNTAX		InterfaceIndex
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"The port number associated with this Port."
	::= { swMacBasedPaePortEntry 1 }

swMacBasedPaeMacAddress    OBJECT-TYPE
	 SYNTAX 	 MacAddress
	 MAX-ACCESS  read-write
	 STATUS 	 current
	 DESCRIPTION
		 "Specifies the MAC address used to initialize the 802.1X authentication
		  state machine of some or all ports or used to reauthenticate the
		  device connected to the port."
	 ::= { swMacBasedPaePortEntry 2 }

swMacBasedPaePortInitializeOrReauthStatus OBJECT-TYPE
	SYNTAX		INTEGER {
		other(1),
		initialize(2),
		reauthenticate(3)
	}
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"This is used to execute MAC-Based Port initialization or reauthentication,
		 so it is necessary to set swMacBasedPaeMacAddress before this action can
		 be initialized.
		 Choosing 'initialize' causes the port to be initialized in MAC-based mode.
		 Choosing 'reauthenticate' causes the port to be reauthenticated in
		 MAC-based mode.
		 The attribute value reverts to 'other' once the initialization or
		 reauthentication has been done."
	::= { swMacBasedPaePortEntry 3 }

-- -----------------------------------------------------------------------------
swMacBasedPaeTable OBJECT-TYPE
	SYNTAX		SEQUENCE OF SwMacBasedPaeEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"A table used to reauthenticate or initialize a host."
	::= { swMacBasedPaePortInfo 2 }

swMacBasedPaeEntry OBJECT-TYPE
	SYNTAX		SwMacBasedPaeEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"The port number, MAC address and
		initialization or reauthentication control for a host by MAC based mode."
	INDEX { swMacBasedPaePort, swMacBasedPaeMac }
	::= { swMacBasedPaeTable 1 }

SwMacBasedPaeEntry ::=
	SEQUENCE {
		swMacBasedPaePort
			InterfaceIndex,
		swMacBasedPaeMac
			MacAddress,
		swMacBasedPaeInitOrReauthStatus
			INTEGER
	}

swMacBasedPaePort OBJECT-TYPE
	SYNTAX		InterfaceIndex
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"The port number associated with this Port."
	::= { swMacBasedPaeEntry 1 }

swMacBasedPaeMac	OBJECT-TYPE
	 SYNTAX 	 MacAddress
	 MAX-ACCESS  not-accessible
	 STATUS 	 current
	 DESCRIPTION
		 "Specifies the MAC address used to initialize the 802.1X authentication
		  state machine of the host or used to reauthenticate the
		  host on the port."
	 ::= { swMacBasedPaeEntry 2 }

swMacBasedPaeInitOrReauthStatus OBJECT-TYPE
	SYNTAX		INTEGER {
		other(1),
		initialize(2),
		reauthenticate(3)
	}
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"This is used to execute MAC-based Port initialization or reauthentication.
		 Choosing 'initialize' causes the host to be initialized in MAC-based mode.
		 Choosing 'reauthenticate' causes the host to be reauthenticated in
		 MAC-based mode.
		 The attribute value reverts to 'other' once the initialization or
		 reauthentication has been done."
	::= { swMacBasedPaeEntry 3 }

-- -----------------------------------------------------------------------------
-- swPaeAuthenticator
-- -----------------------------------------------------------------------------
swPaeAuthSysFwdPdu OBJECT-TYPE
	SYNTAX	INTEGER {
		enabled(1),
		disabled(2)
	}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object indicates the global setting to control the
		forwarding of the EAPOL PDU."
	::= { swPaeAuthenticator 1 }

swPaeAuthSysMaxUser OBJECT-TYPE
	SYNTAX	INTEGER
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object indicates the global limitation on the maximum
		number of users that can be learned via 802.1X authentication.
		The maximum entry range is (0..N), the value N means the maximum number. It is determined by the project itself.
		Value 0 means no-limit."
	::= { swPaeAuthenticator 2 }

swPaeAuthConfigTable OBJECT-TYPE
	SYNTAX SEQUENCE OF SwPaeAuthConfigEntry
		MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
		"A table that contains the configuration objects for the
		Authenticator PAE associated with each port.
		An entry appears in this table for each port that may
		authenticate access to itself."
	::= { swPaeAuthenticator 3 }

-- -----------------------------------------------------------------------------
-- The Authenticator State Table
-- -----------------------------------------------------------------------------
swAuthStateTable OBJECT-TYPE
	SYNTAX		SEQUENCE OF SwAuthStateEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"A table that contains the status objects for the
		Authenticator PAE associated with each host. An
		entry appears in this table for each host that may
		authenticate access to itself."
	::= { swPaeAuthenticator 4 }

swAuthStateEntry OBJECT-TYPE
	SYNTAX		SwAuthStateEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"The information for an Authenticator PAE."
	INDEX {swAuthPortNumber ,swAuthMacAddress}
	::= { swAuthStateTable 1 }

SwAuthStateEntry ::=
	SEQUENCE {
		swAuthPortNumber
			InterfaceIndex,
		swAuthMacAddress
			MacAddress,
		swAuthAuthControlledStatus
			INTEGER,
		swAuthAssignVid
			INTEGER,
		swAuthAssignPriority
			INTEGER,
		swAuthenticatorPAEState
			INTEGER,
		swAuthBKdAuthState
			INTEGER
	}

swAuthPortNumber OBJECT-TYPE
	SYNTAX		InterfaceIndex
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"The PAE Port number associated with this Port."
	::= { swAuthStateEntry 1 }

swAuthMacAddress OBJECT-TYPE
	SYNTAX		MacAddress
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"The address associated with this MAC address."
	::= { swAuthStateEntry 2 }

swAuthAuthControlledStatus OBJECT-TYPE
	SYNTAX		 INTEGER {
		authenticating(1),
		authorized(2),
		unauthorized(3)
	}
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The authenticate state of the host."
	::= { swAuthStateEntry	3}

 swAuthAssignVid OBJECT-TYPE
	SYNTAX		INTEGER
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The VID assigned by the RADIUS server."
	::= { swAuthStateEntry	4 }

swAuthAssignPriority OBJECT-TYPE
	SYNTAX		INTEGER
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The priority assigned by the RADIUS server."
	::= { swAuthStateEntry	5 }

swAuthenticatorPAEState OBJECT-TYPE
	SYNTAX		INTEGER {
		initialize(1),
		disconnected(2),
		connecting(3),
		authenticating(4),
		authenticated(5),
		aborting(6),
		held(7),
		forceAuth(8),
		forceUnauth(9)
	}
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The current value of the Authenticator PAE state
		machine."
	::= { swAuthStateEntry	6 }

swAuthBKdAuthState OBJECT-TYPE
	SYNTAX		INTEGER {
		request(1),
		response(2),
		success(3),
		fail(4),
		timeout(5),
		idle(6),
		initialize(7)
	}
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The current state of the Backend Authentication
		state machine."
	::= { swAuthStateEntry	7 }

-- -----------------------------------------------------------------------------
-- The Authenticator Config Entry
-- -----------------------------------------------------------------------------
swPaeAuthConfigEntry OBJECT-TYPE
	SYNTAX SwPaeAuthConfigEntry
	MAX-ACCESS not-accessible
	STATUS current
	DESCRIPTION
			"The configuration information for an Authenticator PAE."
	INDEX  { dot1xPaePortNumber }
	::= { swPaeAuthConfigTable 1 }

SwPaeAuthConfigEntry ::=
	SEQUENCE {
		swPaeAuthFwdPdu
		INTEGER,
		swPaeAuthMaxUser
		INTEGER
	}

swPaeAuthFwdPdu  OBJECT-TYPE
	SYNTAX INTEGER{
		enabled(1),
		disabled(2)
		}
	MAX-ACCESS read-write
	STATUS current
	DESCRIPTION
		"This object indicates the per port setting to control the
		forwarding of EAPOL PDU."
	::= { swPaeAuthConfigEntry 1 }

swPaeAuthMaxUser  OBJECT-TYPE
	SYNTAX INTEGER
	MAX-ACCESS read-write
	STATUS current
	DESCRIPTION
		"This object indicates the limitation on the maximum number
		of users by port.
		The max entry range is (0..N), the value N means the max number. It is determined by project itself.
		Value 0 means no-limit."
	::= { swPaeAuthConfigEntry 2 }

-- -----------------------------------------------------------------------------
-- swCompoundAuthMgmt			  OBJECT IDENTIFIER ::= { swAuthCtrl 11 }
-- -----------------------------------------------------------------------------

-- -------------------------------------------------------------
-- The Compound authentication configure
-- -------------------------------------------------------------

swCompoundAuthPortTable OBJECT-TYPE
	SYNTAX		SEQUENCE OF SwCompoundAuthPortEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"A table that contains compound authentication information for each port."
	::= { swCompoundAuthMgmt 1 }

swCompoundAuthPortEntry OBJECT-TYPE
	SYNTAX		SwCompoundAuthPortEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"The compound authentication configuration information for a port."
	INDEX { swCompoundAuthPortIndex }
	::= { swCompoundAuthPortTable 1 }

SwCompoundAuthPortEntry ::=
	SEQUENCE {
		swCompoundAuthPortIndex
			INTEGER,
		swCompoundAuthPortAuthMode
			INTEGER,
		swCompoundAuthPortMethod
			INTEGER,
		swCompoundAuthPortAuthVLANs
			DisplayString
	}

swCompoundAuthPortIndex OBJECT-TYPE
	SYNTAX		INTEGER(1..65535)
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The compound authentication port number associated with this port."
	::= { swCompoundAuthPortEntry 1 }

swCompoundAuthPortAuthMode OBJECT-TYPE
	SYNTAX	  INTEGER{
		hostbased(1),
		portbased(2)
	}
	MAX-ACCESS  read-write
	STATUS	 current
	DESCRIPTION
		"This object sets the authorization mode.
		Port-based:
		 If one of the attached hosts passes the authentication,
		 all the hosts on the same port will be granted access to the network.
		 If the user fails the authorization, this port will keep
		 trying the next authentication.
		Host-based:
		 Every user can be authenticated individually.
		 The client can start authentication on specific authentication VLAN(s)."
	DEFVAL {portbased}
	::= { swCompoundAuthPortEntry 2 }

swCompoundAuthPortMethod OBJECT-TYPE
	SYNTAX		INTEGER {
		none(1),
		any(2),
		dot1xImpb(3),
		impbJwac(4),
		impbWac(5),
		macImpb(6),
		macJwac(7)
	}
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"This object sets the method for compound authentication settings.
		None:
		  The system level setting of individual authentication still takes effect.
		  Thus suppose that the compound authentication method of a port is set to any
		  but MAC-AC is disabled, JWAC and 802.1x enabled, then the user must pass either the JWAC or 802.1x method.
		  The following is the relation of the compound authentication method
		  and the configuration of the individual authentication method.
			(1) If compound authentication methods is not set to none:
			The port's authentication method will depend on the compound authentication method.
			An individual authentication method's setting is ignored.
			(2) If compound authentication methods is set to none:
			This port is in single-auth mode. The port's authentication method
			will depend on the individual authentication method's setting.
		  Any:
			If any one of the authentication methods (802.1x, MAC-AC, WAC and JWAC) 
			passes, then pass.
		  dot1xImpb:
			Dot1x will be verified first, and then IMPB will be verified.
			Both authentication methods need to be passed to make the authentication successful.
		  impbJwac:
			IMPB will be verified first, and then JWAC will be verified.
			Both authentication methods need to be passed to make the authentication successful.
		  impbWac:
			IMPB will be verified first, and then WAC will be verified.
			Both authentication methods need to be passed to make the authentication successful.
		  macImpb:
			MAC-AC will be verified first, and then IMPB will be verified.
			Both authentication methods need to be passed to make the authentication successful.
		  macJwac:
			MAC-AC will be verified first. If client passed MAC authentication, JWAC will be verified.
			Both authentication methods need to be passed to make the authentication successful."
	DEFVAL {none}
	::= { swCompoundAuthPortEntry 3 }

swCompoundAuthPortAuthVLANs OBJECT-TYPE
	SYNTAX		DisplayString
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"This object sets the Authentication VLAN(s).

		If the authentication VLAN is not specified,
		It means to not care which VLAN the client comes from, 
		the client will be authenticated if the client's MAC (not care the VLAN) is not authenticated. 
		After the client is authenticated, the client will not be reauthenticated when received from other VLANs. 

		When the port's authorization mode is changed to port based, previously authentication VLAN(s) on this port will be cleared.

	Note:
	For the compound VLAN specification, the value should be separated by ',' or '-'.
	Such as: 1,4,7 or 1,4,7-9 ."
	::= { swCompoundAuthPortEntry 4 }

-- -------------------------------------------------------------
-- The Guest VLAN Database
-- -------------------------------------------------------------

swGuestVlanTable OBJECT-TYPE
	SYNTAX		SEQUENCE OF SwGuestVlanEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"A table containing configuration information for
		guest VLANs configured into the device by local or
		network management. All entries are permanent and will
		be restored after the device reset."
	::= { swCompoundAuthMgmt 2 }

swGuestVlanEntry OBJECT-TYPE
	SYNTAX		SwGuestVlanEntry
	MAX-ACCESS	not-accessible
	STATUS		current
	DESCRIPTION
		"Information for a guest VLAN configured into the
		device by local or network management."
	INDEX	{ swGuestVlanId }
	::= { swGuestVlanTable 1 }

SwGuestVlanEntry ::=
	SEQUENCE {
		swGuestVlanId
			VlanId,
		swGuestVlanPorts
			PortList,
		swGuestVlanRowStatus
			RowStatus
	}

swGuestVlanId OBJECT-TYPE
	SYNTAX		VlanId
	MAX-ACCESS	read-only
	STATUS		current
	DESCRIPTION
		"The VLAN ID referring to this guest VLAN."
	::= { swGuestVlanEntry 1 }

swGuestVlanPorts OBJECT-TYPE
	SYNTAX		PortList
	MAX-ACCESS	read-write
	STATUS		current
	DESCRIPTION
		"The set of ports which are permanently assigned to the
		guest VLAN member for this guest VLAN by management.
		Note:
		For on-going projects which need to support old-style commands as well,
		the rules for guest VLAN setting are:
		  (1) Compound authentication mode is not none: You need to specify the guest VLAN by this command
		  or individual authentication method's guest VLAN setting will be ignored.
		  (2) Compound authentication mode is none: This port is in single authentication mode.
		  Individual authentications use their guest VLAN settings configured
		  by their individual guest VLAN commands. The setting of config guest_vlan will be ignored"
	::= { swGuestVlanEntry 2 }

swGuestVlanRowStatus OBJECT-TYPE
		SYNTAX		RowStatus
		MAX-ACCESS	read-create
		STATUS		current
		DESCRIPTION
			"This object indicates the status of this entry."
		::= { swGuestVlanEntry 3 }

-- -------------------------------------------------------------
-- System Authorization Attributes
-- -------------------------------------------------------------

swAuthorizationAttributes OBJECT-TYPE
	SYNTAX	INTEGER {
		enabled(1),
		disabled(2)
	}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object indicates the authorization status.
			When the authorization for attributes is enabled,
			whether the authorized attributes (for example VLAN, 802.1p default priority, and ACL) 
			assigned by the RADIUS server or local database will be accepted or not
			will depend on the individual module setting. "
	::= { swCompoundAuthMgmt 3 }

-- -------------------------------------------------------------
-- Authentication Server Failover
-- -------------------------------------------------------------

swAuthServerFailoverState OBJECT-TYPE
	SYNTAX	INTEGER {
		block(1),
		local(2),
		permit(3)
	}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object indicates the authentication server failover state.
			block: Block the client.
			local: Use the local DB to authenticate the client.
			permit: The client is always regarded as authenticated."
	DEFVAL {block}
	::= { swCompoundAuthMgmt 4 }

-- -------------------------------------------------------------
-- Authentication MAC format
-- -------------------------------------------------------------

swAuthMACFormatCase OBJECT-TYPE
	SYNTAX	INTEGER {
		uppercase(1),
		lowercase(2)
	}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object indicates the case format of the authentication MAC address for RADIUS authentication.
		
		uppercase: Using uppercase format, the formatted is: AA-BB-CC-DD-EE-FF.
		lowercase: Using lowercase format, the formatted is: aa-bb-cc-dd-ee-ff."
	DEFVAL {uppercase}
	::= { swCompoundAuthMgmt 5 }

swAuthMACFormatDelimiter OBJECT-TYPE
	SYNTAX	INTEGER {
		none(1),
		hyphen(2),
		colon(3),
		dot(4)
	}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object indicates the delimiter format of authentication MAC address for RADIUS authentication.
		
		none: Not using any delimiter, the format is: AABBCCDDEEFF
		hyphen: Using '-' as delimiter, the format is: AA-BB-CC-DD-EE-FF
		colon: Using ':' as delimiter, the format is: AA:BB:CC:DD:EE:FF
		dot: Using '.' as delimiter, the format is: AA.BB.CC.DD.EE.FF"
	DEFVAL {none}
	::= { swCompoundAuthMgmt 6 }

swAuthMACFormatDelimiterNumber OBJECT-TYPE
	SYNTAX	INTEGER {
		delimiter-number-1(1),
		delimiter-number-2(2),
		delimiter-number-5(3)
	}
	MAX-ACCESS	read-write
	STATUS	current
	DESCRIPTION
		"This object indicates the delimiter number of authentication MAC address for RADIUS authentication.
		
		delimiter-number-1: single delimiter, the format is: AABBCC.DDEEFF
		delimiter-number-2: double delimiter, the format is: AABB.CCDD.EEFF
		delimiter-number-5: multiple delimiter, the format is: AA.BB.CC.DD.EE.FF
		Note: while swAuthMACFormatDelimiter is none(1), the delimiter number will not take effect."
	::= { swCompoundAuthMgmt 7 }

END
