-- *****************************************************************
-- MY-AAA-MIB.mib:  My AAA MIB file
--
-- $Copyright$
-- 
-- *****************************************************************
--

DES7200-AAA-MIB DEFINITIONS ::= BEGIN

IMPORTS
        MODULE-IDENTITY,
        OBJECT-TYPE,
        NOTIFICATION-TYPE,
        Integer32,
        Counter32,
        Unsigned32,
        IpAddress
                FROM SNMPv2-SMI
        InetAddressType, 
        InetAddress
                FROM INET-ADDRESS-MIB
        Counter
                FROM RFC1155-SMI
        VlanId
                FROM Q-BRIDGE-MIB
        TruthValue,
        DisplayString,
        RowStatus,
        MacAddress
                FROM SNMPv2-TC
        MODULE-COMPLIANCE,
        OBJECT-GROUP,
        NOTIFICATION-GROUP
                FROM SNMPv2-CONF
        ConfigStatus,
        IfIndex
                FROM DES7200-TC
        EnabledStatus 
                FROM P-BRIDGE-MIB
        myMgmt
                FROM DES7200-SMI;

myAAAMIB MODULE-IDENTITY
        LAST-UPDATED "200203200000Z"
        ORGANIZATION "D-Link Crop."
        CONTACT-INFO
                " 
                http://support.dlink.com"
        DESCRIPTION
                "This module defines my AAA(802.1x) mibs."
        REVISION      "200203200000Z"
        DESCRIPTION
                "Initial version of this MIB module."
        ::= { myMgmt 19}

myAAAMIBObjects OBJECT IDENTIFIER ::= { myAAAMIB 1 }

myDot1xAuthObjects OBJECT IDENTIFIER ::= { myAAAMIBObjects 1 }
myAAAServerObjects OBJECT IDENTIFIER ::=    { myAAAMIBObjects 2 }
myAuthUserObjects OBJECT IDENTIFIER ::=  { myAAAMIBObjects 3 }
myAuthModeObjects OBJECT IDENTIFIER ::=  { myAAAMIBObjects 4 }
myClientProbeObjects OBJECT IDENTIFIER ::=  { myAAAMIBObjects 5 }

--     
-- myDot1xAuth Groupfor 802.1x global settings.
--
myDot1xAuthStatus OBJECT-TYPE
        SYNTAX EnabledStatus
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The enable(1)/disable(2) control used by the  
            802.1x global settings."
        DEFVAL { disabled }
        ::= { myDot1xAuthObjects 1 }

myDot1xAuthObjectsQuietPeriod OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The value, in seconds, of the quietPeriod constant
             currently in use by the Authenticator PAE state
             machine."
        DEFVAL { 60 }
        ::= { myDot1xAuthObjects 2 } 

myDot1xAuthObjectsTxPeriod OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The value, in seconds, of the txPeriod constant
             currently in use by the Authenticator PAE state
             machine."
        DEFVAL { 30 }
        ::= { myDot1xAuthObjects 3 } 

myDot1xAuthObjectsSuppTimeout OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The value, in seconds, of the suppTimeout constant
             currently in use by the Backend Authentication state
             machine."
        DEFVAL { 30 }
        ::= { myDot1xAuthObjects 4 } 

myDot1xAuthObjectsServerTimeout OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
        "The value, in seconds, of the serverTimeout constant
         currently in use by the Backend Authentication state
         machine."
        DEFVAL { 30 }
    ::= { myDot1xAuthObjects 5 }

myDot1xAuthObjectsMaxReq OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The value of the maxReq constant currently in use by
             the Backend Authentication state machine."
        DEFVAL { 2 }
        ::= { myDot1xAuthObjects 6 } 

myDot1xAuthObjectsReAuthPeriod OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The value, in seconds, of the reAuthPeriod constant
             currently in use by the Reauthentication Timer state
             machine."
        DEFVAL { 3600 }
        ::= { myDot1xAuthObjects 7 } 

myDot1xAuthObjectsMaxReauth OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The value of the reAuthMax constant currently in use by
             the Authenticator PAE state machine."
        DEFVAL { 2 }
        ::= { myDot1xAuthObjects 8 } 
        
myDot1xAuthObjectsReAuthEnable OBJECT-TYPE
        SYNTAX EnabledStatus
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The enable(1)/disable(2) control used by the Reauthentication
             Timer state machine."
        DEFVAL { 2 }
        ::= { myDot1xAuthObjects 9 } 
        
myDot1xAuthObjectsConfigTable OBJECT-TYPE
         SYNTAX SEQUENCE OF MyDot1xAuthConfigEntry
         MAX-ACCESS not-accessible
         STATUS current
         DESCRIPTION
           "A table that contains the configuration objects for the
              Authenticator PAE associated with each MAC address.
              An entry appears in this table for each MAC address that 
              may authenticate access to itself."
          ::= { myDot1xAuthObjects 10 }
        
myDot1xAuthObjectsConfigEntry OBJECT-TYPE
        SYNTAX MyDot1xAuthConfigEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
         "The configuration information for an Authenticator
              PAE."
       INDEX { myDot1xAuthObjectsConfigFdbId,myDot1xAuthObjectsConfigAddr }
       ::= { myDot1xAuthObjectsConfigTable 1 }

MyDot1xAuthConfigEntry ::=
        SEQUENCE {
        myDot1xAuthObjectsConfigFdbId
                 Unsigned32,
        myDot1xAuthObjectsConfigAddr
                 MacAddress,
         myDot1xAuthObjectsPaeState
                 INTEGER,
         myDot1xAuthObjectsBackendAuthState
                 INTEGER,
         myDot1xAuthObjectsAuthControlledPortStatus
                 INTEGER,
        myDot1xAuthObjectsKeyTxEnabled
                 TruthValue,        
  myDot1xAuthObjectsIfIndex
     IfIndex
         }
myDot1xAuthObjectsConfigFdbId OBJECT-TYPE
        SYNTAX       Unsigned32
        MAX-ACCESS   read-only
        STATUS       current
        DESCRIPTION
            "The VID of vlan which the address blongs to."
    ::= { myDot1xAuthObjectsConfigEntry 1 }
    
myDot1xAuthObjectsConfigAddr OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The MAC address associated with this configurations."
        ::= { myDot1xAuthObjectsConfigEntry 2 }

myDot1xAuthObjectsPaeState OBJECT-TYPE
        SYNTAX INTEGER {
               initialize(1),
               disconnected(2),
               connecting(3),
               authenticating(4),
               authenticated(5),
               aborting(6),
               held(7),
               forceAuth(8),
               forceUnauth(9)
               }
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The current value of the Authenticator PAE state
             machine."
        ::= { myDot1xAuthObjectsConfigEntry 3 }

myDot1xAuthObjectsBackendAuthState OBJECT-TYPE
        SYNTAX INTEGER {
               request(1),
               response(2),
               success(3),
               fail(4),
               timeout(5),
               idle(6),
               initialize(7)
               }
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The current state of the Backend Authentication
             state machine."
        ::= { myDot1xAuthObjectsConfigEntry 4 }

myDot1xAuthObjectsAuthControlledPortStatus OBJECT-TYPE
        SYNTAX INTEGER {
               authorized(1),
               unauthorized(2)
               }
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The current value of the controlled Port
             status parameter for the Port."
        ::= { myDot1xAuthObjectsConfigEntry 5 }

myDot1xAuthObjectsKeyTxEnabled OBJECT-TYPE
        SYNTAX TruthValue
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The value of the keyTransmissionEnabled constant
             currently in use by the Authenticator PAE state
             machine."
        ::= { myDot1xAuthObjectsConfigEntry 6 }
                
myDot1xAuthObjectsIfIndex OBJECT-TYPE
        SYNTAX IfIndex
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The interface index associated with this configurations"
        ::= { myDot1xAuthObjectsConfigEntry 7 }
        
                
myDot1xAuthObjectsStatsTable OBJECT-TYPE
        SYNTAX SEQUENCE OF MyDot1xAuthStatsEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "A table that contains the statistics objects for the
             Authenticator PAE associated with each MAC address.
             An entry appears in this table for each MAC address 
             that may authenticate access to itself."
        ::= { myDot1xAuthObjects 11 }

myDot1xAuthStatsEntry OBJECT-TYPE
        SYNTAX MyDot1xAuthStatsEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "The statistics information for an Authenticator PAE."
        INDEX { myDot1xAuthObjectsStatsFdbId,myDot1xAuthObjectsStatsAddr }
        ::= { myDot1xAuthObjectsStatsTable 1 }

MyDot1xAuthStatsEntry ::=
        SEQUENCE {
        myDot1xAuthObjectsStatsFdbId
                Unsigned32,
        myDot1xAuthObjectsStatsAddr
                MacAddress,
        myDot1xAuthObjectsEapolFramesRx
                Counter32,
        myDot1xAuthObjectsEapolFramesTx
                Counter32,
        myDot1xAuthObjectsEapolMyFramesRx
                Counter32,
        myDot1xAuthObjectsEapolLogoffFramesRx
                Counter32,
        myDot1xAuthObjectsEapolRespIdFramesRx
                Counter32,
        myDot1xAuthObjectsEapolRespFramesRx
                Counter32,
        myDot1xAuthObjectsEapolReqIdFramesTx
                Counter32,
        myDot1xAuthObjectsEapolReqFramesTx
                Counter32,
        myDot1xAuthObjectsInvalidEapolFramesRx
                Counter32,
        myDot1xAuthObjectsEapLengthErrorFramesRx
                Counter32,
        myDot1xAuthObjectsLastEapolFrameVersion
                Unsigned32,
        myDot1xAuthObjectsLastEapolFrameSource
                MacAddress
            }
myDot1xAuthObjectsStatsFdbId OBJECT-TYPE
        SYNTAX       Unsigned32
        MAX-ACCESS   read-only
        STATUS       current
        DESCRIPTION
            "The VID of vlan which the address blongs to."
        ::= { myDot1xAuthStatsEntry 1 }

myDot1xAuthObjectsStatsAddr OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The MAC address associated with this states."
        ::= { myDot1xAuthStatsEntry 2 }

myDot1xAuthObjectsEapolFramesRx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of valid EAPOL frames of any type
             that have been received by this Authenticator."
        ::= { myDot1xAuthStatsEntry 3 }

myDot1xAuthObjectsEapolFramesTx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of EAPOL frames of any type
             that have been transmitted by this Authenticator."
        ::= { myDot1xAuthStatsEntry 4 }

myDot1xAuthObjectsEapolMyFramesRx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of EAPOL My frames that have
             been received by this Authenticator."
        ::= { myDot1xAuthStatsEntry 5 }

myDot1xAuthObjectsEapolLogoffFramesRx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of EAPOL Logoff frames that have
             been received by this Authenticator."
        ::= { myDot1xAuthStatsEntry 6 }

myDot1xAuthObjectsEapolRespIdFramesRx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of EAP Resp/Id frames that have
             been received by this Authenticator."
        ::= { myDot1xAuthStatsEntry 7 }

myDot1xAuthObjectsEapolRespFramesRx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of valid EAP Response frames
             (other than Resp/Id frames) that have been
             received by this Authenticator."
        ::= { myDot1xAuthStatsEntry 8 }

myDot1xAuthObjectsEapolReqIdFramesTx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
        "The number of EAP Req/Id frames that have been
        transmitted by this Authenticator."
    ::= { myDot1xAuthStatsEntry 9 }

myDot1xAuthObjectsEapolReqFramesTx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
        "The number of EAP Request frames
         (other than Rq/Id frames) that have been
         transmitted by this Authenticator."
    ::= { myDot1xAuthStatsEntry 10 }

myDot1xAuthObjectsInvalidEapolFramesRx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
        "The number of EAPOL frames that have been
         received by this Authenticator in which the
         frame type is not recognized."
    ::= { myDot1xAuthStatsEntry 11 }

myDot1xAuthObjectsEapLengthErrorFramesRx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
        "The number of EAPOL frames that have been received
         by this Authenticator in which the Packet Body
        Length field is invalid."
    ::= { myDot1xAuthStatsEntry 12 }

myDot1xAuthObjectsLastEapolFrameVersion OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
        "The protocol version number carried in the
         most recently received EAPOL frame."
    ::= { myDot1xAuthStatsEntry 13 }

myDot1xAuthObjectsLastEapolFrameSource OBJECT-TYPE
        SYNTAX MacAddress
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
        "The source MAC address carried in the
         most recently received EAPOL frame."
    ::= { myDot1xAuthStatsEntry 14 }
    
myDot1xCurrentUserNumber OBJECT-TYPE
        SYNTAX Counter
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION 
             "Numbers of users who attached to the system ,regardless of their state."
        ::= { myDot1xAuthObjects 12 }      

myDot1xCurrentAuthenticatedUserNumber OBJECT-TYPE
        SYNTAX Counter
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION 
                "Numbers of user who attached to the system and their current state is
                 authorized"
        ::= { myDot1xAuthObjects 13 }           

myDot1xAccountStatus OBJECT-TYPE
        SYNTAX EnabledStatus
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The enable(1)/disable(2) control used by the  
             accounting function."
        DEFVAL { 2 }
        ::= { myDot1xAuthObjects 14 }

myAuthIfTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF MyAuthIfEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The table of the authenticated status of interface."
        ::= { myDot1xAuthObjects 15 }

myAuthIfEntry OBJECT-TYPE
        SYNTAX  MyAuthIfEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The entry of MAC address which can be authenticated."
        INDEX   { myAuthIf}
        ::= { myAuthIfTable 1 }

MyAuthIfEntry ::=
        SEQUENCE {
        myAuthIf
                IfIndex,           
        myAuthIfStatus
                EnabledStatus
        }
myAuthIf OBJECT-TYPE
        SYNTAX  IfIndex
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The port number of the port/trunk to which frames received from a
              specific port/trunk and destined for a specific MAC address."
        ::= { myAuthIfEntry 1 }

myAuthIfStatus OBJECT-TYPE
        SYNTAX EnabledStatus
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "The authentication status of a port, can be opened by setting its
            value to Enabled(1), or closed by setting its value to Disabled(2)."
        DEFVAL { 2 }
        ::= { myAuthIfEntry 2 }

myAuthenticationMode OBJECT-TYPE
        SYNTAX  INTEGER {
                eap-md5(1),       
                chap(2)
                }
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "Mode used for authentication"
        ::= { myDot1xAuthObjects 16 }        

myDot1xAccountUpdateStatus OBJECT-TYPE
        SYNTAX  EnabledStatus
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "Account Update Status"
        ::= { myDot1xAuthObjects 17 }  

myDot1xAcctInterimInterval OBJECT-TYPE
        SYNTAX  Unsigned32 (60..65535)
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "Account Interim Interval"
        ::= { myDot1xAuthObjects 18 }               
       
myDot1xEapolTagEnabled OBJECT-TYPE
        SYNTAX  EnabledStatus
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "Eapol Tag Enabled"
        ::= { myDot1xAuthObjects 19 }            

myDot1xIfUserMaxTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF MyDot1xIfUserMaxEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The table of the max dot1x user number on authenticated interface."
        ::= { myDot1xAuthObjects 20 }

myDot1xIfUserMaxEntry OBJECT-TYPE
        SYNTAX  MyDot1xIfUserMaxEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The entry of max dot1x user number on authenticated interface."
        INDEX   { myDot1xIfUserMaxIndex}
        ::= { myDot1xIfUserMaxTable 1 }

MyDot1xIfUserMaxEntry ::=
        SEQUENCE {
        myDot1xIfUserMaxIndex
                IfIndex,           
        myDot1xIfUserMaxNum
                Unsigned32
        }
myDot1xIfUserMaxIndex OBJECT-TYPE
        SYNTAX  IfIndex
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The interface index which dot1x authentication is enabled."
        ::= { myDot1xIfUserMaxEntry 1 }

myDot1xIfUserMaxNum OBJECT-TYPE
        SYNTAX Unsigned32 (1..4000)
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "The max dot1x user num on the interface, this is valid only 
            when dot1x authentication is enable on that interface.
            Number 0 indicates no user number limits enabled on the interface."
        ::= { myDot1xIfUserMaxEntry 2 }



--     
-- myAAAServer Group.
--
        
--      ::= { myAAAServerObjects 1 }     this OID is obsolete

myAAAServerAuthPort OBJECT-TYPE
        SYNTAX      INTEGER (0..65535)
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION 
            "UDP port used for authentication in the global 
            configuration.
            For RADIUS only, default value is 1812."
        DEFVAL	{ 1812 }
        ::= { myAAAServerObjects 2 }

myAAAServerAcctPort OBJECT-TYPE
        SYNTAX      INTEGER (0..65535)
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION 
            "UDP port used for accounting service in the global
            configuration.
            For RADIUS only, default value is 1813."
        DEFVAL	{ 1813 }
        ::= { myAAAServerObjects 3 } 

myAAAServerRadiusKeyStr OBJECT-TYPE
        SYNTAX      DisplayString (SIZE (0..255))
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "The server key to be used with all RADIUS server.
            Retrieving the  value of this object via SNMP will
            return an empty string  for security reasons."
        DEFVAL { "" }
        ::= { myAAAServerObjects 4 }        

--      ::= { myAAAServerObjects 5 }     this OID is obsolete

--      ::= { myAAAServerObjects 6 }     this OID is obsolete

--      ::= { myAAAServerObjects 7 }     this OID is obsolete

myAAAServerTacplusKeyStr OBJECT-TYPE
        SYNTAX      DisplayString (SIZE (0..255))
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "The server key to be used with all TACACS+ server.
            Retrieving the  value of this object via SNMP will return 
            an empty string  for security reasons."
        DEFVAL { "" }
        ::= { myAAAServerObjects 8 }

--     
-- myAAAServerConfigTable
--        
myAAAServerConfigTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF MyAAAServerConfigEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This table shows current configurations for each
            AAA server, allows existing servers to be removed
            and new ones to be created."
        ::= { myAAAServerObjects 9 }

myAAAServerConfigEntry OBJECT-TYPE
        SYNTAX      MyAAAServerConfigEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "The table of AAA server configuration identified by its 
            protocol and its index."
        INDEX { myAAAServerConfigProtocol,
                myAAAServerConfigIndex }
        ::= { myAAAServerConfigTable 1}

MyAAAServerConfigEntry ::=
        SEQUENCE {
            myAAAServerConfigProtocol        INTEGER,
            myAAAServerConfigIndex           Unsigned32,
            myAAAServerConfigAddressType     InetAddressType,
            myAAAServerConfigAddress         InetAddress,
            myAAAServerConfigAuthPort        INTEGER,
            myAAAServerConfigAcctPort        INTEGER,
            myAAAServerConfigKeyStr          DisplayString,
            myAAAServerConfigRowStatus       RowStatus
        }

myAAAServerConfigProtocol OBJECT-TYPE
        SYNTAX      INTEGER {
                    radius(1),   -- RADIUS
                    tacplus(2)   -- TACACS+
                    }
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "The variable denotes the protocol used by the managed 
            device with the AAA server corresponding to this entry
            in the table."
       ::= { myAAAServerConfigEntry 1 }

myAAAServerConfigIndex OBJECT-TYPE
       SYNTAX       Unsigned32 (1..4294967295)
       MAX-ACCESS   not-accessible
       STATUS       current
       DESCRIPTION
           "A number uniquely identifying each server. 
           If the myAAAServerConfigIndex value for row creation is 
           already in use by an existing entry, snmp set to the
           myAAAServerConfigIndex value will fail.
           Upon reload, casIndex values may be changed."
       ::= { myAAAServerConfigEntry 2 }

myAAAServerConfigAddressType OBJECT-TYPE 
       SYNTAX       InetAddressType 
       MAX-ACCESS   read-create 
       STATUS       current 
       DESCRIPTION 
           "The type of address format used for the 
           myAAAServerConfigAddress object." 
       ::= { myAAAServerConfigEntry 3 } 

myAAAServerConfigAddress OBJECT-TYPE 
       SYNTAX       InetAddress 
       MAX-ACCESS   read-create 
       STATUS       current 
       DESCRIPTION 
             "The IP address of the server." 
       ::= { myAAAServerConfigEntry 4 } 

myAAAServerConfigAuthPort OBJECT-TYPE
       SYNTAX      INTEGER (0..65535)
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION
             "UDP/TCP port used for authentication in the server.
             For RADIUS, default value is 1812.
             For TACACS+, default value is 49."
       ::= { myAAAServerConfigEntry 5 }

myAAAServerConfigAcctPort OBJECT-TYPE
       SYNTAX       INTEGER (0..65535)
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
             "UDP/TCP port used for accounting service in the server.
             For RADIUS, default value is 1813.
             For TACACS+, the value of myAAAServerConfigAcctPort is
             ignored, myAAAServerConfigAuthPort will be used instead."
       ::= { myAAAServerConfigEntry 6 }

myAAAServerConfigKeyStr OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (0..255))
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The server key to be used with this server.
           Retrieving the value of this object via SNMP will return an
           empty string for security reasons."
       DEFVAL { "" }
       ::= { myAAAServerConfigEntry 7 }

myAAAServerConfigRowStatus OBJECT-TYPE
       SYNTAX       RowStatus
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The status of this table entry.  Once the entry status is
           set to active, the associated entry cannot be modified except
           destroyed by setting this object to destroy(6)."
       ::= { myAAAServerConfigEntry 8 }
        
--     
-- myAuthAddress Group.
--        
myAuthAddrTable OBJECT-TYPE
  SYNTAX  SEQUENCE OF MyAuthAddrEntry
  MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The table of MAC address which can be authenticated."
        ::= { myAuthUserObjects 1 }

myAuthAddrEntry OBJECT-TYPE
        SYNTAX  MyAuthAddrEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The entry of MAC address which can be authenticated."
        INDEX   { myAuthPort,myAuthMacAddress}
        ::= { myAuthAddrTable 1 }

MyAuthAddrEntry ::=
        SEQUENCE {
        myAuthPort
                IfIndex,           
        myAuthMacAddress
                MacAddress,
        myAuthAddrStatus
                INTEGER
        }
myAuthPort OBJECT-TYPE
        SYNTAX  IfIndex
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The port number of the port/trunk to which frames received from a
              specific port/trunk and destined for a specific MAC address."
        ::= { myAuthAddrEntry 1 }
        
myAuthMacAddress OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The MAC address which can be authenticated."
        ::= { myAuthAddrEntry 2 }

myAuthAddrStatus OBJECT-TYPE
        SYNTAX  INTEGER {
                valid(1),
                invalid(2)
                }
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "valid(1) - this entry is currently in use .
            invalid(2) - writing this value to the object
            removes the corresponding entry."
        ::= { myAuthAddrEntry 3 }    


--
-- my authentication user information
--        
myAuthUserTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF MyAuthUserEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The table of authentication User Info."
        ::= { myAuthUserObjects 2 }

myAuthUserEntry OBJECT-TYPE
        SYNTAX  MyAuthUserEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The entry of authentication User Info table."
        INDEX   { myAuthUserFdbId,myAuthUserMacAddress}
        ::= { myAuthUserTable 1 }

MyAuthUserEntry ::=
    SEQUENCE {
            myAuthUserFdbId  Unsigned32,
            myAuthUserMacAddress  MacAddress,            
            myAuthUserName  DisplayString,
            myAuthUserSessionId DisplayString,
            myAuthUserIpAddr IpAddress,
            myAuthUserPort   INTEGER,                        
            myAuthUserStatus ConfigStatus
            }
        
myAuthUserFdbId OBJECT-TYPE
        SYNTAX       Unsigned32
        MAX-ACCESS   read-only
        STATUS       current
        DESCRIPTION
            "The VID of vlan which the address blongs to."    
        ::= { myAuthUserEntry 1 }

myAuthUserMacAddress OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            " The MAC Address of authentication User ."
          ::= { myAuthUserEntry 2 }
                    
myAuthUserName OBJECT-TYPE
        SYNTAX  DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The Name of authentication User."
           ::= { myAuthUserEntry 3 }

myAuthUserSessionId OBJECT-TYPE
        SYNTAX  DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            " The Session Id of authentication User ."
         ::= { myAuthUserEntry 4 }

myAuthUserIpAddr OBJECT-TYPE
        SYNTAX  IpAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            " The IP Address of authentication User ."
         ::= { myAuthUserEntry 5 }
         
myAuthUserPort OBJECT-TYPE
        SYNTAX  INTEGER 
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            " The interface of authentication User ."
        ::= { myAuthUserEntry 6 }
         
myAuthUserStatus OBJECT-TYPE
        SYNTAX  ConfigStatus
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "Setting this object to 'invalid' will close a authenticated user,
             set its value to valid will cause no action of agent,
             when query always return value valid." 
         ::= { myAuthUserEntry 7 }


--
-- my vpn authentication user information
--        
myAuthUserForVPNDel OBJECT-TYPE
        SYNTAX  DisplayString (SIZE (1..255))
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "VPN user's name. Setting this object will delete a authenticated user and this user is unauthenticated.
            The set string is the username.
             
             Reading this object always return null string."
        ::= { myAuthUserObjects 3 }


-- authorization mode objects

myIpAuthorizationMode OBJECT-TYPE
        SYNTAX  INTEGER {
                disable(1),       
                dhcpServer(2),
                radiusServer(3),
                supplicant(4)
                }
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "disable(1)    - don't limit ip address of user
             dhcpServer(2) - limit ip address of user, only ip address assigned by the dhcp
                             server is legit.
             radiusServer(3) - limit ip address of user, only ip address assigned by the radius
                              server is legit.
             supplicant(4) - mac+ip+port indicates different users (get the IP adress through supplicant)"
        ::= { myAuthModeObjects 1 }    
---
---Client probe
---
myClientProbeEnabledStatus OBJECT-TYPE
        SYNTAX EnabledStatus
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The status of client probe function."
        ::= { myClientProbeObjects 1 }

myClientProbeHelloInterval OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The interval that client send hello packets."
        ::= { myClientProbeObjects 2 }
        
myClientProbeAliveInteval OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "When switch does not receive any legal hello packets from client 
            in this interval,it will send RADIUS-Account-Stop to RADIUS server
            to stop this connection.The value of the objects must be more than 
            myClientProbeHelloInterval"
        ::= { myClientProbeObjects 3 }   

myAAAMIBConformance OBJECT IDENTIFIER ::= { myAAAMIB 2 }
myAAAMIBCompliances OBJECT IDENTIFIER ::= { myAAAMIBConformance 1 }
myAAAMIBGroups      OBJECT IDENTIFIER ::= { myAAAMIBConformance 2 }


-- compliance statements

myAAAMIBCompliance MODULE-COMPLIANCE
        STATUS  current
        DESCRIPTION
                "The compliance statement for entities which implement
                the My AAA MIB"
        MODULE  -- this module
                MANDATORY-GROUPS { 
                        myDot1xAuthMIBGroup,
                        myAAAServerMIBGroup,
                        myAuthAddrMIBGroup,
                        myAuthModeMIBGroup
                 }
                 GROUP      myClientProbeGroup
                 DESCRIPTION
                     "This group is mandatory only for those system which support client 
                      probe function."          
 
         ::= { myAAAMIBCompliances 1 }
                
-- units of conformance

myDot1xAuthMIBGroup OBJECT-GROUP
        OBJECTS {
           myDot1xAuthStatus,
           myDot1xAuthObjectsQuietPeriod,
           myDot1xAuthObjectsTxPeriod,
           myDot1xAuthObjectsSuppTimeout,
           myDot1xAuthObjectsServerTimeout,
           myDot1xAuthObjectsMaxReq,
           myDot1xAuthObjectsReAuthPeriod,
           myDot1xAuthObjectsReAuthEnable,
           myDot1xAuthObjectsConfigFdbId,
           myDot1xAuthObjectsConfigAddr,
           myDot1xAuthObjectsPaeState,
           myDot1xAuthObjectsBackendAuthState,
           myDot1xAuthObjectsAuthControlledPortStatus,
           myDot1xAuthObjectsKeyTxEnabled,           
           myDot1xAuthObjectsIfIndex, 
           myDot1xAuthObjectsStatsFdbId,
           myDot1xAuthObjectsStatsAddr,
           myDot1xAuthObjectsEapolFramesRx,
           myDot1xAuthObjectsEapolFramesTx,
           myDot1xAuthObjectsEapolMyFramesRx,
           myDot1xAuthObjectsEapolLogoffFramesRx,
           myDot1xAuthObjectsEapolRespIdFramesRx,
           myDot1xAuthObjectsEapolRespFramesRx,
           myDot1xAuthObjectsEapolReqIdFramesTx,
           myDot1xAuthObjectsEapolReqFramesTx,
           myDot1xAuthObjectsInvalidEapolFramesRx,
           myDot1xAuthObjectsEapLengthErrorFramesRx,
           myDot1xAuthObjectsLastEapolFrameVersion,
           myDot1xAuthObjectsLastEapolFrameSource,
           myDot1xCurrentUserNumber,
           myDot1xCurrentAuthenticatedUserNumber,
           myDot1xAuthObjectsMaxReauth,
           myAuthIf,           
           myAuthIfStatus,
           myAuthenticationMode           
        }
        STATUS  current
        DESCRIPTION
                "A collection of objects providing dot1x  authentication managment."
        ::= { myAAAMIBGroups 1 }

        
myAAAServerMIBGroup OBJECT-GROUP
        OBJECTS {
           myAAAServerAuthPort,
           myAAAServerAcctPort,
           myAAAServerRadiusKeyStr,
           myAAAServerTacplusKeyStr,
           myAAAServerConfigAddressType,
           myAAAServerConfigAddress,
           myAAAServerConfigAuthPort,
           myAAAServerConfigAcctPort,
           myAAAServerConfigKeyStr,
           myAAAServerConfigRowStatus
        }
        STATUS  current
        DESCRIPTION
                "A collection of objects providing AAA server managment."
        ::= { myAAAMIBGroups 2 }

myAuthAddrMIBGroup OBJECT-GROUP
        OBJECTS {
            myAuthMacAddress,
            myAuthPort,   
            myAuthAddrStatus,
            myAuthUserFdbId,
            myAuthUserMacAddress,            
            myAuthUserName,
            myAuthUserSessionId,
            myAuthUserIpAddr,
            myAuthUserPort, 
            myAuthUserStatus
        }
        STATUS  current
        DESCRIPTION
                "A collection of objects providing  address permitted authentication managment."
        ::= { myAAAMIBGroups 3 } 

myAuthModeMIBGroup OBJECT-GROUP
        OBJECTS {
                myIpAuthorizationMode                
        }
        STATUS  current
        DESCRIPTION
                "A collection of objects providing  authentication mode managment."
        ::= { myAAAMIBGroups 4 }  
        
myClientProbeGroup OBJECT-GROUP
        OBJECTS {
                myClientProbeEnabledStatus,
                myClientProbeHelloInterval,
                myClientProbeAliveInteval                
                }
        STATUS  current
        DESCRIPTION
                "A collection of objects providing  client probe management."
        ::= { myAAAMIBGroups 5 }  
END
