-- *****************************************************************
-- FS-AAA-MIB.mib:  FS AAA MIB file
--
-- March 2002, Wuzg
--
-- Copyright (c) 2002 by FS.COM Inc..
-- All rights reserved.
-- 
-- *****************************************************************
--

FS-AAA-MIB DEFINITIONS ::= BEGIN

IMPORTS
        MODULE-IDENTITY,
        OBJECT-TYPE,
        Counter32,
        Unsigned32,
        Integer32,
        IpAddress
                FROM SNMPv2-SMI
        InetAddressType, 
        InetAddress
                FROM INET-ADDRESS-MIB
        Counter
                FROM RFC1155-SMI
        TruthValue,
        DisplayString,
        RowStatus,
        MacAddress
                FROM SNMPv2-TC
        MODULE-COMPLIANCE,
        OBJECT-GROUP
                FROM SNMPv2-CONF
        ConfigStatus,
        IfIndex
                FROM FS-TC
        EnabledStatus 
                FROM P-BRIDGE-MIB       
        radiusAuthServerAddress,
        radiusAuthClientServerPortNumber
            FROM RADIUS-AUTH-CLIENT-MIB
        radiusAccServerAddress, 
        radiusAccClientServerPortNumber
            FROM RADIUS-ACC-CLIENT-MIB
        fsMgmt
                FROM FS-SMI;

fsAAAMIB MODULE-IDENTITY
        LAST-UPDATED "200203200000Z"
        ORGANIZATION "FS.COM Inc.."
        CONTACT-INFO
                " 
                Tel: 400-865-2852 

                E-mail: https://www.fs.com/live_chat_service_mail.html"
        DESCRIPTION
                "This module defines fs AAA(802.1x) mibs."
        REVISION      "200203200000Z"
        DESCRIPTION
                "Initial version of this MIB module."
        ::= { fsMgmt 19}

fsAAAMIBObjects OBJECT IDENTIFIER ::= { fsAAAMIB 1 }

fsDot1xAuthObjects OBJECT IDENTIFIER ::= { fsAAAMIBObjects 1 }
fsAAAServerObjects OBJECT IDENTIFIER ::=    { fsAAAMIBObjects 2 }
fsAuthUserObjects OBJECT IDENTIFIER ::=  { fsAAAMIBObjects 3 }
fsAuthModeObjects OBJECT IDENTIFIER ::=  { fsAAAMIBObjects 4 }
fsClientProbeObjects OBJECT IDENTIFIER ::=  { fsAAAMIBObjects 5 }

--     
-- fsDot1xAuth Groupfor 802.1x global settings.
--
fsDot1xAuthStatus OBJECT-TYPE
        SYNTAX EnabledStatus
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The enable(1)/disable(2) control used by the  
            802.1x global settings."
        DEFVAL { disabled }
        ::= { fsDot1xAuthObjects 1 }

fsDot1xAuthObjectsQuietPeriod OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The value, in seconds, of the quietPeriod constant
             currently in use by the Authenticator PAE state
             machine."
        DEFVAL { 60 }
        ::= { fsDot1xAuthObjects 2 } 

fsDot1xAuthObjectsTxPeriod OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The value, in seconds, of the txPeriod constant
             currently in use by the Authenticator PAE state
             machine."
        DEFVAL { 30 }
        ::= { fsDot1xAuthObjects 3 } 

fsDot1xAuthObjectsSuppTimeout OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The value, in seconds, of the suppTimeout constant
             currently in use by the Backend Authentication state
             machine."
        DEFVAL { 30 }
        ::= { fsDot1xAuthObjects 4 } 

fsDot1xAuthObjectsServerTimeout OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
        "The value, in seconds, of the serverTimeout constant
         currently in use by the Backend Authentication state
         machine."
        DEFVAL { 30 }
    ::= { fsDot1xAuthObjects 5 }

fsDot1xAuthObjectsMaxReq OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The value of the maxReq constant currently in use by
             the Backend Authentication state machine."
        DEFVAL { 2 }
        ::= { fsDot1xAuthObjects 6 } 

fsDot1xAuthObjectsReAuthPeriod OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The value, in seconds, of the reAuthPeriod constant
             currently in use by the Reauthentication Timer state
             machine."
        DEFVAL { 3600 }
        ::= { fsDot1xAuthObjects 7 } 

fsDot1xAuthObjectsMaxReauth OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The value of the reAuthMax constant currently in use by
             the Authenticator PAE state machine."
        DEFVAL { 2 }
        ::= { fsDot1xAuthObjects 8 } 
        
fsDot1xAuthObjectsReAuthEnable OBJECT-TYPE
        SYNTAX EnabledStatus
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The enable(1)/disable(2) control used by the Reauthentication
             Timer state machine."
        DEFVAL { 2 }
        ::= { fsDot1xAuthObjects 9 } 
        
fsDot1xAuthObjectsConfigTable OBJECT-TYPE
         SYNTAX SEQUENCE OF FSDot1xAuthConfigEntry
         MAX-ACCESS not-accessible
         STATUS current
         DESCRIPTION
           "A table that contains the configuration objects for the
              Authenticator PAE associated with each MAC address.
              An entry appears in this table for each MAC address that 
              may authenticate access to itself."
          ::= { fsDot1xAuthObjects 10 }
        
fsDot1xAuthObjectsConfigEntry OBJECT-TYPE
        SYNTAX FSDot1xAuthConfigEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
         "The configuration information for an Authenticator
              PAE."
       INDEX { fsDot1xAuthObjectsConfigFdbId,fsDot1xAuthObjectsConfigAddr }
       ::= { fsDot1xAuthObjectsConfigTable 1 }

FSDot1xAuthConfigEntry ::=
        SEQUENCE {
        fsDot1xAuthObjectsConfigFdbId
                 Unsigned32,
        fsDot1xAuthObjectsConfigAddr
                 MacAddress,
         fsDot1xAuthObjectsPaeState
                 INTEGER,
         fsDot1xAuthObjectsBackendAuthState
                 INTEGER,
         fsDot1xAuthObjectsAuthControlledPortStatus
                 INTEGER,
        fsDot1xAuthObjectsKeyTxEnabled
                 TruthValue,        
  fsDot1xAuthObjectsIfIndex
     IfIndex
         }
fsDot1xAuthObjectsConfigFdbId OBJECT-TYPE
        SYNTAX       Unsigned32
        MAX-ACCESS   read-only
        STATUS       current
        DESCRIPTION
            "The VID of vlan which the address blongs to."
    ::= { fsDot1xAuthObjectsConfigEntry 1 }
    
fsDot1xAuthObjectsConfigAddr OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The MAC address associated with this configurations."
        ::= { fsDot1xAuthObjectsConfigEntry 2 }

fsDot1xAuthObjectsPaeState OBJECT-TYPE
        SYNTAX INTEGER {
               initialize(1),
               disconnected(2),
               connecting(3),
               authenticating(4),
               authenticated(5),
               aborting(6),
               held(7),
               forceAuth(8),
               forceUnauth(9)
               }
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The current value of the Authenticator PAE state
             machine."
        ::= { fsDot1xAuthObjectsConfigEntry 3 }

fsDot1xAuthObjectsBackendAuthState OBJECT-TYPE
        SYNTAX INTEGER {
               request(1),
               response(2),
               success(3),
               fail(4),
               timeout(5),
               idle(6),
               initialize(7)
               }
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The current state of the Backend Authentication
             state machine."
        ::= { fsDot1xAuthObjectsConfigEntry 4 }

fsDot1xAuthObjectsAuthControlledPortStatus OBJECT-TYPE
        SYNTAX INTEGER {
               authorized(1),
               unauthorized(2)
               }
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The current value of the controlled Port
             status parameter for the Port."
        ::= { fsDot1xAuthObjectsConfigEntry 5 }

fsDot1xAuthObjectsKeyTxEnabled OBJECT-TYPE
        SYNTAX TruthValue
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The value of the keyTransmissionEnabled constant
             currently in use by the Authenticator PAE state
             machine."
        ::= { fsDot1xAuthObjectsConfigEntry 6 }
                
fsDot1xAuthObjectsIfIndex OBJECT-TYPE
        SYNTAX IfIndex
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The interface index associated with this configurations"
        ::= { fsDot1xAuthObjectsConfigEntry 7 }
        
                
fsDot1xAuthObjectsStatsTable OBJECT-TYPE
        SYNTAX SEQUENCE OF FSDot1xAuthStatsEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "A table that contains the statistics objects for the
             Authenticator PAE associated with each MAC address.
             An entry appears in this table for each MAC address 
             that may authenticate access to itself."
        ::= { fsDot1xAuthObjects 11 }

fsDot1xAuthStatsEntry OBJECT-TYPE
        SYNTAX FSDot1xAuthStatsEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "The statistics information for an Authenticator PAE."
        INDEX { fsDot1xAuthObjectsStatsFdbId,fsDot1xAuthObjectsStatsAddr }
        ::= { fsDot1xAuthObjectsStatsTable 1 }

FSDot1xAuthStatsEntry ::=
        SEQUENCE {
        fsDot1xAuthObjectsStatsFdbId
                Unsigned32,
        fsDot1xAuthObjectsStatsAddr
                MacAddress,
        fsDot1xAuthObjectsEapolFramesRx
                Counter32,
        fsDot1xAuthObjectsEapolFramesTx
                Counter32,
        fsDot1xAuthObjectsEapolFSFramesRx
                Counter32,
        fsDot1xAuthObjectsEapolLogoffFramesRx
                Counter32,
        fsDot1xAuthObjectsEapolRespIdFramesRx
                Counter32,
        fsDot1xAuthObjectsEapolRespFramesRx
                Counter32,
        fsDot1xAuthObjectsEapolReqIdFramesTx
                Counter32,
        fsDot1xAuthObjectsEapolReqFramesTx
                Counter32,
        fsDot1xAuthObjectsInvalidEapolFramesRx
                Counter32,
        fsDot1xAuthObjectsEapLengthErrorFramesRx
                Counter32,
        fsDot1xAuthObjectsLastEapolFrameVersion
                Unsigned32,
        fsDot1xAuthObjectsLastEapolFrameSource
                MacAddress
            }
fsDot1xAuthObjectsStatsFdbId OBJECT-TYPE
        SYNTAX       Unsigned32
        MAX-ACCESS   read-only
        STATUS       current
        DESCRIPTION
            "The VID of vlan which the address blongs to."
        ::= { fsDot1xAuthStatsEntry 1 }

fsDot1xAuthObjectsStatsAddr OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The MAC address associated with this states."
        ::= { fsDot1xAuthStatsEntry 2 }

fsDot1xAuthObjectsEapolFramesRx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of valid EAPOL frames of any type
             that have been received by this Authenticator."
        ::= { fsDot1xAuthStatsEntry 3 }

fsDot1xAuthObjectsEapolFramesTx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of EAPOL frames of any type
             that have been transmitted by this Authenticator."
        ::= { fsDot1xAuthStatsEntry 4 }

fsDot1xAuthObjectsEapolFSFramesRx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of EAPOL FS frames that have
             been received by this Authenticator."
        ::= { fsDot1xAuthStatsEntry 5 }

fsDot1xAuthObjectsEapolLogoffFramesRx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of EAPOL Logoff frames that have
             been received by this Authenticator."
        ::= { fsDot1xAuthStatsEntry 6 }

fsDot1xAuthObjectsEapolRespIdFramesRx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of EAP Resp/Id frames that have
             been received by this Authenticator."
        ::= { fsDot1xAuthStatsEntry 7 }

fsDot1xAuthObjectsEapolRespFramesRx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of valid EAP Response frames
             (other than Resp/Id frames) that have been
             received by this Authenticator."
        ::= { fsDot1xAuthStatsEntry 8 }

fsDot1xAuthObjectsEapolReqIdFramesTx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
        "The number of EAP Req/Id frames that have been
        transmitted by this Authenticator."
    ::= { fsDot1xAuthStatsEntry 9 }

fsDot1xAuthObjectsEapolReqFramesTx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
        "The number of EAP Request frames
         (other than Rq/Id frames) that have been
         transmitted by this Authenticator."
    ::= { fsDot1xAuthStatsEntry 10 }

fsDot1xAuthObjectsInvalidEapolFramesRx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
        "The number of EAPOL frames that have been
         received by this Authenticator in which the
         frame type is not recognized."
    ::= { fsDot1xAuthStatsEntry 11 }

fsDot1xAuthObjectsEapLengthErrorFramesRx OBJECT-TYPE
        SYNTAX Counter32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
        "The number of EAPOL frames that have been received
         by this Authenticator in which the Packet Body
        Length field is invalid."
    ::= { fsDot1xAuthStatsEntry 12 }

fsDot1xAuthObjectsLastEapolFrameVersion OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
        "The protocol version number carried in the
         most recently received EAPOL frame."
    ::= { fsDot1xAuthStatsEntry 13 }

fsDot1xAuthObjectsLastEapolFrameSource OBJECT-TYPE
        SYNTAX MacAddress
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
        "The source MAC address carried in the
         most recently received EAPOL frame."
    ::= { fsDot1xAuthStatsEntry 14 }
    
fsDot1xCurrentUserNumber OBJECT-TYPE
        SYNTAX Counter
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION 
             "Numbers of users who attached to the system ,regardless of their state."
        ::= { fsDot1xAuthObjects 12 }      

fsDot1xCurrentAuthenticatedUserNumber OBJECT-TYPE
        SYNTAX Counter
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION 
                "Numbers of user who attached to the system and their current state is
                 authorized"
        ::= { fsDot1xAuthObjects 13 }           

fsDot1xAccountStatus OBJECT-TYPE
        SYNTAX EnabledStatus
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The enable(1)/disable(2) control used by the  
             accounting function."
        DEFVAL { 2 }
        ::= { fsDot1xAuthObjects 14 }

fsAuthIfTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF FSAuthIfEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The table of the authenticated status of interface."
        ::= { fsDot1xAuthObjects 15 }

fsAuthIfEntry OBJECT-TYPE
        SYNTAX  FSAuthIfEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The entry of MAC address which can be authenticated."
        INDEX   { fsAuthIf}
        ::= { fsAuthIfTable 1 }

FSAuthIfEntry ::=
        SEQUENCE {
        fsAuthIf
                IfIndex,           
        fsAuthIfStatus
                EnabledStatus
        }
fsAuthIf OBJECT-TYPE
        SYNTAX  IfIndex
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The port number of the port/trunk to which frames received from a
              specific port/trunk and destined for a specific MAC address."
        ::= { fsAuthIfEntry 1 }

fsAuthIfStatus OBJECT-TYPE
        SYNTAX EnabledStatus
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "The authentication status of a port, can be opened by setting its
            value to Enabled(1), or closed by setting its value to Disabled(2)."
        DEFVAL { 2 }
        ::= { fsAuthIfEntry 2 }

fsAuthenticationMode OBJECT-TYPE
        SYNTAX  INTEGER {
                eap(1),       
                chap(2),
                pap(3)
                }
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "Mode used for authentication"
        ::= { fsDot1xAuthObjects 16 }        

fsDot1xAccountUpdateStatus OBJECT-TYPE
        SYNTAX  EnabledStatus
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "Account Update Status"
        ::= { fsDot1xAuthObjects 17 }  

fsDot1xAcctInterimInterval OBJECT-TYPE
        SYNTAX  Unsigned32 (60..65535)
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "Account Interim Interval"
        ::= { fsDot1xAuthObjects 18 }               
       
fsDot1xEapolTagEnabled OBJECT-TYPE
        SYNTAX  EnabledStatus
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "Eapol Tag Enabled"
        ::= { fsDot1xAuthObjects 19 }            

fsDot1xIfUserMaxTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF FSDot1xIfUserMaxEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The table of the max dot1x user number on authenticated interface."
        ::= { fsDot1xAuthObjects 20 }

fsDot1xIfUserMaxEntry OBJECT-TYPE
        SYNTAX  FSDot1xIfUserMaxEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The entry of max dot1x user number on authenticated interface."
        INDEX   { fsDot1xIfUserMaxIndex}
        ::= { fsDot1xIfUserMaxTable 1 }

FSDot1xIfUserMaxEntry ::=
        SEQUENCE {
        fsDot1xIfUserMaxIndex
                IfIndex,           
        fsDot1xIfUserMaxNum
                Unsigned32
        }
fsDot1xIfUserMaxIndex OBJECT-TYPE
        SYNTAX  IfIndex
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The interface index which dot1x authentication is enabled."
        ::= { fsDot1xIfUserMaxEntry 1 }

fsDot1xIfUserMaxNum OBJECT-TYPE
        SYNTAX Unsigned32 (1..4000)
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "The max dot1x user num on the interface, this is valid only 
            when dot1x authentication is enable on that interface.
            Number 0 indicates no user number limits enabled on the interface."
        ::= { fsDot1xIfUserMaxEntry 2 }

fsDot1xPseudoSrcmac OBJECT-TYPE
        SYNTAX EnabledStatus
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "Enable(1)/disable(2) use pseudo mac as the source mac of 802.1x
            authentication frame."
        DEFVAL { enabled }
        ::= { fsDot1xAuthObjects 21 } 

fsDot1xUserMIB OBJECT IDENTIFIER ::= { fsDot1xAuthObjects 22 }

fsDot1xUserTrapsObjects OBJECT IDENTIFIER ::= { fsDot1xUserMIB 1 }
fsDot1xUserTraps OBJECT IDENTIFIER ::= { fsDot1xUserMIB 2 }

fsDot1xUserMac OBJECT-TYPE
        SYNTAX MacAddress
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "802.1X user's MAC address."
        ::= { fsDot1xUserTrapsObjects 1 }

fsDot1xUserName OBJECT-TYPE
        SYNTAX DisplayString
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "802.1X user's name"
        ::= { fsDot1xUserTrapsObjects 2 }

fsDot1xUserIp OBJECT-TYPE
        SYNTAX IpAddress
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "802.1X user's IPv4 address."
        ::= { fsDot1xUserTrapsObjects 3 }

fsDot1xUserIpv6 OBJECT-TYPE
        SYNTAX InetAddress
        MAX-ACCESS accessible-for-notify
        STATUS current  
        DESCRIPTION
            "802.1x user's IPv6 address."
        ::= { fsDot1xUserTrapsObjects 4 }

fsDot1xUserWlanId OBJECT-TYPE
        SYNTAX INTEGER (1..4095)
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "The wlan id that 802.1X user associated with."
        ::= { fsDot1xUserTrapsObjects 5 }

fsDot1xUserVlanId OBJECT-TYPE
        SYNTAX INTEGER (1..4094)
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "The vlan id that 801.1X user belongs to."
        ::= { fsDot1xUserTrapsObjects 6 }

fsDot1xUserSsid OBJECT-TYPE
        SYNTAX DisplayString
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "The SSID that 802.1X user associated with."
        ::= { fsDot1xUserTrapsObjects 7 }

fsDot1xUserApMac OBJECT-TYPE
        SYNTAX MacAddress
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "The MAC address of the AP that 802.1X user associated with."
        ::= { fsDot1xUserTrapsObjects 8 }

fsDot1xUserTerminalType OBJECT-TYPE
        SYNTAX DisplayString
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "802.1X user's terminal type."
        ::= { fsDot1xUserTrapsObjects 9 }

fsDot1xUserOperType OBJECT-TYPE
        SYNTAX INTEGER {
            online(1),
            offline(2),
            authenfail(3)
        }
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "Operation type of 802.1X user's trap."
        ::= { fsDot1xUserTrapsObjects 10 }

fsDot1xUserTerminateCause OBJECT-TYPE
        SYNTAX INTEGER
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "Terminate cause of 802.1X user."
        ::= { fsDot1xUserTrapsObjects 11 }

fsDot1xUserReplyMessage OBJECT-TYPE
        SYNTAX DisplayString
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "Message of authentication failure of a 802.1X user."
        ::= { fsDot1xUserTrapsObjects 12 }
        
fsDot1xUserIfIndex OBJECT-TYPE
        SYNTAX INTEGER (1..4095)
        MAX-ACCESS accessible-for-notify
        STATUS current
        DESCRIPTION
            "The interface id that 802.1X user belongs to."
        ::= { fsDot1xUserTrapsObjects 13 }

fsDot1xUserMgmtTrap NOTIFICATION-TYPE
        OBJECTS {
            fsDot1xUserMac,
            fsDot1xUserName,
            fsDot1xUserIp,
            fsDot1xUserIpv6,
            fsDot1xUserWlanId,
            fsDot1xUserVlanId,
            fsDot1xUserSsid,
            fsDot1xUserApMac,
            fsDot1xUserTerminalType,
            fsDot1xUserOperType,
            fsDot1xUserTerminateCause,
            fsDot1xUserReplyMessage,
            fsDot1xUserIfIndex
        }
        STATUS current
        DESCRIPTION
            "802.1X wireless user online/offline trap."
        ::= { fsDot1xUserTraps 1 }

fsDot1xWiredUserTrap NOTIFICATION-TYPE
        OBJECTS {
            fsDot1xUserMac,
            fsDot1xUserName,
            fsDot1xUserIfIndex,
            fsDot1xUserVlanId,
            fsDot1xUserIp,
            fsDot1xUserIpv6,
            fsDot1xUserOperType,
            fsDot1xUserTerminateCause
        }
        STATUS current
        DESCRIPTION
            "802.1X wired user online/offline/authentication trap."
        ::= { fsDot1xUserTraps 2 }

--**********************************************************************
-- about dot1x online user table info 
--**********************************************************************    
fsDot1xOnlineUserTable OBJECT-TYPE
    SYNTAX SEQUENCE OF FSDot1xOnlineUserEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
            "Detail information of dot1x online user."
        ::= { fsDot1xUserMIB 3 }

fsDot1xOnlineUserEntry OBJECT-TYPE
    SYNTAX FSDot1xOnlineUserEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
        "The entry of fsDot1xOnlineUserTable."
    INDEX { fsDot1xOnlineUserID }
    ::= { fsDot1xOnlineUserTable 1 }

FSDot1xOnlineUserEntry ::=  
    SEQUENCE {
        fsDot1xOnlineUserID                 INTEGER,
        fsDot1xOnlineUserName               DisplayString,
        fsDot1xOnlineUserMacAddr            MacAddress,
        fsDot1xOnlineUserIfIndex            INTEGER,
        fsDot1xOnlineUserVlanId             INTEGER,
        fsDot1xOnlineUserIp                 IpAddress,
        fsDot1xOnlineUserIpv6               InetAddress
    }

fsDot1xOnlineUserID OBJECT-TYPE
    SYNTAX INTEGER
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "The ID of Dot1xOnlineuser that is uniqueness."
    ::= {fsDot1xOnlineUserEntry 1 }

fsDot1xOnlineUserName OBJECT-TYPE
    SYNTAX DisplayString
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Name of dot1x online user."
    ::= {fsDot1xOnlineUserEntry 2}

fsDot1xOnlineUserMacAddr OBJECT-TYPE
    SYNTAX MacAddress
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Mac address of dot1x online user."
    ::= {fsDot1xOnlineUserEntry 3}

fsDot1xOnlineUserIfIndex OBJECT-TYPE
    SYNTAX INTEGER
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Interface index of dot1x online user."
    ::= {fsDot1xOnlineUserEntry 4}

fsDot1xOnlineUserVlanId OBJECT-TYPE
    SYNTAX INTEGER
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Vlan id of dot1x online user."
    ::= {fsDot1xOnlineUserEntry 5}
    
fsDot1xOnlineUserIp OBJECT-TYPE
    SYNTAX IpAddress
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Ipv4 address of dot1x online user."
    ::= {fsDot1xOnlineUserEntry 6}
    
fsDot1xOnlineUserIpv6 OBJECT-TYPE
    SYNTAX InetAddress
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Ipv6 address of dot1x online user."
    ::= {fsDot1xOnlineUserEntry 7}

fsDot1xAbnormalOfflineUserCount OBJECT-TYPE
        SYNTAX  Counter64
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The number of offline users with abnormal terminate-cause"
        ::= { fsDot1xAuthObjects 23 }

fsDot1xTotalAuthUserCount OBJECT-TYPE
        SYNTAX  Counter64
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The totaol number of users who send authentication request"
        ::= { fsDot1xAuthObjects 24 }

fsDot1xAuthSuccUserCount OBJECT-TYPE
        SYNTAX  Counter64
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The number of users who pass authentication"
        ::= { fsDot1xAuthObjects 25 }
        
fsDot1xAuthFailUserCount OBJECT-TYPE
        SYNTAX  Counter64
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The number of users who authenticate fail"
        ::= { fsDot1xAuthObjects 26 }

--     
-- fsAAAServer Group.
--
        
--      ::= { fsAAAServerObjects 1 }     this OID is obsolete

fsAAAServerAuthPort OBJECT-TYPE
        SYNTAX      INTEGER (0..65535)
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION 
            "UDP port used for authentication in the global 
            configuration.
            For RADIUS only, default value is 1812."
        DEFVAL  { 1812 }
        ::= { fsAAAServerObjects 2 }

fsAAAServerAcctPort OBJECT-TYPE
        SYNTAX      INTEGER (0..65535)
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION 
            "UDP port used for accounting service in the global
            configuration.
            For RADIUS only, default value is 1813."
        DEFVAL  { 1813 }
        ::= { fsAAAServerObjects 3 } 

fsAAAServerRadiusKeyStr OBJECT-TYPE
        SYNTAX      DisplayString (SIZE (0..255))
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "The server key to be used with all RADIUS server.
            Retrieving the  value of this object via SNMP will
            return an empty string  for security reasons."
        DEFVAL { "" }
        ::= { fsAAAServerObjects 4 }        

--      ::= { fsAAAServerObjects 5 }     this OID is obsolete

--      ::= { fsAAAServerObjects 6 }     this OID is obsolete

--      ::= { fsAAAServerObjects 7 }     this OID is obsolete

fsAAAServerTacplusKeyStr OBJECT-TYPE
        SYNTAX      DisplayString (SIZE (0..255))
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "The server key to be used with all TACACS+ server.
            Retrieving the  value of this object via SNMP will return 
            an empty string  for security reasons."
        DEFVAL { "" }
        ::= { fsAAAServerObjects 8 }
      
--     
-- fsAAAServerConfigTable
--        
fsAAAServerConfigTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF FSAAAServerConfigEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This table shows current configurations for each
            AAA server, allows existing servers to be removed
            and new ones to be created."
        ::= { fsAAAServerObjects 9 }

fsAAAServerConfigEntry OBJECT-TYPE
        SYNTAX      FSAAAServerConfigEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "The table of AAA server configuration identified by its 
            protocol and its index."
        INDEX { fsAAAServerConfigProtocol,
                fsAAAServerConfigIndex }
        ::= { fsAAAServerConfigTable 1}

FSAAAServerConfigEntry ::=
        SEQUENCE {
            fsAAAServerConfigProtocol        INTEGER,
            fsAAAServerConfigIndex           Unsigned32,
            fsAAAServerConfigAddressType     InetAddressType,
            fsAAAServerConfigAddress         InetAddress,
            fsAAAServerConfigAuthPort        INTEGER,
            fsAAAServerConfigAcctPort        INTEGER,
            fsAAAServerConfigKeyStr          DisplayString,
            fsAAAServerConfigRowStatus       RowStatus
        }

fsAAAServerConfigProtocol OBJECT-TYPE
        SYNTAX      INTEGER {
                    radius(1),   -- RADIUS
                    tacplus(2)   -- TACACS+
                    }
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "The variable denotes the protocol used by the managed 
            device with the AAA server corresponding to this entry
            in the table."
       ::= { fsAAAServerConfigEntry 1 }

fsAAAServerConfigIndex OBJECT-TYPE
       SYNTAX       Unsigned32 (1..4294967295)
       MAX-ACCESS   not-accessible
       STATUS       current
       DESCRIPTION
           "A number uniquely identifying each server. 
           If the fsAAAServerConfigIndex value for row creation is 
           already in use by an existing entry, snmp set to the
           fsAAAServerConfigIndex value will fail.
           Upon reload, casIndex values may be changed."
       ::= { fsAAAServerConfigEntry 2 }

fsAAAServerConfigAddressType OBJECT-TYPE 
       SYNTAX       InetAddressType 
       MAX-ACCESS   read-create 
       STATUS       current 
       DESCRIPTION 
           "The type of address format used for the 
           fsAAAServerConfigAddress object." 
       ::= { fsAAAServerConfigEntry 3 } 

fsAAAServerConfigAddress OBJECT-TYPE 
       SYNTAX       InetAddress 
       MAX-ACCESS   read-create 
       STATUS       current 
       DESCRIPTION 
             "The IP address of the server." 
       ::= { fsAAAServerConfigEntry 4 } 

fsAAAServerConfigAuthPort OBJECT-TYPE
       SYNTAX      INTEGER (0..65535)
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION
             "UDP/TCP port used for authentication in the server.
             For RADIUS, default value is 1812.
             For TACACS+, default value is 49."
       ::= { fsAAAServerConfigEntry 5 }

fsAAAServerConfigAcctPort OBJECT-TYPE
       SYNTAX       INTEGER (0..65535)
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
             "UDP/TCP port used for accounting service in the server.
             For RADIUS, default value is 1813.
             For TACACS+, the value of fsAAAServerConfigAcctPort is
             ignored, fsAAAServerConfigAuthPort will be used instead."
       ::= { fsAAAServerConfigEntry 6 }

fsAAAServerConfigKeyStr OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (0..255))
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The server key to be used with this server.
           Retrieving the value of this object via SNMP will return an
           empty string for security reasons."
       DEFVAL { "" }
       ::= { fsAAAServerConfigEntry 7 }

fsAAAServerConfigRowStatus OBJECT-TYPE
       SYNTAX       RowStatus
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The status of this table entry.  Once the entry status is
           set to active, the associated entry cannot be modified except
           destroyed by setting this object to destroy(6)."
       ::= { fsAAAServerConfigEntry 8 }
        
--     
-- fsAuthAddress Group.
--        
fsAuthAddrTable OBJECT-TYPE
  SYNTAX  SEQUENCE OF FSAuthAddrEntry
  MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The table of MAC address which can be authenticated."
        ::= { fsAuthUserObjects 1 }

fsAuthAddrEntry OBJECT-TYPE
        SYNTAX  FSAuthAddrEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The entry of MAC address which can be authenticated."
        INDEX   { fsAuthPort,fsAuthMacAddress}
        ::= { fsAuthAddrTable 1 }

FSAuthAddrEntry ::=
        SEQUENCE {
        fsAuthPort
                IfIndex,           
        fsAuthMacAddress
                MacAddress,
        fsAuthAddrStatus
                INTEGER
        }
fsAuthPort OBJECT-TYPE
        SYNTAX  IfIndex
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The port number of the port/trunk to which frames received from a
              specific port/trunk and destined for a specific MAC address."
        ::= { fsAuthAddrEntry 1 }
        
fsAuthMacAddress OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The MAC address which can be authenticated."
        ::= { fsAuthAddrEntry 2 }

fsAuthAddrStatus OBJECT-TYPE
        SYNTAX  INTEGER {
                valid(1),
                invalid(2)
                }
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "valid(1) - this entry is currently in use .
            invalid(2) - writing this value to the object
            removes the corresponding entry."
        ::= { fsAuthAddrEntry 3 }    


--
-- fs authentication user information
--        
fsAuthUserTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF FSAuthUserEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The table of authentication User Info."
        ::= { fsAuthUserObjects 2 }

fsAuthUserEntry OBJECT-TYPE
        SYNTAX  FSAuthUserEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The entry of authentication User Info table."
        INDEX   { fsAuthUserFdbId,fsAuthUserMacAddress}
        ::= { fsAuthUserTable 1 }

FSAuthUserEntry ::=
    SEQUENCE {
            fsAuthUserFdbId  Unsigned32,
            fsAuthUserMacAddress  MacAddress,            
            fsAuthUserName  DisplayString,
            fsAuthUserSessionId DisplayString,
            fsAuthUserIpAddr IpAddress,
            fsAuthUserPort   INTEGER,                        
            fsAuthUserStatus ConfigStatus
            }
        
fsAuthUserFdbId OBJECT-TYPE
        SYNTAX       Unsigned32
        MAX-ACCESS   read-only
        STATUS       current
        DESCRIPTION
            "The VID of vlan which the address blongs to."    
        ::= { fsAuthUserEntry 1 }

fsAuthUserMacAddress OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            " The MAC Address of authentication User ."
          ::= { fsAuthUserEntry 2 }
                    
fsAuthUserName OBJECT-TYPE
        SYNTAX  DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The Name of authentication User."
           ::= { fsAuthUserEntry 3 }

fsAuthUserSessionId OBJECT-TYPE
        SYNTAX  DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            " The Session Id of authentication User ."
         ::= { fsAuthUserEntry 4 }

fsAuthUserIpAddr OBJECT-TYPE
        SYNTAX  IpAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            " The IP Address of authentication User ."
         ::= { fsAuthUserEntry 5 }
         
fsAuthUserPort OBJECT-TYPE
        SYNTAX  INTEGER 
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            " The interface of authentication User ."
        ::= { fsAuthUserEntry 6 }
         
fsAuthUserStatus OBJECT-TYPE
        SYNTAX  ConfigStatus
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "Setting this object to 'invalid' will close a authenticated user,
             set its value to valid will cause no action of agent,
             when query always return value valid." 
         ::= { fsAuthUserEntry 7 }


--
-- fs vpn authentication user information
--        
fsAuthUserForVPNDel OBJECT-TYPE
        SYNTAX  DisplayString (SIZE (1..255))
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "VPN user's name. Setting this object will delete a authenticated user and this user is unauthenticated.
            The set string is the username.
             
             Reading this object always return null string."
        ::= { fsAuthUserObjects 3 }

--
-- fs online user information
--        
fsOnlineUserTable OBJECT-TYPE
        SYNTAX  SEQUENCE OF FSOnlineUserEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The table of online User Info."
        ::= { fsAuthUserObjects 4 }

fsOnlineUserEntry OBJECT-TYPE
        SYNTAX  FSOnlineUserEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
            "The entry of online User Info table."
        INDEX   {fsOnlineUserSessionId}
        ::= { fsOnlineUserTable 1 }

FSOnlineUserEntry ::=
    SEQUENCE {
            fsOnlineUserSessionId DisplayString,
            fsOnlineUserVid Unsigned32,
            fsOnlineUserMacAddress MacAddress,
            fsOnlineUserPort INTEGER,
            fsOnlineUserName DisplayString,
            fsOnlineUserIpAddr IpAddress,
            fsOnlineUserStatus ConfigStatus
            }

fsOnlineUserSessionId OBJECT-TYPE
        SYNTAX  DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            " The Session Id of online User ."
         ::= { fsOnlineUserEntry 1 }

fsOnlineUserVid OBJECT-TYPE
        SYNTAX       Unsigned32
        MAX-ACCESS   read-only
        STATUS       current
        DESCRIPTION
            "The VID of vlan which the address blongs to."    
        ::= { fsOnlineUserEntry 2 }

fsOnlineUserMacAddress OBJECT-TYPE
        SYNTAX  MacAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            " The MAC Address of online User ."
          ::= { fsOnlineUserEntry 3 }

fsOnlineUserPort OBJECT-TYPE
        SYNTAX  INTEGER 
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            " The interface of online User ."
        ::= { fsOnlineUserEntry 4 }

fsOnlineUserName OBJECT-TYPE
        SYNTAX  DisplayString
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "The Name of online User."
           ::= { fsOnlineUserEntry 5 }

fsOnlineUserIpAddr OBJECT-TYPE
        SYNTAX  IpAddress
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            " The IP Address of online User ."
         ::= { fsOnlineUserEntry 6 }
         
fsOnlineUserStatus OBJECT-TYPE
        SYNTAX  ConfigStatus
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "Setting this object to 'invalid' will close a authenticated user,
             set its value to valid will cause no action of agent,
             when query always return value valid." 
         ::= { fsOnlineUserEntry 7 }

--
-- fs aaa version
--        
fsAaaVersion OBJECT-TYPE
        SYNTAX  INTEGER
        MAX-ACCESS  read-only
        STATUS  current
        DESCRIPTION
            "FS Authentication/Accounting/Authorization(AAA) Version"
        ::= { fsAuthUserObjects 5 }
         
-- authorization mode objects

fsIpAuthorizationMode OBJECT-TYPE
        SYNTAX  INTEGER {
                disable(1),       
                dhcpServer(2),
                radiusServer(3),
                supplicant(4),
                mixed(5)
                }
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
            "disable(1)    - don't limit ip address of user
             dhcpServer(2) - limit ip address of user, only ip address assigned by the dhcp
                             server is legit.
             radiusServer(3) - limit ip address of user, only ip address assigned by the radius
                              server is legit.
             supplicant(4) - mac+ip+port indicates different users (get the IP adress through supplicant)
             mixed(5) - limit ip address of user, ip address may be from supplicant, radiusServer or dhcpServer."
        ::= { fsAuthModeObjects 1 }    
---
---Client probe
---
fsClientProbeEnabledStatus OBJECT-TYPE
        SYNTAX EnabledStatus
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The status of client probe function."
        ::= { fsClientProbeObjects 1 }

fsClientProbeHelloInterval OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The interval that client send hello packets."
        ::= { fsClientProbeObjects 2 }
        
fsClientProbeAliveInteval OBJECT-TYPE
        SYNTAX Unsigned32
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "When switch does not receive any legal hello packets from client 
            in this interval,it will send RADIUS-Account-Stop to RADIUS server
            to stop this connection.The value of the objects must be more than 
            fsClientProbeHelloInterval"
        ::= { fsClientProbeObjects 3 }   



fsAAAConfigObjects     OBJECT IDENTIFIER ::=  { fsAAAMIBObjects 6 }
fsAuthenConfigObjects  OBJECT IDENTIFIER ::=  { fsAAAConfigObjects 1 }
fsAuthorConfigObjects  OBJECT IDENTIFIER ::=  { fsAAAConfigObjects 2 }
fsAcctConfigObjects    OBJECT IDENTIFIER ::=  { fsAAAConfigObjects 3 }

--     
-- Authentication configurations parameters.
--
--     
-- fsAuthenMethodListTable
--        
fsAuthenMethodListTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF FSAuthenMethodListEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This table shows current configurations for each authentication
            method-list, allows existing method-lists to be removed and new
            ones to be created."
        ::= { fsAuthenConfigObjects 1 }

fsAuthenMethodListEntry OBJECT-TYPE
        SYNTAX      FSAuthenMethodListEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "The table of authentication method-list configuration identified
            by its type and its name."
        INDEX { fsAuthenMethodListType,
                fsAuthenMethodListName }
        ::= { fsAuthenMethodListTable 1}

FSAuthenMethodListEntry ::=
        SEQUENCE {
            fsAuthenMethodListType        INTEGER,
            fsAuthenMethodListName        DisplayString,
            fsAuthenMethodListString      DisplayString,
            fsAuthenMethodListRowStatus   RowStatus
        }

fsAuthenMethodListType OBJECT-TYPE
        SYNTAX      INTEGER {
                    login(1),   -- for logins.
                    ppp(2),     -- for ppp.
                    dot1x(3),   -- for IEEE 802.1x.
                    enable(4),  -- for enable.
                    web(5),     -- for inter portal.
                    cmweb(6),   -- for cmweb.
                    mt(7),      -- for mt.
                    general(8)  -- for general.
                    }
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The variable denotes the authentication method-list used by 
            the managed device with the AAA user corresponding to this entry
            in the table."
       ::= { fsAuthenMethodListEntry 1 }

fsAuthenMethodListName OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (1..63))
       MAX-ACCESS   read-only
       STATUS       current
       DESCRIPTION
           "A human readable string representing the name of authentication
            method-list."
       ::= { fsAuthenMethodListEntry 2 }

fsAuthenMethodListString OBJECT-TYPE 
       SYNTAX       DisplayString (SIZE (1..255))
       MAX-ACCESS   read-create 
       STATUS       current 
       DESCRIPTION 
           "A human readable string representing the corresponding
            value of of authentication method-list. 
            ie: group radius group tacacs+ local none
            " 
       ::= { fsAuthenMethodListEntry 3 } 

fsAuthenMethodListRowStatus OBJECT-TYPE
       SYNTAX       RowStatus
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The status of this table entry.  Once the entry status is
           set to active, the associated entry cannot be modified except
           destroyed by setting this object to destroy(6)."
       ::= { fsAuthenMethodListEntry 4 }

--     
-- Authorization configurations parameters.
--
--     
-- fsAuthorMethodListTable
--        
fsAuthorMethodListTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF FSAuthorMethodListEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This table shows current configurations for each authorization
            method-list, allows existing method-lists to be removed and new
            ones to be created."
        ::= { fsAuthorConfigObjects 1 }

fsAuthorMethodListEntry OBJECT-TYPE
        SYNTAX      FSAuthorMethodListEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "The table of authorization method-list configuration identified
            by its type and its name."
        INDEX { fsAuthorMethodListType,
                fsAuthorMethodListName,
                fsAuthorMethodListCmdLevel }
        ::= { fsAuthorMethodListTable 1}

FSAuthorMethodListEntry ::=
        SEQUENCE {
            fsAuthorMethodListType        INTEGER,
            fsAuthorMethodListName        DisplayString,
            fsAuthorMethodListCmdLevel    INTEGER,           
            fsAuthorMethodListString      DisplayString,
            fsAuthorMethodListRowStatus   RowStatus
        }

fsAuthorMethodListType OBJECT-TYPE
        SYNTAX      INTEGER {
                    exec(1),      -- for starting an exec (shell).
                    command(2),   -- for exec (shell) commands.
                    network(3)    -- for network services.
                    }
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The variable denotes the authorization method-list used by 
            the managed device with the AAA user corresponding to this entry
            in the table."
       ::= { fsAuthorMethodListEntry 1 }

fsAuthorMethodListName OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (1..63))
       MAX-ACCESS   read-only
       STATUS       current
       DESCRIPTION
           "A human readable string representing the name of authorization
            method-list."
       ::= { fsAuthorMethodListEntry 2 }

fsAuthorMethodListCmdLevel OBJECT-TYPE
       SYNTAX       INTEGER (0..15)
       MAX-ACCESS   read-only
       STATUS       current
       DESCRIPTION
           "The variable denotes the command level when the value of 
           fsAuthorMethodListType is command(2). Otherwise, the value
           must be zero."
       ::= { fsAuthorMethodListEntry 3 }

fsAuthorMethodListString OBJECT-TYPE 
       SYNTAX       DisplayString (SIZE (1..255))
       MAX-ACCESS   read-create 
       STATUS       current 
       DESCRIPTION 
           "A human readable string representing the corresponding
            value of of authentication method-list. 
            ie: group radius group tacacs+ none
            " 
       ::= { fsAuthorMethodListEntry 4 } 

fsAuthorMethodListRowStatus OBJECT-TYPE
       SYNTAX       RowStatus
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The status of this table entry.  Once the entry status is
           set to active, the associated entry cannot be modified except
           destroyed by setting this object to destroy(6)."
       ::= { fsAuthorMethodListEntry 5 }

--     
-- Accounting configurations parameters.
--
--     
-- fsAuthorMethodListTable
--        
fsAcctMethodListTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF FSAcctMethodListEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This table shows current configurations for each accounting
            method-list, allows existing method-lists to be removed and new
            ones to be created."
        ::= { fsAcctConfigObjects 1 }

fsAcctMethodListEntry OBJECT-TYPE
        SYNTAX      FSAcctMethodListEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "The table of accounting method-list configuration identified
            by its type and its name."
        INDEX { fsAcctMethodListType,
                fsAcctMethodListName,
                fsAcctMethodListCmdLevel }
        ::= { fsAcctMethodListTable 1}

FSAcctMethodListEntry ::=
        SEQUENCE {
            fsAcctMethodListType        INTEGER,
            fsAcctMethodListName        DisplayString,
            fsAcctMethodListMode        INTEGER,
            fsAcctMethodListCmdLevel    INTEGER,        
            fsAcctMethodListString      DisplayString,
            fsAcctMethodListRowStatus   RowStatus
        }

fsAcctMethodListType OBJECT-TYPE
        SYNTAX      INTEGER {
                    exec(1),      -- for starting an exec (shell).
                    command(2),   -- for exec (shell) commands.
                    network(3)    -- for network services.
                    }
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The variable denotes the accounting method-list used by 
            the managed device with the AAA user corresponding to this entry
            in the table."
       ::= { fsAcctMethodListEntry 1 }

fsAcctMethodListName OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (1..63))
       MAX-ACCESS   read-only
       STATUS       current
       DESCRIPTION
           "A human readable string representing the name of accounting
            method-list."
       ::= { fsAcctMethodListEntry 2 }

fsAcctMethodListMode OBJECT-TYPE
        SYNTAX      INTEGER {
                    start-stop(1),   -- record start and stop without waiting.
                    stop-only(2)     -- record stop when service terminates.
                    }
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "Set record start and stop without waiting or record stop when 
           service terminates."
       ::= { fsAcctMethodListEntry 3 }

fsAcctMethodListCmdLevel OBJECT-TYPE
       SYNTAX       INTEGER (0..15)
       MAX-ACCESS   read-only
       STATUS       current
       DESCRIPTION
           "The variable denotes the command level when the value of 
           fsAcctMethodListType is command(2). Otherwise, the value
           must be zero."
       ::= { fsAcctMethodListEntry 4 }

fsAcctMethodListString OBJECT-TYPE 
       SYNTAX       DisplayString (SIZE (1..255))
       MAX-ACCESS   read-create 
       STATUS       current 
       DESCRIPTION 
           "A human readable string representing the corresponding
            value of of authentication method-list. 
            ie: group radius group tacacs+ none
            " 
       ::= { fsAcctMethodListEntry 5 } 

fsAcctMethodListRowStatus OBJECT-TYPE
       SYNTAX       RowStatus
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The status of this table entry.  Once the entry status is
           set to active, the associated entry cannot be modified except
           destroyed by setting this object to destroy(6)."
       ::= { fsAcctMethodListEntry 6 }


--     
-- fsAAAServerGroupTable
--        
fsAAARadiusGroupTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF FSAAARadiusGroupEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This table shows current group configurations for each
            RADIUS server group, allows existing groups to be removed
            and new ones to be created."
        ::= { fsAAAServerObjects 10 }

fsAAARadiusGroupEntry OBJECT-TYPE
        SYNTAX      FSAAARadiusGroupEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "The table of RADIUS server group configuration identified
            by its protocol and its name."
        INDEX { fsAAARadiusGroupName }
        ::= { fsAAARadiusGroupTable 1}

FSAAARadiusGroupEntry ::=
        SEQUENCE {
            fsAAARadiusGroupName            DisplayString,
            fsAAARadiusGroupVrf             DisplayString,
            fsAAARadiusGroupRowStatus       RowStatus
        }

fsAAARadiusGroupName OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (1..63))
       MAX-ACCESS   read-only
       STATUS       current
       DESCRIPTION
           "A human readable string representing the name of RADIUS server
            group."
       ::= { fsAAARadiusGroupEntry 1 }

fsAAARadiusGroupVrf OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (0..31))
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The VPN Routing Forwarding to use with the servers."
       DEFVAL { "" }
       ::= { fsAAARadiusGroupEntry 2 }

fsAAARadiusGroupRowStatus OBJECT-TYPE
       SYNTAX       RowStatus
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The status of this table entry.  Once the entry status is
           set to active, the associated entry cannot be modified except
           destroyed by setting this object to destroy(6)."
       ::= { fsAAARadiusGroupEntry 3 }

--     
-- fsAAARadiusGroupServerTable
--        
fsAAARadiusGroupServerTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF FSAAARadiusGroupServerEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This table shows current configurations for each
            AAA server, allows existing servers to be removed
            and new ones to be created."
        ::= { fsAAAServerObjects 11 }

fsAAARadiusGroupServerEntry OBJECT-TYPE
        SYNTAX      FSAAARadiusGroupServerEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "The table of AAA server configuration identified by its 
            protocol and its index."
        INDEX { fsAAARadiusGroupName,
                fsAAARadiusGroupServerIndex }
        ::= { fsAAARadiusGroupServerTable 1}

FSAAARadiusGroupServerEntry ::=
        SEQUENCE {
            fsAAARadiusGroupServerIndex           Unsigned32,
            fsAAARadiusGroupServerAddressType     InetAddressType,
            fsAAARadiusGroupServerAddress         InetAddress,
            fsAAARadiusGroupServerAuthPort        INTEGER,
            fsAAARadiusGroupServerAcctPort        INTEGER,
            fsAAARadiusGroupServerRowStatus       RowStatus
        }

fsAAARadiusGroupServerIndex OBJECT-TYPE
       SYNTAX       Unsigned32 (1..4294967295)
       MAX-ACCESS   not-accessible
       STATUS       current
       DESCRIPTION
           "A number uniquely identifying each RADIUS server. If the
           fsAAARadiusGroupServerIndex value for row creation is already
           in use by an existing entry, snmp set to the 
           fsAAARadiusGroupServerIndex value will fail.
           Upon reload, casIndex values may be changed."
       ::= { fsAAARadiusGroupServerEntry 1 }

fsAAARadiusGroupServerAddressType OBJECT-TYPE 
       SYNTAX       InetAddressType 
       MAX-ACCESS   read-create 
       STATUS       current 
       DESCRIPTION 
           "The type of address format used for the 
           fsAAARadiusGroupServerAddress object." 
       ::= { fsAAARadiusGroupServerEntry 2 } 

fsAAARadiusGroupServerAddress OBJECT-TYPE 
       SYNTAX       InetAddress 
       MAX-ACCESS   read-create 
       STATUS       current 
       DESCRIPTION 
             "The IP address of the RADIUS server." 
       ::= { fsAAARadiusGroupServerEntry 3 } 

fsAAARadiusGroupServerAuthPort OBJECT-TYPE
       SYNTAX      INTEGER (0..65535)
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION
             "UDP port used for authentication in the RADIUS server."
       DEFVAL { 1812 }          
       ::= { fsAAARadiusGroupServerEntry 4 }

fsAAARadiusGroupServerAcctPort OBJECT-TYPE
       SYNTAX       INTEGER (0..65535)
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
             "UDP port used for accounting service in the RADIUS server."
       DEFVAL { 1813 }          
       ::= { fsAAARadiusGroupServerEntry 5 }

fsAAARadiusGroupServerRowStatus OBJECT-TYPE
       SYNTAX       RowStatus
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The status of this table entry.  Once the entry status is
           set to active, the associated entry cannot be modified except
           destroyed by setting this object to destroy(6)."
       ::= { fsAAARadiusGroupServerEntry 6 }

fsAAAServerTotalOnlineCount OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "All RADIUS Access-Accept packets received."
        DEFVAL { 0 }
        ::= { fsAAAServerObjects 12 }
        
fsAAAServerAbnormalOffline OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The number of offline users with abnormal terminate-cause."
        DEFVAL { 0 }
        ::= { fsAAAServerObjects 13 }

fsAAAServerRadiusAuthReqCount OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The number of radius authention request send from device."
        DEFVAL { 0 }
        ::= { fsAAAServerObjects 14 }

fsAAAServerRadiusAuthRespCount OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The number of radius authen response send from server."
        DEFVAL { 0 }
        ::= { fsAAAServerObjects 15 }

fsAAAServerRadiusAuthSuccessCount OBJECT-TYPE
        SYNTAX      Counter32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The number of radius authen success response send from server."
        DEFVAL { 0 }
        ::= { fsAAAServerObjects 16 }     

fsAAAServerCurrOnlineUserCount OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The number of user online."
        DEFVAL { 0 }
        ::= { fsAAAServerObjects 17 }
        
--     
-- fsAAAMasterAuthenServerConfigTable
--        
fsAAAMasterAuthenServerConfigTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF FSAAAMasterAuthenServerConfigEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This table shows current configurations for 
            AAA Master authentication server, allows existing servers to be removed
            and new ones to be created."
        ::= { fsAAAServerObjects 18 }

fsAAAMasterAuthenServerConfigEntry OBJECT-TYPE
        SYNTAX      FSAAAMasterAuthenServerConfigEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
             "The table of AAA Master authentication server configuration identified by its group name and its index."
        INDEX { fsAAAMasterAuthenServerConfigGrpName,
                fsAAAMasterAuthenServerConfigSrvIndex}
        ::= { fsAAAMasterAuthenServerConfigTable 1}

FSAAAMasterAuthenServerConfigEntry ::=
        SEQUENCE {
            fsAAAMasterAuthenServerConfigGrpName         DisplayString,
            fsAAAMasterAuthenServerConfigSrvIndex        Unsigned32,
            fsAAAMasterAuthenServerConfigAddress         IpAddress,
            fsAAAMasterAuthenServerConfigAuthPort        INTEGER,
            fsAAAMasterAuthenServerConfigAcctPort        INTEGER,
            fsAAAMasterAuthenServerConfigKeyStr          DisplayString,
            fsAAAMasterAuthenServerConfigRowStatus       RowStatus
        }

fsAAAMasterAuthenServerConfigGrpName OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (1..63))
       MAX-ACCESS   not-accessible
       STATUS       current
       DESCRIPTION
            "The variable denotes the group name it belong to."
       ::= { fsAAAMasterAuthenServerConfigEntry 1 }

fsAAAMasterAuthenServerConfigSrvIndex OBJECT-TYPE
       SYNTAX       Unsigned32 (1..4294967295)
       MAX-ACCESS   not-accessible
       STATUS       current
       DESCRIPTION
           "A number uniquely identifying each server. 
           If the fsAAAMasterAuthenServerConfigSrvIndex value for row creation is 
           already in use by an existing entry, snmp set to the
           fsAAAMasterAuthenServerConfigSrvIndex value will fail.
           Upon reload, casIndex values may be changed."
       ::= { fsAAAMasterAuthenServerConfigEntry 2 }
       
fsAAAMasterAuthenServerConfigAddress OBJECT-TYPE 
       SYNTAX       IpAddress 
       MAX-ACCESS   read-create 
       STATUS       current 
       DESCRIPTION 
             "The IP address of the server." 
       ::= { fsAAAMasterAuthenServerConfigEntry 3 } 

fsAAAMasterAuthenServerConfigAuthPort OBJECT-TYPE
       SYNTAX      INTEGER (0..65535)
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION
             "UDP/TCP port used for authentication in the server.
             For RADIUS, default value is 1812."
       ::= { fsAAAMasterAuthenServerConfigEntry 4 }

fsAAAMasterAuthenServerConfigAcctPort OBJECT-TYPE
       SYNTAX       INTEGER (0..65535)
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
             "UDP/TCP port used for accounting service in the server.
             For RADIUS, default value is 1813."
       ::= { fsAAAMasterAuthenServerConfigEntry 5 }

fsAAAMasterAuthenServerConfigKeyStr OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (0..255))
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The server key to be used with this server.
           Retrieving the value of this object via SNMP will return an
           empty string for security reasons."
       DEFVAL { "" }
       ::= { fsAAAMasterAuthenServerConfigEntry 6 }

fsAAAMasterAuthenServerConfigRowStatus OBJECT-TYPE
       SYNTAX       RowStatus
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The status of this table entry.  Once the entry status is
           set to active, the associated entry cannot be modified except
           destroyed by setting this object to destroy(6)."
       ::= { fsAAAMasterAuthenServerConfigEntry 7 }

--     
-- fsAAABackAuthenServerConfigTable
--        
fsAAABackAuthenServerConfigTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF FSAAABackAuthenServerConfigEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This table shows current configurations for 
            AAA Back Authentication server, allows existing servers to be removed
            and new ones to be created."
        ::= { fsAAAServerObjects 19 }

fsAAABackAuthenServerConfigEntry OBJECT-TYPE
        SYNTAX      FSAAABackAuthenServerConfigEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "The table of AAA Back Authentication server configuration identified by its group name and its index."
        INDEX { fsAAABackAuthenServerConfigGrpName,
                fsAAABackAuthenServerConfigSrvIndex }
        ::= { fsAAABackAuthenServerConfigTable 1}

FSAAABackAuthenServerConfigEntry ::=
        SEQUENCE {
            fsAAABackAuthenServerConfigGrpName         DisplayString,
            fsAAABackAuthenServerConfigSrvIndex        Unsigned32,
            fsAAABackAuthenServerConfigAddress         IpAddress,
            fsAAABackAuthenServerConfigAuthPort        INTEGER,
            fsAAABackAuthenServerConfigAcctPort        INTEGER,
            fsAAABackAuthenServerConfigKeyStr          DisplayString,
            fsAAABackAuthenServerConfigRowStatus       RowStatus
        }

fsAAABackAuthenServerConfigGrpName OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (1..63))
       MAX-ACCESS   not-accessible
       STATUS       current
       DESCRIPTION
            "The variable denotes the group name the server belong to."
       ::= { fsAAABackAuthenServerConfigEntry 1 }

fsAAABackAuthenServerConfigSrvIndex OBJECT-TYPE
       SYNTAX       Unsigned32 (1..4294967295)
       MAX-ACCESS   not-accessible
       STATUS       current
       DESCRIPTION
           "A number uniquely identifying each server. 
           If the fsAAABackAuthenServerConfigSrvIndex value for row creation is 
           already in use by an existing entry, snmp set to the
           fsAAABackAuthenServerConfigSrvIndex value will fail.
           Upon reload, casIndex values may be changed."
       ::= { fsAAABackAuthenServerConfigEntry 2 }
       
fsAAABackAuthenServerConfigAddress OBJECT-TYPE 
       SYNTAX       IpAddress 
       MAX-ACCESS   read-create 
       STATUS       current 
       DESCRIPTION 
             "The IP address of the server." 
       ::= { fsAAABackAuthenServerConfigEntry 3 } 

fsAAABackAuthenServerConfigAuthPort OBJECT-TYPE
       SYNTAX      INTEGER (0..65535)
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION
             "UDP/TCP port used for authentication in the server.
             For RADIUS, default value is 1812."
       ::= { fsAAABackAuthenServerConfigEntry 4 }

fsAAABackAuthenServerConfigAcctPort OBJECT-TYPE
       SYNTAX       INTEGER (0..65535)
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
             "UDP/TCP port used for accounting service in the server.
             For RADIUS, default value is 1813."
       ::= { fsAAABackAuthenServerConfigEntry 5 }

fsAAABackAuthenServerConfigKeyStr OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (0..255))
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The server key to be used with this server.
           Retrieving the value of this object via SNMP will return an
           empty string for security reasons."
       DEFVAL { "" }
       ::= { fsAAABackAuthenServerConfigEntry 6 }

fsAAABackAuthenServerConfigRowStatus OBJECT-TYPE
       SYNTAX       RowStatus
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The status of this table entry.  Once the entry status is
           set to active, the associated entry cannot be modified except
           destroyed by setting this object to destroy(6)."
       ::= { fsAAABackAuthenServerConfigEntry 7 }

--     
-- fsAAAMasterAcctServerConfigTable
--        
fsAAAMasterAcctServerConfigTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF FSAAAMasterAcctServerConfigEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This table shows current configurations for 
            AAA Master Accounting server, allows existing servers to be removed
            and new ones to be created."
        ::= { fsAAAServerObjects 20 }

fsAAAMasterAcctServerConfigEntry OBJECT-TYPE
        SYNTAX      FSAAAMasterAcctServerConfigEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "The table of AAA Master Accounting server configuration identified by its 
            group name and its index."
        INDEX { fsAAAMasterAcctServerConfigGrpName, 
                fsAAAMasterAcctServerConfigSrvIndex}
        ::= { fsAAAMasterAcctServerConfigTable 1}

FSAAAMasterAcctServerConfigEntry ::=
        SEQUENCE {
            fsAAAMasterAcctServerConfigGrpName         DisplayString,
            fsAAAMasterAcctServerConfigSrvIndex        Unsigned32,
            fsAAAMasterAcctServerConfigAddress         IpAddress,
            fsAAAMasterAcctServerConfigAuthPort        INTEGER,
            fsAAAMasterAcctServerConfigAcctPort        INTEGER,
            fsAAAMasterAcctServerConfigKeyStr          DisplayString,
            fsAAAMasterAcctServerConfigRowStatus       RowStatus
        }

fsAAAMasterAcctServerConfigGrpName OBJECT-TYPE
        SYNTAX       DisplayString (SIZE (1..63))
        MAX-ACCESS   not-accessible
        STATUS       current
        DESCRIPTION
            "The variable denotes the group name it belong to.."
            ::= { fsAAAMasterAcctServerConfigEntry 1 }
            
fsAAAMasterAcctServerConfigSrvIndex OBJECT-TYPE
       SYNTAX       Unsigned32 (1..4294967295)
       MAX-ACCESS   not-accessible
       STATUS       current
       DESCRIPTION
           "A number uniquely identifying each server. 
           If the fsAAAMasterAcctServerConfigSrvIndex value for row creation is 
           already in use by an existing entry, snmp set to the
           fsAAAMasterAcctServerConfigSrvIndex value will fail.
           Upon reload, casIndex values may be changed."
       ::= { fsAAAMasterAcctServerConfigEntry 2 }

fsAAAMasterAcctServerConfigAddress OBJECT-TYPE 
       SYNTAX       IpAddress 
       MAX-ACCESS   read-create 
       STATUS       current 
       DESCRIPTION 
             "The IP address of the server." 
       ::= { fsAAAMasterAcctServerConfigEntry 3 } 

fsAAAMasterAcctServerConfigAuthPort OBJECT-TYPE
       SYNTAX      INTEGER (0..65535)
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION
             "UDP/TCP port used for authentication in the server.
             For RADIUS, default value is 1812."
       ::= { fsAAAMasterAcctServerConfigEntry 4 }

fsAAAMasterAcctServerConfigAcctPort OBJECT-TYPE
       SYNTAX       INTEGER (0..65535)
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
             "UDP/TCP port used for accounting service in the server.
             For RADIUS, default value is 1813."
       ::= { fsAAAMasterAcctServerConfigEntry 5 }

fsAAAMasterAcctServerConfigKeyStr OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (0..255))
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The server key to be used with this server.
           Retrieving the value of this object via SNMP will return an
           empty string for security reasons."
       DEFVAL { "" }
       ::= { fsAAAMasterAcctServerConfigEntry 6 }

fsAAAMasterAcctServerConfigRowStatus OBJECT-TYPE
       SYNTAX       RowStatus
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The status of this table entry.  Once the entry status is
           set to active, the associated entry cannot be modified except
           destroyed by setting this object to destroy(6)."
       ::= { fsAAAMasterAcctServerConfigEntry 7 }

--     
-- fsAAABackAcctServerConfigTable
--        
fsAAABackAcctServerConfigTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF FSAAABackAcctServerConfigEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This table shows current configurations for 
            AAA Back Accounting server, allows existing servers to be removed
            and new ones to be created."
        ::= { fsAAAServerObjects 21 }

fsAAABackAcctServerConfigEntry OBJECT-TYPE
        SYNTAX      FSAAABackAcctServerConfigEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "The table of AAA Back Accounting server configuration identified by its 
            group name and its index."
        INDEX { fsAAABackAcctServerConfigGrpName,
                fsAAABackAcctServerConfigSrvIndex }
        ::= { fsAAABackAcctServerConfigTable 1}

FSAAABackAcctServerConfigEntry ::=
        SEQUENCE {
            fsAAABackAcctServerConfigGrpName         DisplayString,
            fsAAABackAcctServerConfigSrvIndex        Unsigned32,
            fsAAABackAcctServerConfigAddress         IpAddress,
            fsAAABackAcctServerConfigAuthPort        INTEGER,
            fsAAABackAcctServerConfigAcctPort        INTEGER,
            fsAAABackAcctServerConfigKeyStr          DisplayString,
            fsAAABackAcctServerConfigRowStatus       RowStatus
        }

fsAAABackAcctServerConfigGrpName OBJECT-TYPE
        SYNTAX       DisplayString (SIZE (1..63))
        MAX-ACCESS   not-accessible
        STATUS       current
        DESCRIPTION
            "The variable denotes the group name the server belong to."
        ::= { fsAAABackAcctServerConfigEntry 1 }

fsAAABackAcctServerConfigSrvIndex OBJECT-TYPE
       SYNTAX       Unsigned32 (1..4294967295)
       MAX-ACCESS   not-accessible
       STATUS       current
       DESCRIPTION
           "A number uniquely identifying each server. 
           If the fsAAABackAcctServerConfigSrvIndex value for row creation is 
           already in use by an existing entry, snmp set to the
           fsAAABackAcctServerConfigSrvIndex value will fail.
           Upon reload, casIndex values may be changed."
       ::= { fsAAABackAcctServerConfigEntry 2 }

fsAAABackAcctServerConfigAddress OBJECT-TYPE 
       SYNTAX       IpAddress 
       MAX-ACCESS   read-create 
       STATUS       current 
       DESCRIPTION 
             "The IP address of the server." 
       ::= { fsAAABackAcctServerConfigEntry 3 } 

fsAAABackAcctServerConfigAuthPort OBJECT-TYPE
       SYNTAX      INTEGER (0..65535)
       MAX-ACCESS  read-create
       STATUS      current
       DESCRIPTION
             "UDP/TCP port used for authentication in the server.
             For RADIUS, default value is 1812."
       ::= { fsAAABackAcctServerConfigEntry 4 }

fsAAABackAcctServerConfigAcctPort OBJECT-TYPE
       SYNTAX       INTEGER (0..65535)
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
             "UDP/TCP port used for accounting service in the server.
             For RADIUS, default value is 1813."
       ::= { fsAAABackAcctServerConfigEntry 5 }

fsAAABackAcctServerConfigKeyStr OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (0..255))
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The server key to be used with this server.
           Retrieving the value of this object via SNMP will return an
           empty string for security reasons."
       DEFVAL { "" }
       ::= { fsAAABackAcctServerConfigEntry 6 }

fsAAABackAcctServerConfigRowStatus OBJECT-TYPE
       SYNTAX       RowStatus
       MAX-ACCESS   read-create
       STATUS       current
       DESCRIPTION
           "The status of this table entry.  Once the entry status is
           set to active, the associated entry cannot be modified except
           destroyed by setting this object to destroy(6)."
       ::= { fsAAABackAcctServerConfigEntry 7 } 
       
fsAAAServerTotalAuthUserCount OBJECT-TYPE
        SYNTAX      Unsigned32 (0..4294967295)
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The total number of users who send authentication request."
        DEFVAL { 0 }
        ::= { fsAAAServerObjects 22 }  
        
 fsAAAServerAuthSuccUserCount OBJECT-TYPE
        SYNTAX      Unsigned32 (0..4294967295)
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The number of users who pass authentication."
        DEFVAL { 0 }
        ::= { fsAAAServerObjects 23 }

fsAAAServerDot1xOnlineUserCount OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The number of dot1x user online."
        DEFVAL { 0 }
        ::= { fsAAAServerObjects 24 }

fsAAAServerMacOnlineUserCount OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The number of mac user online."
        DEFVAL { 0 }
        ::= { fsAAAServerObjects 25 }

fsAAAServerWebOnlineUserCount OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The number of web user online."
        DEFVAL { 0 }
        ::= { fsAAAServerObjects 26 }

fsAAAServerTatalOnlineUserCount OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-only
        STATUS      current
        DESCRIPTION
            "The tatal number of user online."
        DEFVAL { 0 }
        ::= { fsAAAServerObjects 27 }

--
-- fsAAAServerIfOnlineUserTable
--
fsAAAServerIfOnlineUserTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF FSAAAServerIfOnlineUserEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "This table shows current dot1x mac and web user online on 
            the interface." 
        ::= { fsAAAServerObjects 28 } 

fsAAAServerIfOnlineUserEntry OBJECT-TYPE
        SYNTAX      FSAAAServerIfOnlineUserEntry
        MAX-ACCESS  not-accessible
        STATUS      current
        DESCRIPTION
            "The table of AAA Server If Online User identified by if 
            index."
        INDEX { fsAAAServerIfOnlineUserIfIndex}
        ::= { fsAAAServerIfOnlineUserTable 1 }
FSAAAServerIfOnlineUserEntry ::=
        SEQUENCE {
            fsAAAServerIfOnlineUserIfIndex                Unsigned32,
            fsAAAServerIfOnlineUserDot1xCount             Unsigned32,
            fsAAAServerIfOnlineUserWebCount               Unsigned32,
            fsAAAServerIfOnlineUserMacCount               Unsigned32,
            fsAAAServerIfOnlineUserTotalCount             Unsigned32
        }

fsAAAServerIfOnlineUserIfIndex OBJECT-TYPE
        SYNTAX       Unsigned32 (1..4294967295)
        MAX-ACCESS   not-accessible
        STATUS       current
        DESCRIPTION
            "The variable denotes the interface index the user on."
        ::= { fsAAAServerIfOnlineUserEntry 1 }

fsAAAServerIfOnlineUserDot1xCount OBJECT-TYPE
        SYNTAX       Unsigned32 (1..4294967295)
        MAX-ACCESS   read-only
        STATUS       current
        DESCRIPTION
            "Dot1x user online count on this interface."
        ::= { fsAAAServerIfOnlineUserEntry 2 }

fsAAAServerIfOnlineUserWebCount OBJECT-TYPE
        SYNTAX       Unsigned32 (1..4294967295)
        MAX-ACCESS   read-only
        STATUS       current
        DESCRIPTION
            "Web user online count on this interface."
        ::= { fsAAAServerIfOnlineUserEntry 3 }

fsAAAServerIfOnlineUserMacCount OBJECT-TYPE
        SYNTAX       Unsigned32 (1..4294967295)
        MAX-ACCESS   read-only
        STATUS       current
        DESCRIPTION
            "Mac user online count on this interface."
        ::= { fsAAAServerIfOnlineUserEntry 4 }

fsAAAServerIfOnlineUserTotalCount OBJECT-TYPE
        SYNTAX       Unsigned32 (1..4294967295)
        MAX-ACCESS   read-only
        STATUS       current
        DESCRIPTION
            "Web mac and 1x total online count on this interface."
        ::= { fsAAAServerIfOnlineUserEntry 5 }

--     
-- AAA user apply parameters.
--
fsAAAUserApplyObjects  OBJECT IDENTIFIER ::=  { fsAAAMIBObjects 7 }
fsAAADo1xApplyObjects  OBJECT IDENTIFIER ::=  { fsAAAUserApplyObjects 1 }

--     
-- AAA dot1x apply settings.
--
fsDot1xAuthenMethodList OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (1..63))
       MAX-ACCESS   read-write
       STATUS       current
       DESCRIPTION
           "A human readable string representing the name of 802.1x
           authentication method-list."
       DEFVAL { "" }
       ::= { fsAAADo1xApplyObjects 1 }

fsDot1xAuthorMethodList OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (1..63))
       MAX-ACCESS   read-write
       STATUS       current
       DESCRIPTION
           "A human readable string representing the name of 802.1x
           authorization method-list."
       DEFVAL { "" }
       ::= { fsAAADo1xApplyObjects 2 } 

fsDot1xAcctMethodList OBJECT-TYPE
       SYNTAX       DisplayString (SIZE (1..63))
       MAX-ACCESS   read-write
       STATUS       current
       DESCRIPTION
           "A human readable string representing the name of 802.1x
           accounting method-list."
       DEFVAL { "" }
       ::= { fsAAADo1xApplyObjects 3 } 

---
---AS Server IP configure 
---

fsRdASObjects OBJECT IDENTIFIER ::=  { fsAAAMIBObjects 8 }

fsRdASipInetAddreType OBJECT-TYPE
        SYNTAX InetAddressType
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The type of address format used for the 
             fsRdASipInetAddreType object." 
        ::= { fsRdASObjects 1 }   

fsRdASipInsetAddres OBJECT-TYPE
        SYNTAX InetAddress
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            "The IP address of the AS server." 
        ::= { fsRdASObjects 2 }   


---
---Radius Auth and Acc Traps
---
-- All trap definitions should be placed under this object.
fsRadiusServerTrap OBJECT IDENTIFIER ::= { fsAAAMIB 0 }

fsRadiusAuthServerDownTrap NOTIFICATION-TYPE
   OBJECTS { 
            radiusAuthServerAddress,
          radiusAuthClientServerPortNumber }
   STATUS      current
   DESCRIPTION
        "This trap is generated when the Authentication Radius server
       doesn't respond client's requests for specified times."
   ::= { fsRadiusServerTrap 1 }

fsRadiusAccServerDownTrap NOTIFICATION-TYPE
   OBJECTS { 
            radiusAccServerAddress,
        radiusAccClientServerPortNumber }
   STATUS      current
   DESCRIPTION
        "This trap is generated when the Accounting Radius server
         doesn't respond client's requests for specified times."
   ::= { fsRadiusServerTrap 2 }

fsRadiusAuthServerRecoverTrap NOTIFICATION-TYPE
   OBJECTS { 
            radiusAuthServerAddress,
          radiusAuthClientServerPortNumber }
   STATUS      current
   DESCRIPTION
        "This trap is generated when the Authentication Radius server
       recover from the down status."
   ::= { fsRadiusServerTrap 3 }

fsRadiusAccServerRecoverTrap NOTIFICATION-TYPE
   OBJECTS { 
            radiusAccServerAddress,
        radiusAccClientServerPortNumber }
   STATUS      current
   DESCRIPTION
        "This trap is generated when the Accounting Radius server
         recover from the down status."
   ::= { fsRadiusServerTrap 4 }

fsAAAMIBConformance OBJECT IDENTIFIER ::= { fsAAAMIB 2 }
fsAAAMIBCompliances OBJECT IDENTIFIER ::= { fsAAAMIBConformance 1 }
fsAAAMIBGroups      OBJECT IDENTIFIER ::= { fsAAAMIBConformance 2 }


-- compliance statements

fsAAAMIBCompliance MODULE-COMPLIANCE
        STATUS  current
        DESCRIPTION
                "The compliance statement for entities which implement
                the FS AAA MIB"
        MODULE  -- this module
                MANDATORY-GROUPS { 
                        fsDot1xAuthMIBGroup,
                        fsAAAServerMIBGroup,
                        fsAuthAddrMIBGroup,
                        fsAuthModeMIBGroup,
                        fsAAAConfigMIBGroup,
                        fsAAAUserApplyMIBGroup,
                        fsRdASGroup
                 }
                 GROUP      fsClientProbeGroup
                 DESCRIPTION
                     "This group is mandatory only for those system which support client 
                      probe function."          
 
         ::= { fsAAAMIBCompliances 1 }
                
-- units of conformance

fsDot1xAuthMIBGroup OBJECT-GROUP
        OBJECTS {
           fsDot1xAuthStatus,
           fsDot1xAuthObjectsQuietPeriod,
           fsDot1xAuthObjectsTxPeriod,
           fsDot1xAuthObjectsSuppTimeout,
           fsDot1xAuthObjectsServerTimeout,
           fsDot1xAuthObjectsMaxReq,
           fsDot1xAuthObjectsReAuthPeriod,
           fsDot1xAuthObjectsReAuthEnable,
           fsDot1xAuthObjectsConfigFdbId,
           fsDot1xAuthObjectsConfigAddr,
           fsDot1xAuthObjectsPaeState,
           fsDot1xAuthObjectsBackendAuthState,
           fsDot1xAuthObjectsAuthControlledPortStatus,
           fsDot1xAuthObjectsKeyTxEnabled,           
           fsDot1xAuthObjectsIfIndex, 
           fsDot1xAuthObjectsStatsFdbId,
           fsDot1xAuthObjectsStatsAddr,
           fsDot1xAuthObjectsEapolFramesRx,
           fsDot1xAuthObjectsEapolFramesTx,
           fsDot1xAuthObjectsEapolFSFramesRx,
           fsDot1xAuthObjectsEapolLogoffFramesRx,
           fsDot1xAuthObjectsEapolRespIdFramesRx,
           fsDot1xAuthObjectsEapolRespFramesRx,
           fsDot1xAuthObjectsEapolReqIdFramesTx,
           fsDot1xAuthObjectsEapolReqFramesTx,
           fsDot1xAuthObjectsInvalidEapolFramesRx,
           fsDot1xAuthObjectsEapLengthErrorFramesRx,
           fsDot1xAuthObjectsLastEapolFrameVersion,
           fsDot1xAuthObjectsLastEapolFrameSource,
           fsDot1xCurrentUserNumber,
           fsDot1xCurrentAuthenticatedUserNumber,
           fsDot1xAuthObjectsMaxReauth,
           fsAuthIf,           
           fsAuthIfStatus,
           fsAuthenticationMode,
           fsDot1xPseudoSrcmac,
           fsDot1xAbnormalOfflineUserCount,
           fsDot1xTotalAuthUserCount,
           fsDot1xAuthSuccUserCount,
           fsDot1xAuthFailUserCount
        }
        STATUS  current
        DESCRIPTION
                "A collection of objects providing dot1x  authentication managment."
        ::= { fsAAAMIBGroups 1 }

        
fsAAAServerMIBGroup OBJECT-GROUP
        OBJECTS {
           fsAAAServerAuthPort,
           fsAAAServerAcctPort,
           fsAAAServerRadiusKeyStr,
           fsAAAServerTacplusKeyStr,
           fsAAAServerConfigAddressType,
           fsAAAServerConfigAddress,
           fsAAAServerConfigAuthPort,
           fsAAAServerConfigAcctPort,
           fsAAAServerConfigKeyStr,
           fsAAAServerConfigRowStatus
        }
        STATUS  current
        DESCRIPTION
                "A collection of objects providing AAA server managment."
        ::= { fsAAAMIBGroups 2 }

fsAuthAddrMIBGroup OBJECT-GROUP
        OBJECTS {
            fsAuthMacAddress,
            fsAuthPort,   
            fsAuthAddrStatus,
            fsAuthUserFdbId,
            fsAuthUserMacAddress,            
            fsAuthUserName,
            fsAuthUserSessionId,
            fsAuthUserIpAddr,
            fsAuthUserPort, 
            fsAuthUserStatus
        }
        STATUS  current
        DESCRIPTION
                "A collection of objects providing  address permitted authentication managment."
        ::= { fsAAAMIBGroups 3 } 

fsAuthModeMIBGroup OBJECT-GROUP
        OBJECTS {
                fsIpAuthorizationMode                
        }
        STATUS  current
        DESCRIPTION
                "A collection of objects providing  authentication mode managment."
        ::= { fsAAAMIBGroups 4 }  
        
fsClientProbeGroup OBJECT-GROUP
        OBJECTS {
                fsClientProbeEnabledStatus,
                fsClientProbeHelloInterval,
                fsClientProbeAliveInteval                
                }
        STATUS  current
        DESCRIPTION
                "A collection of objects providing  client probe management."
        ::= { fsAAAMIBGroups 5 }  

fsAAAConfigMIBGroup OBJECT-GROUP
        OBJECTS {
            fsAuthenMethodListType,
            fsAuthenMethodListName,
            fsAuthenMethodListString,
            fsAuthenMethodListRowStatus,
            fsAuthorMethodListType,
            fsAuthorMethodListName,
            fsAuthorMethodListCmdLevel,
            fsAuthorMethodListString,
            fsAuthorMethodListRowStatus,
            fsAcctMethodListType,
            fsAcctMethodListName,
            fsAcctMethodListMode,
            fsAcctMethodListCmdLevel,
            fsAcctMethodListString,
            fsAcctMethodListRowStatus,
            fsAAARadiusGroupName,
            fsAAARadiusGroupVrf,
            fsAAARadiusGroupRowStatus,
            fsAAARadiusGroupServerAddressType,
            fsAAARadiusGroupServerAddress,
            fsAAARadiusGroupServerAuthPort,
            fsAAARadiusGroupServerAcctPort,
            fsAAARadiusGroupServerRowStatus
        }
        STATUS  current
        DESCRIPTION
                "A collection of objects providing AAA configuration managment."
        ::= { fsAAAMIBGroups 6 }
                
fsAAAUserApplyMIBGroup OBJECT-GROUP
        OBJECTS {
            fsDot1xAuthenMethodList,
            fsDot1xAuthorMethodList,
            fsDot1xAcctMethodList
        }
        STATUS  current
        DESCRIPTION
                "A collection of objects providing AAA user apply managment."
        ::= { fsAAAMIBGroups 7 }        

fsRdASGroup OBJECT-GROUP
        OBJECTS {
                fsRdASipInetAddreType,
                fsRdASipInsetAddres              
                }
        STATUS  current
        DESCRIPTION
                "A collection of objects providing Radius AS management."
        ::= { fsAAAMIBGroups 8 }          
                
END
