-- *******************************************************************
-- FS-WLAN-SECURITY-MIB.mib : FS WLAN DHCP MIB
--
-- Oct 2009, luolc
--
-- Copyright (c) 2009 by FS.COM Inc..
-- All rights reserved.
-- *******************************************************************
FS-WLAN-SECURITY-MIB DEFINITIONS ::= BEGIN
    IMPORTS
        MODULE-IDENTITY,
        OBJECT-TYPE,
        Integer32,
        Unsigned32
            FROM SNMPv2-SMI
        TruthValue,
        DisplayString,
        MacAddress,
        RowStatus
            FROM SNMPv2-TC
        MODULE-COMPLIANCE,
        NOTIFICATION-GROUP,
        OBJECT-GROUP
            FROM SNMPv2-CONF
        fsApgWlanId
            FROM FS-AC-MGMT-MIB
        fsMgmt
            FROM FS-SMI;


-- **********************************************
-- * MODULE IDENTITY
-- **********************************************
fsWLANsecurityMIB MODULE-IDENTITY
    LAST-UPDATED    "200910280000Z"
    ORGANIZATION
        "FS.COM Inc.."
    CONTACT-INFO
        "Tel: 400-865-2852
           E-mail: https://www.fs.com/live_chat_service_mail.html "

    DESCRIPTION
       "
       Wlan security software private MIB for FS SNC.
       This is AC device manage MIB.
       "
    REVISION      "200910280000Z"
    DESCRIPTION
       "Initial version of this MIB module."

    ::= { fsMgmt  61 }


-- ***************************************************************************
-- * Major sections
-- ***************************************************************************
fsWLANsecurityMIBObjects OBJECT IDENTIFIER  ::= { fsWLANsecurityMIB 1 }


--***************************************************************************
--* AP agent MIB object
--***************************************************************************

fsAPworkmode OBJECT-TYPE
      SYNTAX  INTEGER { fitap(1), fatap(2) }
      MAX-ACCESS read-write
      STATUS current
      DESCRIPTION
        "This Attribute present AP device work mode ,
        Value 1 means Fit AP , Value 2 means Fat AP."
      DEFVAL { 1 }
      ::= { fsWLANsecurityMIBObjects 1}

--***************************************************************************
--* fsWLANsecurityConfig Table
--***************************************************************************

fsWLANsecurityConfigTable OBJECT-TYPE
    SYNTAX SEQUENCE OF FSWLANsecurityConfigEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
      "FS Private WLAN security MIB"
    ::={ fsWLANsecurityMIBObjects 2 }


fsWLANsecurityConfigEntry  OBJECT-TYPE
    SYNTAX FSWLANsecurityConfigEntry
    MAX-ACCESS not-accessible
    STATUS current
    DESCRIPTION
      "An agent MAY process one or more WLAN security , which is identifed by fsApgWlanId.
      In other words, wlan ID is the index of this MIB table."
    INDEX { fsApgWlanId }
    ::={ fsWLANsecurityConfigTable 1 }


FSWLANsecurityConfigEntry ::=
    SEQUENCE {
        fsWLANsecrymode                 INTEGER,
        fsstaticweplength               INTEGER,
        fs8021xweplength                INTEGER,
        fsWPAenabled                    TruthValue,
        fsWPAPairwisecipher             INTEGER,
        fsWPAakmmode                    INTEGER,
        fsWPApskPassPhrase              DisplayString,
        fsWLANsecry80211i               TruthValue,
        fsWAPIasuIpaddress              Unsigned32,
        fsWAPIcertificateformat         INTEGER,
        fsWAPImsrekeyClientoff          TruthValue,
        fsWAPIimportcertificate         INTEGER,
        fsWAPIcacertificatename         DisplayString,
        fsWAPIlocalcertificatename      DisplayString,
        fsWAPIascertificatename         DisplayString,
        fsRSNenabled                    TruthValue,
        fsRSNPairwisecipher             INTEGER,
        fsRSNakmmode                    INTEGER,
        fsRSNpskPassPhrase              DisplayString,
        fsWEPAuthenAlgorithm            INTEGER,
        fsWLANsecurityStatus            RowStatus,
        fsACauthenMethodsupport         INTEGER,
        fsWLANEAPAuthenSupport          INTEGER
    }

fsWLANsecrymode OBJECT-TYPE
    SYNTAX INTEGER {open(1),staticwep(2), wep8021x(3),wpanone(4),wpapsk(5),wpa8021x(6),tsn(7) }
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "This attribute present wlan security mode. Value 1 means open,
      Value 2 means static-wep,Value 3 means 802.1x-wep,Value 4 means WPA-PSK,
      Value 5 means WPA-802.1x,Value 6 means TSN(Hybrid)"
    ::= { fsWLANsecurityConfigEntry 1}

fsstaticweplength OBJECT-TYPE
    SYNTAX INTEGER  { wep40(1),wep104(2),wep128(3)}
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "Static WEP key length,1 means WEP-40,
      2 means WEP-104, 3 means WEP-128,default is 2."
    DEFVAL { 2 }
    ::= { fsWLANsecurityConfigEntry 2}


fs8021xweplength OBJECT-TYPE
    SYNTAX INTEGER  { wep40(1),wep104(2),wep128(3)}
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "IEEE802.1x WEP key length,1 means WEP-40,
      2 means WEP-104, 3 means WEP-128,default is 2."
    DEFVAL { 2 }
    ::= { fsWLANsecurityConfigEntry 3}

fsWPAenabled OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "Does this WLAN open WPA1 (it is not RSNA) support. "
    DEFVAL { false }
    ::= { fsWLANsecurityConfigEntry 4}


fsWPAPairwisecipher OBJECT-TYPE
    SYNTAX INTEGER { tkip(1),aes(2), tkiporaes(3) }
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "WPA1 cipher mode default is TKIP(1)."
    DEFVAL { 1 }
    ::= { fsWLANsecurityConfigEntry 5}


fsWPAakmmode OBJECT-TYPE
    SYNTAX INTEGER { ieee8021x(1), psk(2), pskor8021x(3) }
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "WPA1 AKM mode ,default is 802.1x."
    DEFVAL { 1 }
    ::= { fsWLANsecurityConfigEntry 6}


fsWPApskPassPhrase OBJECT-TYPE
    SYNTAX DisplayString
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "WPA1 PSK password ,it is write-only.
      Any try to read it return FAIL."
    ::= { fsWLANsecurityConfigEntry 7 }


fsWLANsecry80211i  OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "IEEE802.11i or WAPI security mode.
       true means IEEE802.11i, false means WAPI."
    DEFVAL { true}
    ::= { fsWLANsecurityConfigEntry 8 }


fsWAPIasuIpaddress OBJECT-TYPE
    SYNTAX Unsigned32 (1..4294967295)
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "WAPI ASU IP address."
    ::= { fsWLANsecurityConfigEntry 9 }


fsWAPIcertificateformat OBJECT-TYPE
    SYNTAX INTEGER { x509v3(1), wapigbw(2) }
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "WAPI certificate format ,1 means x509v3,
        2 means WAPI-GBW. Now we only support x509v3."
    DEFVAL { 1 }
    ::= { fsWLANsecurityConfigEntry 10 }


fsWAPImsrekeyClientoff OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "When one user off line, deos the WAPI sure update group keys,
      default is false."
    DEFVAL { false }
    ::= { fsWLANsecurityConfigEntry 11 }


fsWAPIimportcertificate OBJECT-TYPE
    SYNTAX INTEGER { ca(1),local(2),as(3) }
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "Import WAPI certificate,this is write-only."
    ::= { fsWLANsecurityConfigEntry 12 }


fsWAPIcacertificatename OBJECT-TYPE
    SYNTAX DisplayString
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "WAPI CA certificate file name, default is wapi_ca.cer."
    ::= { fsWLANsecurityConfigEntry 13 }

fsWAPIlocalcertificatename OBJECT-TYPE
    SYNTAX DisplayString
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "WAPI Local certificate file name, default is wapi_local.cer."
    ::= { fsWLANsecurityConfigEntry 14 }

fsWAPIascertificatename OBJECT-TYPE
    SYNTAX DisplayString
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "WAPI ASU certificate file name, default is wapi_as.cer."
    ::= { fsWLANsecurityConfigEntry 15 }

fsRSNenabled OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "RSNA (WPA2) enable or disable"
    ::= { fsWLANsecurityConfigEntry 16 }

fsRSNPairwisecipher OBJECT-TYPE
    SYNTAX INTEGER { tkip(1), aes(2), tkiporaes(3) }
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "WPA2 cipher mode."
    DEFVAL { 2 }
    ::= { fsWLANsecurityConfigEntry 17 }

fsRSNakmmode OBJECT-TYPE
    SYNTAX INTEGER { ieee8021x(1), psk(2), pskor8021x(3) }
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "WPA2 authen key manage mode."
    DEFVAL { 1 }
    ::= { fsWLANsecurityConfigEntry 18 }

fsRSNpskPassPhrase OBJECT-TYPE
    SYNTAX DisplayString
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
      "WPA2 PSK password ,it is write-only.
      Any try to read it return FAIL."
    ::= { fsWLANsecurityConfigEntry 19 }

fsWEPAuthenAlgorithm OBJECT-TYPE
    SYNTAX INTEGER { openSystem(1), sharedKey(2) }
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "authentication algorithms supported by the Authencator.
         The following are the values and the associated algorithm.
         Value = 1: Open System
         Value = 2: Shared Key"
    ::= { fsWLANsecurityConfigEntry 20 }

fsWLANsecurityStatus OBJECT-TYPE
    SYNTAX RowStatus
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "The status column used for creating and
         deleting instances of the columnar objects in the
         default WEP key Table."
    ::= { fsWLANsecurityConfigEntry 21 }

fsACauthenMethodsupport OBJECT-TYPE
    SYNTAX INTEGER
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "authentication method supported by the AC, including the 
        EAP-SIM authentication, WEP authentication, EAP-MD5 
        authentication."
    ::= { fsWLANsecurityConfigEntry 22 }
    
fsWLANEAPAuthenSupport OBJECT-TYPE
    SYNTAX INTEGER
    {
    enableEAPAuthentication(0),
    disableEAPAuthentication(1),
    notSupportingEAPAuthentication(2)
    }
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Whether the current ap or ac enables or diables the EAP authentication."
    ::= { fsWLANsecurityConfigEntry 23 }
--********************************************************************
-- * dot11WEPDefaultKeys TABLE
--********************************************************************

fsWEPDefaultKeysTable OBJECT-TYPE
      SYNTAX SEQUENCE OF FSWEPDefaultKeysEntry
      MAX-ACCESS not-accessible
      STATUS current
      DESCRIPTION
          "Conceptual table for WEP default keys. "
      REFERENCE
          "IEEE Std 802.11-2007, 8.3.2"
      ::= { fsWLANsecurityMIBObjects 3 }

fsWEPDefaultKeysEntry OBJECT-TYPE
      SYNTAX FSWEPDefaultKeysEntry
      MAX-ACCESS not-accessible
      STATUS current
      DESCRIPTION
         "An Entry (conceptual row) in the WEP Default Keys Table."
      INDEX { fsApgWlanId,
              fsWEPDefaultKeyIndex }
      ::= { fsWEPDefaultKeysTable 1 }

FSWEPDefaultKeysEntry ::=
      SEQUENCE {
               fsWEPDefaultKeyIndex INTEGER,
               fsWEPDefaultKeyValue OCTET STRING,
               fsWEPDefaultKeyLength INTEGER
               }

fsWEPDefaultKeyIndex OBJECT-TYPE
      SYNTAX INTEGER (1..4)
      MAX-ACCESS not-accessible
      STATUS current
      DESCRIPTION
          "The auxiliary variable used to identify instances
          of the columnar objects in the WEP Default Keys Table.
          The value of this variable is equal to the
          WEPDefaultKeyID + 1"
      ::= { fsWEPDefaultKeysEntry 1 }

fsWEPDefaultKeyValue OBJECT-TYPE
      SYNTAX OCTET STRING
      MAX-ACCESS read-write
      STATUS current
      DESCRIPTION
          "A WEP default secret key value."
      ::= { fsWEPDefaultKeysEntry 2 }

fsWEPDefaultKeyLength OBJECT-TYPE
      SYNTAX INTEGER { wep40(1),wep104(2),wep128(3) }
      MAX-ACCESS read-write
      STATUS current
      DESCRIPTION
          "A WEP default secret key length."
      ::= { fsWEPDefaultKeysEntry 3 }

--********************************************************************
-- * End of dot11WEPDefaultKeys TABLE
--********************************************************************

--********************************************************************
--*    Compliance statements
--********************************************************************
fsWlansecurityMIBConform OBJECT IDENTIFIER  ::= { fsWLANsecurityMIB 2 }

fsWlansecurityMIBCompliances OBJECT IDENTIFIER ::= { fsWlansecurityMIBConform 1 }

fsWlansecurityMIBGroups      OBJECT IDENTIFIER ::= { fsWlansecurityMIBConform 2 }

fsWlansecurityMIBCompliance MODULE-COMPLIANCE
    STATUS  current
    DESCRIPTION
        "The compliance statement for entities which implement
        the wlan security module of FS Ac device Manager"
    MODULE
    MANDATORY-GROUPS {
        fsWlansecuritycofigGroup,
        fsWEPDefaultKeysGroup,
        fsWlansecurityTrapGroup
    }
    ::= { fsWlansecurityMIBCompliances 1 }

--********************************************************************
--*    Units of conformance
--********************************************************************

fsWlansecuritycofigGroup OBJECT-GROUP
        OBJECTS {
            fsAPworkmode,
            fsWLANsecrymode ,
            fsstaticweplength,
            fs8021xweplength,
            fsWPAenabled,
            fsWPAPairwisecipher,
            fsWPAakmmode,
            fsWPApskPassPhrase,
            fsWLANsecry80211i,
            fsWAPIasuIpaddress,
            fsWAPIcertificateformat,
            fsWAPImsrekeyClientoff,
            fsWAPIimportcertificate,
            fsWAPIcacertificatename,
            fsWAPIlocalcertificatename,
            fsWAPIascertificatename,
            fsRSNenabled,
            fsRSNPairwisecipher,
            fsRSNakmmode,
            fsRSNpskPassPhrase,
            fsWEPAuthenAlgorithm,
            fsWLANsecurityStatus,
            fsACauthenMethodsupport,
            fsWLANEAPAuthenSupport,
            fsWlansecurityWepDecrytEnableTrapVar,
            fsWlansecurityDeviceMAC
        }
        STATUS     current
        DESCRIPTION
                "This collection of objects represents the
                 WLAN security private MIB "
        ::= { fsWlansecurityMIBGroups 1 }

fsWEPDefaultKeysGroup OBJECT-GROUP
        OBJECTS {
            fsWEPDefaultKeyValue,
            fsWEPDefaultKeyLength
        }
        STATUS     current
        DESCRIPTION
                "This collection of objects represents the
                 WLAN WEP default keys."
        ::= { fsWlansecurityMIBGroups 2 }

fsWlansecurityTrapGroup NOTIFICATION-GROUP
        NOTIFICATIONS {
            fsWlansecurityWepDecrytErr   
        }
        STATUS     current
        DESCRIPTION
                "This collection of objects represents the
                 wlan wep traps private MIB "
        ::= { fsWlansecurityMIBGroups 3 }
        
--***********************************************************
--*     variable of trap
--***********************************************************
fsWlansecurityTrapvar OBJECT IDENTIFIER ::= { fsWLANsecurityMIB 3 }

fsWlansecurityWepDecrytEnableTrapVar OBJECT-TYPE
    SYNTAX      Integer32
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "Tell the host whether need to send the trap."
    ::= { fsWlansecurityTrapvar 1 }

fsWlansecurityDeviceMAC OBJECT-TYPE
    SYNTAX      MacAddress
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
        "MAC address of the device."
    ::= { fsWlansecurityTrapvar 2 }
--***********************************************************
--*     wep decryt error trap
--***********************************************************
fsWLANsecurityTraps OBJECT IDENTIFIER ::= { fsWLANsecurityMIB 0 }

fsWlansecurityWepDecrytErr NOTIFICATION-TYPE
    OBJECTS {
        fsApgWlanId,
        fsWlansecurityDeviceMAC
    }
    STATUS  current
    DESCRIPTION
            "The information of an event of a wep decrytion error."
    ::= { fsWLANsecurityTraps 1 }


END
