-- ZyXEL Communications Corporation
-- Private Enterprise MIB definition 
  
-- This file describes the ZyXEL Communications Corporation Enterprise MIB.
-- It contains ZyXEL products OIDs, and common managed objects.

-- $Log: ZYXEL-PORT-AUTHENTICATION-MIB.mib $ 
-- Revision 1.7  2013/12/06 07:07:55  ccho 
-- remove uncessary imports 
-- Revision 1.6  2013/11/20 06:53:55  ccho 
-- renaming identifier name for SMI.V2 
-- Revision 1.5  2013/11/06 05:42:10  ccho 
-- fix mib style 
-- Revision 1.4  2012/09/19 07:43:52  Kevin 
-- if it's leaf node, revise the vender name from zyxel to zy 
-- Revision 1.3  2012/08/22 09:47:30  Kevin 
-- clean warning for SNMPc 
-- Revision 1.2  2012/07/05 06:24:13  Kevin 
-- 1. upgrade from SNMP to SNMPv2  
-- 2. clean warning 
-- Revision 1.1  2012/05/30 07:50:24  Kevin 
-- Initial revision 

ZYXEL-PORT-AUTHENTICATION-MIB DEFINITIONS ::= BEGIN

    IMPORTS
	OBJECT-TYPE
		FROM SNMPv2-SMI			-- RFC2578	
		
	MODULE-IDENTITY
		FROM SNMPv2-SMI
	
	EnabledStatus
		FROM  P-BRIDGE-MIB

	dot1dBasePort
       	FROM BRIDGE-MIB

	esMgmt			
		FROM ZYXEL-ES-SMI;

	zyxelPortAuthentication MODULE-IDENTITY
		LAST-UPDATED	"201207010000Z"    
		ORGANIZATION "Enterprise Solution ZyXEL"     
		CONTACT-INFO
			""	   
		DESCRIPTION
			"The subtree for port authentication"
		::= { esMgmt 62 }
		
	zyxelPortAuthenticationSetup    OBJECT IDENTIFIER ::= { zyxelPortAuthentication 1 }
	
  
-- *******************************************************************
-- *
-- * zyxelPortAuthenticationSetup
-- *
-- *******************************************************************

-- zyxelPortAuthenticationState
		zyPortAuthenticationState	OBJECT-TYPE
        SYNTAX  EnabledStatus
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
                      	"Enable/Disable 802.1x port authentication for the switch."
        ::= { zyxelPortAuthenticationSetup 1 }
		
-- zyxelPortAuthenticationTable 
		zyxelPortAuthenticationPortTable	OBJECT-TYPE
        SYNTAX	SEQUENCE OF ZyxelPortAuthenticationPortEntry
        MAX-ACCESS  not-accessible
        STATUS  current
        DESCRIPTION
                 	"The table contains port authentication configuration"
        ::= { zyxelPortAuthenticationSetup 2 }
        
		zyxelPortAuthenticationPortEntry OBJECT-TYPE
        SYNTAX	ZyxelPortAuthenticationPortEntry
        MAX-ACCESS	not-accessible
        STATUS	current
        DESCRIPTION    	
					"An entry contains port authentication configuration."
        INDEX          	{ dot1dBasePort }
        ::= { zyxelPortAuthenticationPortTable 1 }

        ZyxelPortAuthenticationPortEntry ::=
           SEQUENCE {
        	zyPortAuthenticationPortState								EnabledStatus,
        	zyPortReAuthenticationPortState								EnabledStatus,
        	zyPortReAuthenticationPortTimer								INTEGER ,
        	zyPortAuthenticationPortQuietPeriod							INTEGER ,
        	zyPortAuthenticationPortTxPeriod							INTEGER ,
        	zyPortAuthenticationPortSupplicantTimeout					INTEGER ,
        	zyPortAuthenticationPortMaxRequest							INTEGER ,
        	zyPortAuthenticationPortGuestVlanState						EnabledStatus,
        	zyPortAuthenticationPortGuestVlan							INTEGER ,
        	zyPortAuthenticationPortGuestVlanHostMode					INTEGER ,
        	zyPortAuthenticationPortGuestVlanHostModeMultiSecureNumber	INTEGER ,
			zyPortAuthenticationPortCompoundAuthenticationMode			INTEGER
           }

        zyPortAuthenticationPortState OBJECT-TYPE
        SYNTAX  EnabledStatus
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
			"Enable/Disable 802.1x port authentication on the port. You must first allow 802.1x authentication on 
			the Switch before configuring it on each port. "
        ::= { zyxelPortAuthenticationPortEntry 1 }

        zyPortReAuthenticationPortState OBJECT-TYPE
        SYNTAX  EnabledStatus
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
			"Enable/Disable 802.1x port re-authentication on the port. Specify if a subscriber has to periodically 
			re-enter his or her username and password to stay connected to the port."
        ::= { zyxelPortAuthenticationPortEntry 2 }

        zyPortReAuthenticationPortTimer OBJECT-TYPE
        SYNTAX  INTEGER
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
			"Specify the length of time required to pass before a client has to re-enter his or her username and 
			password to stay connected to the port. "
        ::= { zyxelPortAuthenticationPortEntry 3 }

		zyPortAuthenticationPortQuietPeriod OBJECT-TYPE
        SYNTAX  INTEGER
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
			"Specify the number of seconds the port remains in the HELD state and rejects further authentication 
			requests from the connected client after a failed authentication exchange. "
        ::= { zyxelPortAuthenticationPortEntry 4 }
        
        zyPortAuthenticationPortTxPeriod OBJECT-TYPE
        SYNTAX  INTEGER
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
			"Specify the number of seconds the Switch waits for client's response before re-sending an identity 
			request to the client.  "
        ::= { zyxelPortAuthenticationPortEntry 5 }   
        
        zyPortAuthenticationPortSupplicantTimeout OBJECT-TYPE
        SYNTAX  INTEGER
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
			"Specify the number of seconds the Switch waits for client's response to a challenge request before 
			sending another request. "
        ::= { zyxelPortAuthenticationPortEntry 6 } 
        
        zyPortAuthenticationPortMaxRequest OBJECT-TYPE
        SYNTAX  INTEGER
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
			"Specify the number of times the Switch tries to authenticate client(s) before sending unresponsive 
			ports to the Guest VLAN. This is set to 2 by default. That is, the Switch attempts to authenticate a 
			client twice. If the client does not respond to the first authentication request, the Switch tries again. If the client still does not respond to the second request, the Switch sends the client to the Guest VLAN. The client needs to send a new request to be authenticated by the Switch again. "
        ::= { zyxelPortAuthenticationPortEntry 7 }

        zyPortAuthenticationPortGuestVlanState OBJECT-TYPE
        SYNTAX  EnabledStatus
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
			"Enable/Disable Guest VLAN on the port. Clients that fail authentication are placed in the guest VLAN 
			and can receive limited services. "
        ::= { zyxelPortAuthenticationPortEntry 8 }
                                 
        zyPortAuthenticationPortGuestVlan OBJECT-TYPE
        SYNTAX  INTEGER
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
			"Enter the number that identifies the guest VLAN. Make sure this is a VLAN recognized in your network. 
			A guest VLAN is a pre-configured VLAN on the Switch that allows non-authenticated users to access 
			limited network resources through the Switch. You must also enable IEEE 802.1x authentication on the 
			Switch and the associated ports. "
        ::= { zyxelPortAuthenticationPortEntry 9 }

        zyPortAuthenticationPortGuestVlanHostMode OBJECT-TYPE
        SYNTAX  INTEGER	{
             multiHost(0),
             multiSecure(1)
        	}
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
			"Specify how the Switch authenticates users when more than one user connect to the port (using a hub). 
			Select Multi-Host to authenticate only the first user that connects to this port. If the first user 
			enters the correct credential, any other users are allowed to access the port without authentication. 
			If the first user fails to enter the correct credential, they are all put in the guest VLAN. Once the 
			first user who did authentication logs out or disconnects from the port, rest of the users are blocked 
			until a user does the authentication process again. 
			Select Multi-Secure to authenticate each user that connects to this port. "
        ::= { zyxelPortAuthenticationPortEntry 10 }   
        
        zyPortAuthenticationPortGuestVlanHostModeMultiSecureNumber OBJECT-TYPE
        SYNTAX  INTEGER
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
			"If you set Host-mode to Multi-Secure, specify the maximum number of users that the 
			Switch will authenticate on this port. "
        ::= { zyxelPortAuthenticationPortEntry 11 }
		
        zyPortAuthenticationPortCompoundAuthenticationMode OBJECT-TYPE
        SYNTAX  INTEGER	{
             strict(0),
             loose(1)
        	}
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
			"Set compound authentication mode at strict mode or loose mode for the switch. Users can use this setting 
			to choise authentication strict or loose of 802.1x and mac authentication."
        ::= { zyxelPortAuthenticationPortEntry 12 }
		
-- zyxelPortAuthenticationEapolFloodState
		zyPortAuthenticationEapolFloodState	OBJECT-TYPE
        SYNTAX  EnabledStatus
        MAX-ACCESS  read-write
        STATUS  current
        DESCRIPTION
                      	"Enable/Disable EAPoL flood for the switch. Users can use 
						this setting to control forwarding of EAPoL packet when 802.1x function is disable."
        ::= { zyxelPortAuthenticationSetup 3 }
		
END   
