CISCO-TRUSTSEC-INTERFACE-MIB
File:
CISCO-TRUSTSEC-INTERFACE-MIB.mib (76008 bytes)
Imported modules
Imported symbols
Defined Types
CtsiCasheDataSource |
|
The source of cached authorization data.
unknown - cache source type not covered by
any of the follow enumerations.
acs - authorization data is loaded from ACS
dram - authorization data is loaded from DRAM.
nvram - authorization data is loaded from NVRAM.
dramOrNvram - authorization data is loaded from DRAM or NVRAM. |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
unknown(1), acs(2), dram(3), nvram(4), all(5) |
|
CtsSapNegMode |
|
The SAP negotiation modes supported in TrustSec system.
encapNoAuthenNoEncrypt - Encapsulation present,
no authentication, no encryption.
gcmAuthenNoEncrypt - GCM authentication, no encryption.
gcmAuthenGcmEncrypt - GCM authentication, GCM encryption.
noEncap - No encapsulation. |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
encapNoAuthenNoEncrypt(1), gcmAuthenNoEncrypt(2), gcmAuthenGcmEncrypt(3), noEncap(4) |
|
CtsSapNegModeList |
|
The list of SAP negotiation modes provided within
TrustSec (Cisco Trusted Security) system.
Each octet represents a SAP negotiation mode which
is defined in CtsSapNegMode.
The DESCRIPTION clause of CtsSapNegModeList objects
must fully describe the relationship between modes. |
TEXTUAL-CONVENTION |
|
|
|
|
OCTET STRING |
|
|
CtsiInterfaceControllerState |
|
The state of the TrustSec Interface Controller state
machine.
unknown - none of the following states.
initializing - the TrustSec interface controller state
machine enter the initialize state when
TrustSec is enabled on this interface.
authenticating - the peer is being authenticated if the
dot1x mode is enabled.
authorizing - the peer is being authorized.
sapNegotiating - the SA(Security Association) is being
negotiated with the peer.
open - the line is up from TrustSec perspective.
held - a hold down timer is set.
disconnecting - a failure has occurred, or the TrustSec
link is going down, or TrustSec is
being disabled.
invalid - unable to start the TrustSec state
machine.
licenseError - No MACSec software license. |
TEXTUAL-CONVENTION |
|
|
|
|
INTEGER |
unknown(1), initialize(2), authenticating(3), authorizing(4), sapNegotiating(5), open(6), held(7), disconnecting(8), invalid(9), licenseError(10) |
|
CtsiIfConfigEntry |
|
SEQUENCE |
|
|
|
|
ctsiIfModeCapability |
BITS |
|
|
ctsiIfConfiguredMode |
INTEGER |
|
|
ctsiIfCacheClear |
TruthValue |
|
|
ctsiIfRekey |
TruthValue |
|
CtsiIfDot1xEntry |
|
SEQUENCE |
|
|
|
|
ctsiIfDot1xSgtPropagateEnabled |
TruthValue |
|
|
ctsiIfDot1xReauthInterval |
Integer32 |
|
|
ctsiIfDot1xSapModeList |
CtsSapNegModeList |
|
|
ctsiIfDot1xDownloadReauthInterval |
Integer32 |
|
|
ctsiIfDot1xOperReauthInterval |
Integer32 |
|
|
ctsiIfDot1xReauthTimeLeft |
Integer32 |
|
|
ctsiIfDot1xStorageType |
StorageType |
|
|
ctsiIfDot1xRowStatus |
RowStatus |
|
CtsiIfManualEntry |
|
SEQUENCE |
|
|
|
|
ctsiIfManualDynamicPeerId |
SnmpAdminString |
|
|
ctsiIfManualStaticSgt |
CtsSecurityGroupTag |
|
|
ctsiIfManualStaticSgtTrusted |
TruthValue |
|
|
ctsiIfManualSgtPropagateEnabled |
TruthValue |
|
|
ctsiIfManualSapPmk |
OCTET STRING |
|
|
ctsiIfManualSapModeList |
CtsSapNegModeList |
|
|
ctsiIfManualStorageType |
StorageType |
|
|
ctsiIfManualRowStatus |
RowStatus |
|
CtsiIfL3ForwardEntry |
|
SEQUENCE |
|
|
|
|
ctsiIfL3ForwardMode |
INTEGER |
|
|
ctsiIfL3ForwardStorageType |
StorageType |
|
|
ctsiIfL3ForwardRowStatus |
RowStatus |
|
CtsiIfStatusEntry |
|
SEQUENCE |
|
|
|
|
ctsiIfControllerState |
CtsiInterfaceControllerState |
|
|
ctsiIfAuthenticationStatus |
INTEGER |
|
|
ctsiIfPeerId |
SnmpAdminString |
|
|
ctsiIfPeerAdvCapability |
BITS |
|
|
ctsiIfAuthorizationStatus |
INTEGER |
|
|
ctsiIfPeerSgt |
CtsSecurityGroupTag |
|
|
ctsiIfPeerSgtTrusted |
TruthValue |
|
|
ctsiIfSapNegotiationStatus |
INTEGER |
|
|
ctsiIfSapNegModeList |
CtsSapNegModeList |
|
|
ctsiIfCacheExpirationTime |
DateAndTime |
|
|
ctsiIfCacheDataSource |
CtsiCasheDataSource |
|
|
ctsiIfCriticalAuthStatus |
INTEGER |
|
CtsiIfStatsEntry |
|
SEQUENCE |
|
|
|
|
ctsiIfAuthenticationSuccess |
Counter32 |
|
|
ctsiIfAuthenticationReject |
Counter32 |
|
|
ctsiIfAuthenticationFailure |
Counter32 |
|
|
ctsiIfAuthenticationNoResponse |
Counter32 |
|
|
ctsiIfAuthenticationLogoff |
Counter32 |
|
|
ctsiIfAuthorizationSuccess |
Counter32 |
|
|
ctsiIfAuthorizationPolicyFail |
Counter32 |
|
|
ctsiIfAuthorizationFail |
Counter32 |
|
|
ctsiIfSapSuccess |
Counter32 |
|
|
ctsiIfSapFail |
Counter32 |
|
CtsiAuthorizationEntry |
|
SEQUENCE |
|
|
|
|
ctsiAuthorizationPeerId |
SnmpAdminString |
|
|
ctsiAuthorizationPeerSgt |
CtsSecurityGroupTag |
|
|
ctsiAuthorizationState |
INTEGER |
|
|
ctsiAuthorizationLastRefresh |
DateAndTime |
|
|
ctsiAuthorizationTimeLeft |
Integer32 |
|
|
ctsiAuthorizationTimeToRefresh |
Integer32 |
|
|
ctsiAuthorizationCacheDataSource |
CtsiCasheDataSource |
|
|
ctsiAuthorizationStatus |
INTEGER |
|
Defined Values
ciscoTrustSecIfMIB |
1.3.6.1.4.1.9.9.740 |
This MIB module defines management objects for
configuration and monitoring of the interfaces in Cisco
Trusted Security environment.
Glossary:
ACS - Cisco Secure Access Control Server
IFC - TrustSec Interface Controller
MACSec - Media Access Control (MAC) Security
PMK - Pairwise Master Key
SAP - Security Association Protocol
SGT - Security Group Tag. A tag identifying its source,
assigned to a packet on ingress to a TrustSec cloud,
and used to determine security and other policy
to be applied to it along its path through the
cloud.
TrustSec - Cisco Trusted Security |
MODULE-IDENTITY |
|
|
|
ctsiIfConfigEntry |
1.3.6.1.4.1.9.9.740.1.1.1.1 |
An entry contains the configuration information for a
particular TrustSec interface. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CtsiIfConfigEntry |
|
|
ctsiIfModeCapability |
1.3.6.1.4.1.9.9.740.1.1.1.1.1 |
This object indicates the supported TrustSec mode on
this interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
BITS |
dot1x(0), manual(1), l3Forward(2) |
|
ctsiIfCacheClear |
1.3.6.1.4.1.9.9.740.1.1.1.1.3 |
This object allows user to clear the cache for the specific
TrustSec interface by setting the value to 'true'.
Setting the value to 'false' has no effect.
When read, this object always returns 'false'. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsiIfRekey |
1.3.6.1.4.1.9.9.740.1.1.1.1.4 |
This object allows user to re-generate the SAP key for the
specific TrustSec interface by setting the value to 'true'.
Setting the value to 'false' has no effect.
When read, this object always returns 'false'. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsiIfDot1xTable |
1.3.6.1.4.1.9.9.740.1.2.1 |
A list of the interfaces which have TrustSec dot1x mode
configuration information. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
CtsiIfDot1xEntry |
|
ctsiIfDot1xEntry |
1.3.6.1.4.1.9.9.740.1.2.1.1 |
An entry containing the TrustSec dot1x configuration
for a particular interface.
An entry can be created or deleted by using
ctsiIfDot1xRowStatus.
An entry can only be created if the value of corresponding
instance of ctsiIfConfiguredMode is 'none' and the 'dot1x'
BIT of corresponding instance ctsiIfModeCapability is set. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CtsiIfDot1xEntry |
|
|
ctsiIfDot1xReauthInterval |
1.3.6.1.4.1.9.9.740.1.2.1.1.2 |
This object specifies the re-authentication interval
applied to this interface when it is not provided from
the ACS. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
Integer32 |
|
|
ctsiIfDot1xSapModeList |
1.3.6.1.4.1.9.9.740.1.2.1.1.3 |
This object specifies the advertised modes for the SAP
negotiation on this interface. Modes are executed in
the order as specified in the mode list.
Mode which is at the beginning of the method list will be
executed first. Method which is at the end of mode list
will be executed last.
This object is not allowed to be set to a zero length
string. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
CtsSapNegModeList |
|
|
ctsiIfDot1xDownloadReauthInterval |
1.3.6.1.4.1.9.9.740.1.2.1.1.4 |
This object indicates the re-authentication interval which
is downloaded from ACS.
A value of zero indicates no re-authentication interval is
downloaded from ACS.
A value of -1 indicates that this object is not applicable
on this interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Integer32 |
-1..2147483647 |
|
ctsiIfDot1xOperReauthInterval |
1.3.6.1.4.1.9.9.740.1.2.1.1.5 |
This object indicates the operational re-authentication
interval of the interface.
A value of zero indicates that dot1x re-authentication is
disabled on this interface.
A value of -1 indicates that this object is not applicable
on this interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Integer32 |
-1..2147483647 |
|
ctsiIfDot1xReauthTimeLeft |
1.3.6.1.4.1.9.9.740.1.2.1.1.6 |
This object indicates the leftover time of the current
authentication session.
A value of zero indicates the re-authentication is in
progress.
A value of -1 indicates that this object is not applicable
on this interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Integer32 |
-1..2147483647 |
|
ctsiIfDot1xRowStatus |
1.3.6.1.4.1.9.9.740.1.2.1.1.8 |
The status of this conceptual row.
All writable objects in this row may be modified at any time. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
ctsiIfManualTable |
1.3.6.1.4.1.9.9.740.1.3.1 |
A list of the interfaces which have TrustSec manual mode
configuration information. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
CtsiIfManualEntry |
|
ctsiIfManualEntry |
1.3.6.1.4.1.9.9.740.1.3.1.1 |
An entry containing the TrustSec manual configuration
information for a particular interface.
An entry can be created or deleted by using
ctsiIfManualRowStatus.
An entry can only be created if the value of corresponding
instance of ctsiIfConfiguredMode is 'none' and the 'manual'
BIT of corresponding instance ctsiIfModeCapability is set. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CtsiIfManualEntry |
|
|
ctsiIfManualDynamicPeerId |
1.3.6.1.4.1.9.9.740.1.3.1.1.1 |
This object specifies the peer's device identity which is
used to obtain the desired policy for authorization request.
Setting a none-zero value on this object is not allowed if
the value of ctsiIfManualStaticSgt is not set to zero.
A zero length string indicates that the policy acquisition
from the ACS using the peer's identity is disabled on this
interface. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
SnmpAdminString |
|
|
ctsiIfManualStaticSgt |
1.3.6.1.4.1.9.9.740.1.3.1.1.2 |
This object specifies the statically configured SGT for
tagging the ingress traffic from the peer.
Setting a none-zero value on this object is not allowed if
the value of ctsiIfManualDynamicPeerId is not set to a zero
length string.
A value of zero indicates that no statically SGT tagging. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
CtsSecurityGroupTag |
|
|
ctsiIfManualStaticSgtTrusted |
1.3.6.1.4.1.9.9.740.1.3.1.1.3 |
This object specifies the peer's SGT assignment trust
state.
This object only can be set when ctsiIfManualStaticSgt
is none-zero. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsiIfManualSapPmk |
1.3.6.1.4.1.9.9.740.1.3.1.1.5 |
This object specifies the PMK used by SAP.
A zero length string for this object indicates the SAP
negotiation is disabled on this interface. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
OCTET STRING |
Size(0|32) |
|
ctsiIfManualSapModeList |
1.3.6.1.4.1.9.9.740.1.3.1.1.6 |
This object specified the advertised modes for the SAP
negotiation on this interface. Modes are executed in
the order as specified in the mode list.
Mode which is at the beginning of the mode list will be
executed first. Mode which is at the end of mode list
will be executed last.
Value of this object will becomes zero length octet if
SAP negotiation is disabled.
This object is not allowed to be set to a zero length
string. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
CtsSapNegModeList |
|
|
ctsiIfManualRowStatus |
1.3.6.1.4.1.9.9.740.1.3.1.1.8 |
The status of this conceptual row.
All writable objects in this row may be modified at any time. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
ctsiIfL3ForwardTable |
1.3.6.1.4.1.9.9.740.1.4.1 |
A list of the interfaces which have TrustSec L3 forwarding
configuration information. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
CtsiIfL3ForwardEntry |
|
ctsiIfL3ForwardEntry |
1.3.6.1.4.1.9.9.740.1.4.1.1 |
An entry containing the TrustSec L3 forwarding configuration
information for a particular interface.
An entry can be created or deleted by using
ctsiIfL3ForwardRowStatus.
An entry can only be created if the value of corresponding
instance of ctsiIfConfiguredMode is 'none' and the 'l3Forward'
BIT of corresponding instance ctsiIfModeCapability is set. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CtsiIfL3ForwardEntry |
|
|
ctsiIfL3ForwardMode |
1.3.6.1.4.1.9.9.740.1.4.1.1.1 |
This object specifies the type of L3 forwarding for
the interface.
l3Ipv4Forward - TrustSec L3 IPv4 forwarding.
l3Ipv6Forward - TrustSec L3 IPv6 forwarding.
l3IpForward - TrustSec L3 IPv6 and IPv4 forwarding. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
INTEGER |
l3Ipv4Forward(1), l3Ipv6Forward(2), l3IpForward(3) |
|
ctsiIfL3ForwardRowStatus |
1.3.6.1.4.1.9.9.740.1.4.1.1.3 |
The status of this conceptual row.
All writable objects in this row may be modified at any time. |
Status: current |
Access: read-create |
OBJECT-TYPE |
|
|
|
|
RowStatus |
|
|
ctsiIfStatusEntry |
1.3.6.1.4.1.9.9.740.1.5.1.1 |
An entry contains the information of the specific TrustSec
interface.
A entry is created by system when TrustSec is enabled for
an interface. An entry is deleted by system if TrustSec
is disabled for an interface. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CtsiIfStatusEntry |
|
|
ctsiIfAuthenticationStatus |
1.3.6.1.4.1.9.9.740.1.5.1.1.2 |
This object indicates the current TrustSec authentication
status of this interface.
unknown - status not covered by any of
the follow enumerations.
succeeded - authentication is succeeded.
rejected - authentication is rejected.
logOff - peer logged off.
noRespond - peer no respond.
notApplicable - bypassing the authentication.
incomplete - authentication is not completed.
failed - authentication failed. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
unknown(1), succeeded(2), rejected(3), logOff(4), noRespond(5), notApplicable(6), incomplete(7), failed(8) |
|
ctsiIfPeerId |
1.3.6.1.4.1.9.9.740.1.5.1.1.3 |
This object indicates the device identity or symbolic
group name of the remote peer. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
SnmpAdminString |
|
|
ctsiIfPeerAdvCapability |
1.3.6.1.4.1.9.9.740.1.5.1.1.4 |
This object indicates the advertised capabilities of the
remote peer associated with this interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
BITS |
sap(0) |
|
ctsiIfAuthorizationStatus |
1.3.6.1.4.1.9.9.740.1.5.1.1.5 |
This object indicates the current TrustSec authorization
status of the interface.
unknown - status not covered by any of
the follow enumerations.
inProgress - authorization in progress.
succeeded - authorization succeeded.
failed - authorization failed.
fallBackPolicy - apply the fallback policy.
incomplete - authorization aborted.
peerSucceeded - apply the peer policy succeeded.
rbaclSucceeded - apply the RBACL policy succeeded.
policySucceeded - apply the all policy succeeded. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
unknown(1), inProgress(2), succeeded(3), failed(4), fallBackPolicy(5), incomplete(6), peerSucceeded(7), rbaclSucceeded(8), policySucceeded(9) |
|
ctsiIfPeerSgt |
1.3.6.1.4.1.9.9.740.1.5.1.1.6 |
This object indicates the SGT value of the remote peer. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
CtsSecurityGroupTag |
|
|
ctsiIfPeerSgtTrusted |
1.3.6.1.4.1.9.9.740.1.5.1.1.7 |
This object indicates whether the SGT of the remote peer
is trusted. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsiIfSapNegotiationStatus |
1.3.6.1.4.1.9.9.740.1.5.1.1.8 |
This object indicates the SAP negotiation status on
this interface.
notApplicable - SAP disabled on local or remote peer
is not SAP capable.
unknown - status not covered by any
of the follow enumerations.
inProgress - SAP negotiation in progress.
succeeded - SAP negotiation completed.
failed - SAP negotiation failed.
licenseError - No MACSec software license. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
notApplicable(1), unknown(2), inProgress(3), succeeded(4), failed(5), licenseError(6) |
|
ctsiIfSapNegModeList |
1.3.6.1.4.1.9.9.740.1.5.1.1.9 |
This object indicates the operational SAP negotiation
mode list on this interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
CtsSapNegModeList |
|
|
ctsiIfCacheExpirationTime |
1.3.6.1.4.1.9.9.740.1.5.1.1.10 |
This object indicates the time when the current cached data
applied on the interface will be expired.
A value of zero indicates that the cached data will never be
expired. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DateAndTime |
|
|
ctsiIfCriticalAuthStatus |
1.3.6.1.4.1.9.9.740.1.5.1.1.12 |
This object indicates the CTS Critical-Auth status
of interface.
disable - link is not in Critical-Auth mode.
cache - link is in Critical-Auth cached mode.
default - link is in Critical-Auth default mode. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
disable(1), cache(2), default(3) |
|
ctsiIfStatsTable |
1.3.6.1.4.1.9.9.740.1.6.1 |
A list of Cisco Trusted Security capable interface. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
CtsiIfStatsEntry |
|
ctsiIfStatsEntry |
1.3.6.1.4.1.9.9.740.1.6.1.1 |
An entry contains the statistics information of a
particular TrustSec interface.
An entry created by system for each interface is TrustSec
enabled. An entry deleted by system for each interface is
TrustSec disabled. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CtsiIfStatsEntry |
|
|
ctsiIfAuthenticationSuccess |
1.3.6.1.4.1.9.9.740.1.6.1.1.1 |
The number of times that peer has been successfully
authenticated on this interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiIfAuthenticationReject |
1.3.6.1.4.1.9.9.740.1.6.1.1.2 |
The number of times that peer has been rejected
in authentication on this interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiIfAuthenticationFailure |
1.3.6.1.4.1.9.9.740.1.6.1.1.3 |
The number of times that peer has been failed in
authentication on this interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiIfAuthenticationNoResponse |
1.3.6.1.4.1.9.9.740.1.6.1.1.4 |
The number of times that no authentication respond
received from the remote peer associated with this
interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiIfAuthenticationLogoff |
1.3.6.1.4.1.9.9.740.1.6.1.1.5 |
The number of times that received authentication log
off from the peer associated with this interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiIfAuthorizationSuccess |
1.3.6.1.4.1.9.9.740.1.6.1.1.6 |
The number of times that the peer entity successfully
passed the TrustSec authorization challenge on this
interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiIfAuthorizationPolicyFail |
1.3.6.1.4.1.9.9.740.1.6.1.1.7 |
The number of time that fail to access policy or refresh
the policy for TrustSec authorization on this interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiIfAuthorizationFail |
1.3.6.1.4.1.9.9.740.1.6.1.1.8 |
The number of times that peer has been failed in TrustSec
authorization on this interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiIfSapSuccess |
1.3.6.1.4.1.9.9.740.1.6.1.1.9 |
The number of times that SAP negotiation is succeed on this
interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiIfSapFail |
1.3.6.1.4.1.9.9.740.1.6.1.1.10 |
The number of times that SAP negotiation has failed on this
interface. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiAuthorizationEntry |
1.3.6.1.4.1.9.9.740.1.7.1.1 |
An entry containing the management information for a
particular authorized peer.
An entry is created when the policy acquired from the ACS
for a new peer.
An entry is deleted when the authorization of the peer has
expired or fails to refresh its policy. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CtsiAuthorizationEntry |
|
|
ctsiAuthorizationPeerId |
1.3.6.1.4.1.9.9.740.1.7.1.1.1 |
This object indicates the device identity or symbolic group
name of the remote peer. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SnmpAdminString |
Size(1..64) |
|
ctsiAuthorizationState |
1.3.6.1.4.1.9.9.740.1.7.1.1.3 |
This object indicates the current state of the
authorization entity.
unknown - none of the following states.
start - authorization entity created and
initialized.
waitingRespond - a policy request has been made by
remote peer to the ACS and
waiting for the response.
assessing - the policy been received from ACS
and is being assessed.
complete - policy has been received and assessed.
failure - failed to download the policy from the
ACS. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
unknown(1), start(2), waitingRespond(3), assessing(4), complete(5), failure(6) |
|
ctsiAuthorizationLastRefresh |
1.3.6.1.4.1.9.9.740.1.7.1.1.4 |
The object indicates the date and time when the authorized
peer was last refreshed. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
DateAndTime |
|
|
ctsiAuthorizationTimeLeft |
1.3.6.1.4.1.9.9.740.1.7.1.1.5 |
This object indicates the leftover time for the current
policy.
A value of zero indicates that policy refresh is in progress.
A value of -1 indicates that this object is not applicable
on this authorization entry. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Integer32 |
-1..2147483647 |
|
ctsiAuthorizationTimeToRefresh |
1.3.6.1.4.1.9.9.740.1.7.1.1.6 |
This object indicates the time left to start the policy
refresh.
A value of zero indicates that policy refresh is in progress.
A value of -1 indicates that this object is not applicable
on this authorization entry. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Integer32 |
-1..2147483647 |
|
ctsiAuthorizationStatus |
1.3.6.1.4.1.9.9.740.1.7.1.1.8 |
This object indicates the status of this authorization peer.
unknown - status not covered by any of
the follow enumerations.
inProgress - new authorization link created or add
a new policy request for an existing
link.
succeeded - policy received successful.
failed - policy download failed.
fallbackPolicy - download policy failed apply fallback
policy.
incomplete - policy received incomplete. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
INTEGER |
unknown(1), inProgress(2), succeeded(3), failed(4), fallbackPolicy(5), incomplete(6) |
|
ctsiIfcStatsTable |
1.3.6.1.4.1.9.9.740.1.8.1 |
A list of IFC state statistic on this device. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
SEQUENCE OF |
|
|
|
|
CtsiIfcStatsEntry |
|
ctsiIfcStatsEntry |
1.3.6.1.4.1.9.9.740.1.8.1.1 |
An entry containing the total number of interfaces which
are currently belong to a particular IFC state. |
Status: current |
Access: not-accessible |
OBJECT-TYPE |
|
|
|
|
CtsiIfcStatsEntry |
|
|
ctsiIfcStatsIfCount |
1.3.6.1.4.1.9.9.740.1.8.1.1.2 |
The total number of interfaces on the device which is
currently in the IFC state. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsiAuthenticationSuccess |
1.3.6.1.4.1.9.9.740.1.9.1 |
The total number of times that remote peers authentication
succeed on this device. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiAuthenticationReject |
1.3.6.1.4.1.9.9.740.1.9.2 |
The total number of times that remote peers authentication
rejected on this device. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiAuthenticationFailure |
1.3.6.1.4.1.9.9.740.1.9.3 |
The total number of times that remote peers authentication
failed on this device |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiAuthenticationLogoff |
1.3.6.1.4.1.9.9.740.1.9.4 |
The total number of times that remote peer log off on this
device. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiAuthenticationNoRespond |
1.3.6.1.4.1.9.9.740.1.9.5 |
The total number of times that not received authentication
respond from remote peer on this device. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiAuthorizationSuccess |
1.3.6.1.4.1.9.9.740.1.9.6 |
The total number of times that remote peer authorization
succeed on this device. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiAuthorizationFailure |
1.3.6.1.4.1.9.9.740.1.9.7 |
The total number of times that remote peer TrustSec
authorization failed on this device. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiAuthorizationPolicyFailure |
1.3.6.1.4.1.9.9.740.1.9.8 |
The number of time that fail to access policy or refresh
the policy for TrustSec authorization on this device. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiSapNegotiationSuccess |
1.3.6.1.4.1.9.9.740.1.9.9 |
The total number of times that TrustSec SAP negotiation
succeed on this device. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiSapNegotiationFailure |
1.3.6.1.4.1.9.9.740.1.9.10 |
The total number of times that TrustSec SAP negotiation
failure on this device. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Counter32 |
|
|
ctsiInDot1xModeIfCount |
1.3.6.1.4.1.9.9.740.1.10.1 |
The total number of interfaces on the device which is
in TrustSec 802.1X mode. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsiInManualModeIfCount |
1.3.6.1.4.1.9.9.740.1.10.2 |
The total number of interfaces on the device which is
in TrustSec Manual mode. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsiInL3ForwardModeIfCount |
1.3.6.1.4.1.9.9.740.1.10.3 |
The total number of interfaces on the device which is
in TrustSec Layer 3 forwarding mode. |
Status: current |
Access: read-only |
OBJECT-TYPE |
|
|
|
|
Unsigned32 |
|
|
ctsiAuthorizationFailNotifEnable |
1.3.6.1.4.1.9.9.740.1.11.1 |
This object specifies whether the system generates the
ctsiAuthorizationFailNotif.
A value of 'false' will prevent
ctsiAuthorizationFailNotif notifications from being
generated by this system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsiIfAddSupplicantFailNotifEnable |
1.3.6.1.4.1.9.9.740.1.11.2 |
This object specifies whether the system generates the
ctsiIfAddSupplicantFailNotif.
A value of 'false' will prevent
ctsiIfAddSupplicantFailNotif notifications from being
generated by this system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsiIfAuthenticationFailNotifEnable |
1.3.6.1.4.1.9.9.740.1.11.3 |
This object specifies whether the system generates the
ctsiIfAuthenticationFailNotif.
A value of 'false' will prevent
ctsiIfAuthenticationFailNotif notifications from being
generated by this system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsiIfSapNegotiationFailNotifEnable |
1.3.6.1.4.1.9.9.740.1.11.4 |
This object specifies whether the system generates the
ctsiIfSapNegotiationFailNotif.
A value of 'false' will prevent
ctsiIfSapNegotiationFailNotif notifications from being
generated by this system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsiIfUnauthorizedNotifEnable |
1.3.6.1.4.1.9.9.740.1.11.5 |
This object specifies whether the system generates the
ctsiIfUnauthorizedNotif.
A value of 'false' will prevent ctsiIfUnauthorizedNotif
notifications from being generated by this system. |
Status: current |
Access: read-write |
OBJECT-TYPE |
|
|
|
|
TruthValue |
|
|
ctsiIfNotifMessage |
1.3.6.1.4.1.9.9.740.1.12.1 |
This object indicates detail message associated
with notifications. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
SnmpAdminString |
|
|
ctsiIfDot1xPaeRole |
1.3.6.1.4.1.9.9.740.1.12.2 |
This object indicates dot1x PAE role information.
notApplicable: Dot1x PAE role is not applicable in
this notification.
authenticator: PAE Authenticator.
supplicant : PAE Supplicant. |
Status: current |
Access: accessible-for-notify |
OBJECT-TYPE |
|
|
|
|
INTEGER |
notApplicable(1), authenticator(2), supplicant(3) |
|
ctsiAuthorizationFailNotif |
1.3.6.1.4.1.9.9.740.0.1 |
A ctsiAuthorizationFailNotif is generated when the policy
acquisition failed for the peer. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ctsiIfAddSupplicantFailNotif |
1.3.6.1.4.1.9.9.740.0.2 |
A ctsiIfAddSupplicantFailNotif is generated when the system
fails to add dot1x supplicant for an interface. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ctsiIfAuthenticationFailNotif |
1.3.6.1.4.1.9.9.740.0.3 |
A ctsiIfAuthenticationFailNotif is generated when an
authentication error for the peer is detected for an interface. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ctsiIfSapNegotiationFailNotif |
1.3.6.1.4.1.9.9.740.0.4 |
A ctsiIfSapNegotiationFailNotif is generated when a SAP
negotiation error with the peer is detected for an interface. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ctsiIfUnauthorizedNotif |
1.3.6.1.4.1.9.9.740.0.5 |
A ctsiIfUnauthorizedNotif is generated when a interface
becomes unauthorized on the Cisco TrustSec link. |
Status: current |
Access: accessible-for-notify |
NOTIFICATION-TYPE |
|
|
|
ciscoTrustSecIfMIBCompliance |
1.3.6.1.4.1.9.9.740.2.1.1 |
The compliance statement for the CISCO-TRUSTSEC-MIB. |
Status: deprecated |
Access: read-only |
MODULE-COMPLIANCE |
|
|
|
ciscoTrustSecIfMIBCompliance2 |
1.3.6.1.4.1.9.9.740.2.1.2 |
The compliance statement for the CISCO-TRUSTSEC-MIB. |
Status: deprecated |
Access: read-only |
MODULE-COMPLIANCE |
|
|
|
ciscoTrustSecIfMIBCompliance3 |
1.3.6.1.4.1.9.9.740.2.1.3 |
The compliance statement for the CISCO-TRUSTSEC-MIB. |
Status: current |
Access: read-only |
MODULE-COMPLIANCE |
|
|
|
ciscoTrustSecIfMIBIfConfigGroup |
1.3.6.1.4.1.9.9.740.2.2.1 |
A collection of objects that provides the interface
configuration for Cisco Trusted Security capable
interface in the system. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ciscoTrustSecIfMIBDot1xGroup |
1.3.6.1.4.1.9.9.740.2.2.2 |
A collection of objects that provides the dot1x mode
configuration for the Cisco Trusted Security capable
interface in the system. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ciscoTrustSecIfMIBManualGroup |
1.3.6.1.4.1.9.9.740.2.2.3 |
A collection of objects that provides the manual mode
configuration for the Cisco Trusted Security capable
interface in the system. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ciscoTrustSecIfMIBL3ForwardGroup |
1.3.6.1.4.1.9.9.740.2.2.4 |
A collection of objects that provides the L3 forwarding
mode configuration for the Cisco Trusted Security capable
interface in the system. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ciscoTrustSecIfMIBStatusGroup |
1.3.6.1.4.1.9.9.740.2.2.5 |
A collection of objects that provides the status
information for the Cisco Trusted Security capable
interface in the system. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ciscoTrustSecIfMIBStatisticGroup |
1.3.6.1.4.1.9.9.740.2.2.6 |
A collection of objects that provides the statistic
information for the Cisco Trusted Security capable
interface in the system. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ciscoTrustSecIfMIBAuthorizationGroup |
1.3.6.1.4.1.9.9.740.2.2.7 |
A collection of objects that provides the status
information for the authorization link in the system. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ciscoTrustSecIfMIBIfcStatisticGroup |
1.3.6.1.4.1.9.9.740.2.2.8 |
A collection of objects that provides the global
IFC state statistic information in the system. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ciscoTrustSecIfMIBEventStatisticGroup |
1.3.6.1.4.1.9.9.740.2.2.9 |
A collection of objects that provides the global
statistic information for the TrustSec events. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ciscoTrustSecIfMIBIfModeStatisticGroup |
1.3.6.1.4.1.9.9.740.2.2.10 |
A collection of objects that provides the global TrustSec
mode statistic information. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ciscoTrustSecIfMIBNotifsCtrlGrp |
1.3.6.1.4.1.9.9.740.2.2.11 |
A collection of objects that provides notification control
for TrustSec interfaces. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ciscoTrustSecIfMIBNotifsOnlyInfoGrp |
1.3.6.1.4.1.9.9.740.2.2.12 |
A collection of objects that provides the notification
information for TrustSec interfaces. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|
ciscoTrustSecIfMIBNotifsGrp |
1.3.6.1.4.1.9.9.740.2.2.13 |
A collection of notifications for TrustSec interfaces. |
Status: current |
Access: read-only |
NOTIFICATION-GROUP |
|
|
|
ciscoTrustSecIfMIBCriticalAuthStatusGrp |
1.3.6.1.4.1.9.9.740.2.2.14 |
A collection of objects that provides the Critical-Auth
status information for the Cisco Trusted Security capable
interface in the system. |
Status: current |
Access: read-only |
OBJECT-GROUP |
|
|
|