BRCD-DOT1X-MIB: View SNMP OID List / Download MIB

Management Information for configuration /querying of 802.1x authentication It is grouped into five MIBs - 1. Global level configurable admin /status 802.1x information 2. Port level EAPOL statistics information 3. Port level configuration information 4. Different Port state information and 5. 802.1x mac session information Copyright 1996-2010 Brocade Communications Systems, Inc. All rights reserved. This Brocade Communications Systems SNMP Management Information Base Specification embodies Brocade Communications Systems' confidential and proprietary intellectual property. Brocade Communications Systems retains all title and ownership in the Specification, including any revisions. This Specification is supplied AS IS, and Brocade Communications Systems makes no warranty, either express or implied, as to the use, operation, condition, or performance of the specification, and any unintended consequence it may on the user environment.

When the Brocade device is unable to authenticate a Client, the amount of time the Brocade device waits before trying again.. The allowed range is from 1 to 4294967294

When a Client does not send back an EAP(Extensible Authentication Protocol)-response/identity frame, the amount of time the Brocade device waits before retransmitting the EAP-request/identity frame to a Client The allowed range is from 1 to 4294967294

When a supplicant (Client) does not respond to an EAP-request frame, the amount of time before the Brocade device retransmits the frame The allowed range is from 1 to 4294967294

When the Authentication Server (RADIUS) does not respond to a message sent from the Client, the amount of time before the Brocade device retransmits the message. The allowed range is from 1 to 4294967294

The number of times the Brocade device retransmits an EAP-request/identity request frame if it does not receive an EAP-response/identity response frame from a Client

The number of re-authentication attempts that are permitted before the port becomes Unauthorized

How often the device automatically re-authenticates clients when periodic re-authentication is enabled The allowed range is from 1 to 4294967294

The EAP protocol version

The total number of ports that have 802.1x enabled

Used to enable / disable Reauthentication globally

The Max-Age of the 802.1x mac session- A value between 0 and 65535

Enable / Disable Mac-Session-No Aging for Denied sessions

Enable / Disable Mac-Session-No Aging for Permitted sessions

To Configure the action to take when the authentication fails Enumeration: 'blockTraffic': 1, 'restrictedVlan': 2.

A table that contains port EAP(Extensible Authentication Protocol) frames statistics for 802.1x authentication

An entry of EAP frames statistics indexed by ifIndex

The total number of EAPOL frames received on the port It includes EAP frames -

The no of EAPOL frames transmitted on the port

The number of EAPOL-Start frames received on the port

The number of EAPOL-Logoff frames received on the port

The number of EAP frames other than Response/Identity frames received on the port

The number of EAP-Request/Identity frames transmitted on the port

The number of invalid EAPOL frames received on the port

The version of last EAP frame received

The number of received EAP response or Id frames on the port

The received EAP Length Error frame

The number of transmitted EAP request frames on the port

The MAC address of the source from which the last EAP frame came

A table that allows configuration of dot1x values for a given port

An entry of 802.1x config values

The configured port control type for the interface which can be 1. force-unauthorized - port's controlled port is placed unconditionally in the unauthorized state 2. control-auto - the controlled port is unauthorized until authentication takes place between client and RADIUS 3. force-authorized - the port's controlled port is placed unconditionally in the authorized state Enumeration: 'controlauto': 2, 'forceUnauthorized': 1, 'forceAuthorized': 3.

To configure filter strict security on the interface - enable(1) or disable(0)

To Configure (enable / disable) 802.1x on an interface level

A table that contains entries of port dot1x values

An entry of 802.1x config values indexed by ifIndex to be able to have port values

Number of 802.1x MAC sessions per port

Number of Authorized MAC sessions per port

Originally configured(not dynamically assigned) PVID(port's default VLAN ID) for the port

The number of devices transmitting untagged traffic on the port's PVID

The number of devices transmitting untagged traffic on the port's PVID as a result of dynamic VLAN assignment

The Current Vlan state the port is in, which can be RADIUS -The port's PVID was dynamically assigned by a RADIUS server Restricted - The port's PVID is the restricted VLAN Normal - The port's PVID is not set by a RADIUS server, nor is it the restricted VLAN Enumeration: 'restricted': 2, 'radius': 1, 'normal': 3.

The Dot1x Authentication default Port VLAN Id

Restrict PVID

RADIUS assign PVID

A table that contains 802.1x MAC sessions

An entry containing information applicable to a particular interface and client MAC ie., dot1x-mac-session

Mac address of the client - which basically represents the username used for RADIUS authentication

User name of the 802.1x mac session

Incoming VLAN ID

The VLAN to which the port is currently assigned

The authentication state of the dot1x-mac-session - which can be permitted, denied, restricted or in the Init state Enumeration: 'restrict': 3, 'init': 4, 'blocked': 2, 'permit': 1.

MAX Age of the mac session in which the MAC address is authenticated.

Client(supplicant) IP address Type. Supported address types are ipv4(1) and ipv6(2)

The IP Address of the client

The age's type - Hardware or Software aging, Ena in which case the aging hasn't started, or notapplicable when there is a fake 802.1x mac session Enumeration: 'hardware': 2, 'ena': 3, 'notapplicable': 4, 'software': 1.

Used to enable /disable 802.1x authentication globally