CISCO-DOT11-SSID-SECURITY-MIB: View SNMP OID List / Download MIB
VENDOR: CISCO
Home | MIB: CISCO-DOT11-SSID-SECURITY-MIB | |||
---|---|---|---|---|
Download as: |
Download standard MIB format if you are planning to load a MIB file into some system (OS, Zabbix, PRTG ...) or view it with a MIB browser. CSV is more suitable for analyzing and viewing OID' and other MIB objects in excel. JSON and YAML formats are usually used in programing even though some systems can use MIB in YAML format (like Logstash).
|
|||
Object Name | OID | Type | Access | Info |
ciscoDot11SsidSecMIB | 1.3.6.1.4.1.9.9.413 |
This MIB module provides network management support for Cisco IEEE 802.11 Wireless LAN devices association and authentication. ACRONYMS AES Advanced Encryption Standard. AP Access point. AID Association IDentifier for wireless stations. BSS IEEE 802.11 Basic Service Set. BSSID Basic SSID, a MAC address. CCKM Cisco Central Key Management. CCMP Code Mode/CBC Mac Protocol. CKIP Cisco per packet key hashing. CMIC Cisco MMH MIC. CRC Cyclic Redundancy Check. DTIM Data Traffic Indication Map EAP Extensible Authentication Protocol. GRE Generic Routing Encapsulation IAPP Inter-Access-Point Protocol. ICV Integrity Check Value. MBSSID Multiple Basic SSID. MIC Message Integrity Check. MMH Multi-Modal Hashing. MMIC Michael MIC. RF Radio Frequency. SSID Radio Service Set Id. SSIDL IE SSID List Information Element STA IEEE 802.11 wireless station. TKIP WPA Temporal Key encryption. VLAN Virtual LAN. WEP Wired Equivalent Privacy. WPA Wi-Fi Protected Access. WPS Wireless Provisioning System. GLOSSARY Access point Transmitter/receiver (transceiver) device that commonly connects and transports data between a wireless network and a wired network. Association The service used to establish access point or station mapping and enable STA invocation of the distribution system services. (Wireless clients attempt to connect to access points.) Basic Service Set The IEEE 802.11 BSS of an AP comprises of the stations directly associating with the AP. Backup VLAN Wireless clients found to be running outdated/ unsupported virus software and not compliant to network admission control guidelines need to be placed on different VLANs than the intended normal VLAN. These VLANs on which the non-compliant clients are placed are termed as Backup VLANs. Backup VLANs are used to quarantine the non-compliant clients running incorrect software till they upgrade their software to the correct version. Bridge Device that connects two or more segments and reduces traffic by analyzing the destination address, filtering the frame, and forwarding the frame to all connected segments. Bridge AP It is an AP that functions as a transparent bridge between 2 wired LAN segments. Broadcast SSID Clients can send out Broadcast SSID Probe Requests to a nearby AP, and the AP will broadcast its own SSID within its beacons to response to clients. Clients can use this Broadcast SSID to associate and communicate with the AP. Extensible Authentication Protocol EAP acts as the interface between a wireless client and an authentication server, such as a RADIUS server, to which the access point communicates over the wired network. IEEE 802.11 Standard to encourage interoperability among wireless networking equipment. IEEE 802.11b High-rate wireless LAN standard for wireless data transfer at up to 11 Mbps. IEEE P802.11g Higher Speed Physical Layer (PHY) Extension to IEEE 802.11b, will boost wireless LAN speed to 54 Mbps by using OFDM (orthogonal frequency division multiplexing). The IEEE 802.11g specification is backward compatible with the widely deployed IEEE 802.11b standard. Inter-Access-Point Protocol The IEEE 802.11 standard does not define how access points track moving users or how to negotiate a handoff from one access point to the next, a process referred to as roaming. IAPP is a Cisco proprietary protocol to support roaming. However, IAPP does not address how the wireless system tracks users moving from one subnet to another. Independent network Network that provides peer-to-peer connectivity without relying on a complete network infrastructure. Information Element Optional wireless network management data element in the beacons and probe responses generated by wireless stations. These elements identify the extended capabilities supported by the stations. Integrity Check Value The WEP ICV shall be a 32-bit value containing the 32-bit cyclic redundancy code designed for verifying wireless data frame integrity. Message Integrity Check A MIC can, optionally, be added to WEP-encrypted 802.11 frames. MIC prevents attacks on encrypted packets. MIC, implemented on both the access point and all associated client devices, adds a few bytes to each packet to make the packets tamper-proof. Multiple BSS-ID An access point radio broadcasts and advertises multiple SSIDs in the beacons. For clients' prospective, it is like there are multiple access points existing in the wireless network. Native VLAN ID A switch port and/or AP can be configured with a 'native VLAN ID'. Untagged or priority-tagged frames are implicitly associated with the native VLAN ID. The default native VLAN ID is '1' if VLAN tagging is enabled. The native VLAN ID is '0' or 'no VLAN ID' if VLAN tagging is not enabled. Non-Root Bridge This wireless bridge does not connect to the main wired LAN segment. It connects to a remote wired LAN segment and can associate with root bridges and other non-root bridges that accept client associations. It also can accept associations from other non-root bridges, repeater access points, and client devices. Primary LAN In an AP, if the destinations of inbound unicast frames are unknown, the frames are sent toward the primary LAN defined on the device. Repeater Device that connects multiple segments, listening to each and regenerating the signal on one to every other connected one; so that the signal can travel further. Repeater or Non-root Access Point The repeater access point is not connected to the wired LAN. The Repeater is a wireless LAN transceiver that transfers data between a client and another access point, another repeater, or between two bridges. The repeater is placed within radio range of an access point connected to the wired LAN, another repeater, or an non-root bridge to extend the range of the infrastructure. Radio Frequency Radio wave and modulation process or operation. Root Access Point This access point connects clients to the main wired LAN. Root (Wireless) Bridge This wireless bridge connects to the main wired LAN. It can communicate with non-root wireless bridges, repeater access points, and client devices but not with another wireless root bridge. Only one wireless bridge in a wireless LAN can be set as the wireless root bridge. Service Set ID SSID is a unique identifier that APs and clients use to identify with each other. SSID is a simple means of access control and is not for security. The SSID can be any alphanumeric entry up to 32 characters. Virtual LAN VLAN defined in the IEEE 802.1Q VLAN standard supports logically segmenting of LAN infrastructure into different subnets or workgroups so that packets are switched only between ports within the same VLAN. VLAN ID Each VLAN is identified by a 12-bit 'VLAN ID'. A VLAN ID of '0' is used to indicate 'no VLAN ID'. Valid VLAN IDs range from '1' to '4095'. VLAN of ID '4095' is the default VLAN for Cisco VoIP Phones. Wired Equivalent Privacy WEP is generally used to refer to 802.11 encryption. |
||
ciscoDot11SsidSecMIBObjects | 1.3.6.1.4.1.9.9.413.1 | |||
cdot11SecSsidManagement | 1.3.6.1.4.1.9.9.413.1.1 | |||
cdot11SecAuxSsidTable | 1.3.6.1.4.1.9.9.413.1.1.1 | no-access |
This table contains the list of SSIDs that all radio interfaces of this device should install and use for client associations. |
|
1.3.6.1.4.1.9.9.413.1.1.1.1 | no-access |
A collection of attributes defining an auxiliary service set ID which client stations can use for association for the device. Entries can be installed on multiple radio interfaces. |
||
cdot11SecAuxSsid | 1.3.6.1.4.1.9.9.413.1.1.1.1.1 | cdot11ssidstring | no-access |
This object specifies a SSID defined on this IEEE 802.11 wireless LAN device. The SSID will be installed on the radio interfaces for client associations. The radio interface shall respond to probe requests using this SSID, but it does not advertise this SSID in its beacons unless the cdot11SecAuxSsidBroadcast is 'true'. |
cdot11SecAuxSsidBroadcast | 1.3.6.1.4.1.9.9.413.1.1.1.1.2 | truthvalue | read-only |
This object indicates if an auxiliary SSID is a Broadcast SSID. There should only be one Broadcast SSID installed on any IEEE 802.11 radio interface if Multiple BSSID feature is not enabled. To enable this SSID for MBSSID broadcast, use cdot11SecAuxSsidMbssidBroadcast. |
cdot11SecAuxSsidInfraStruct | 1.3.6.1.4.1.9.9.413.1.1.1.1.3 | integer | read-only |
This object indicates if an auxiliary SSID is an infra-structure SSID. There should only be one infra-structure SSID installed on any IEEE 802.11 radio interface. The infra-structure SSID is used for uplink association while the radio interface cd11IfStationRole is roleWgb(1), roleRepeater(5), roleNrBridge(9), or roleApNrBridge(10). infraStructure(1) - infra-structure SSID, nonInfraStructure(2) - Non infra-structure SSID, optional(3) - use of this infra-structure SSID is optional for uplink connection. Enumeration: 'nonInfraStructure': 2, 'infraStructure': 1, 'optional': 3. |
cdot11SecAuxSsidProxyMobileIp | 1.3.6.1.4.1.9.9.413.1.1.1.1.4 | truthvalue | read-only |
This object indicates if an auxiliary SSID is enabled for Proxy Mobile-IP support. If Proxy Mobile-IP is not supported in VLAN network environment, cdot11SecAuxSsidVlan should be '0' when Proxy Mobile-IP is enabled via this object. |
cdot11SecAuxSsidMaxStations | 1.3.6.1.4.1.9.9.413.1.1.1.1.5 | unsigned32 | read-only |
This object defines the maximum number of IEEE 802.11 stations which may associate to a radio interface through this SSID. If the value is '0', the maximum number is limited only by the IEEE 802.11 standard and any hardware or radio firmware limitations of the access point. |
cdot11SecAuxSsidVlan | 1.3.6.1.4.1.9.9.413.1.1.1.1.6 | cdot11ifvlanidorzero | read-only |
This object defines the VLAN trunk at which the traffic will be used when a client is associating with this SSID. The default value is '0', no VLAN is configured or used for this SSID. |
cdot11SecAuxSsidWpaPsk | 1.3.6.1.4.1.9.9.413.1.1.1.1.7 | cdot11wifipapresharedkey | read-only |
This object configures Wi-Fi Protected Access Pre-shared Key for this SSID. This key is used for association authentication and dynamic encryption key generation. The default value is ''H if this shared key feature is not enabled. |
cdot11SecAuxRadiusAccounting | 1.3.6.1.4.1.9.9.413.1.1.1.1.8 | snmpadminstring | read-only |
This object defines the name of the AAA accounting list to be used for association accounting. The default value is an empty string if AAA accounting is not enabled. |
cdot11SecAuxSsidLoginUsername | 1.3.6.1.4.1.9.9.413.1.1.1.1.9 | snmpadminstring | read-only |
This object specifies the username used for LEAP authentication and association to an uplink AP while this SSID is in infra-structure mode, i.e. cdot11SecAuxSsidInfraStruct is 'true'. The default value is an empty string if this feature is not enabled. |
cdot11SecAuxSsidLoginPassword | 1.3.6.1.4.1.9.9.413.1.1.1.1.10 | snmpadminstring | read-only |
This object specifies the password used for LEAP authentication association to an uplink AP while this SSID is in infra-structure mode, i.e. cdot11SecAuxSsidInfraStruct is 'true'. The default value is an empty string if this feature is not enabled. |
cdot11SecAuxSsidAuthKeyMgmt | 1.3.6.1.4.1.9.9.413.1.1.1.1.11 | cdot11secauthkeymgmttype | read-only |
This object specifies the type of key management employed for encryption keys defined for the VLAN in cdot11SecAuxSsidVlan. WPA key management('wpa') should only be selected when encryption is TKIP or AES-CCMP and authentication is open, i.e. dot11AuthenticationAlgorithmsIndex is openSystem(1), together either with EAP or WPA-PSK for this SSID. CCKM key management('cckm') can be used with encryption TKIP, WEP, CKIP, and Network-EAP authentication for this SSID. The value 'wpa1' should be selected only when encryption is TKIP. The value 'wpa2' should be selected only when encryption is either TKIP or AES-CCMP. If none of the bits are set, there is no run-time key management for this SSID. |
cdot11SecAuxSsidAuthKeyMgmtOpt | 1.3.6.1.4.1.9.9.413.1.1.1.1.12 | truthvalue | read-only |
This object specifies if the type of key management, cdot11SecAuxSsidAuthKeyMgmt, selected is optional. If it is 'true' and cdot11SecAuxSsidAuthKeyMgmt is not 'none', the key management is optional. If it is 'false' and cdot11SecAuxSsidAuthKeyMgmt is not 'none', the key management is mandatory. |
cdot11SecAuxSsidRowStatus | 1.3.6.1.4.1.9.9.413.1.1.1.1.13 | rowstatus | read-only |
This is used to create a new SSID entry on this device, and modify or delete an existing SSID entry. Creation of rows must be done via 'createAndGo' with or without optional objects. This object will become 'active' if the NMS performs a multivarbind set including this object and successfully creates the SSID on this device. Modification and deletion (via 'destroy') of rows can be done when this object is 'active'. Any change to an existing SSID configuration can cause clients associating with the SSID to disassociate. And, depends on the implementation, changes on the existing SSIDs may not affect installed SSID on the radio interfaces. Therefore, users are advised to reset the corresponding SSID on the radio interface via the cdot11SecInterfSsidTable. |
cdot11SecAuxSsidWirelessNetId | 1.3.6.1.4.1.9.9.413.1.1.1.1.14 | integer32 | read-only |
This object sets the Wireless Network ID of this SSID. This ID is used for Cisco GRE tunneling in layer 3 switching. The valid range for the ID is '1' to '4096' and the default value is '0' and it indicates no ID is configured or used on this SSID. |
cdot11SecSsidRedirectAddrType | 1.3.6.1.4.1.9.9.413.1.1.1.1.15 | inetaddresstype | read-only |
This is the address type of for the cdot11SecSsidRedirectDestAddr. |
cdot11SecSsidRedirectDestAddr | 1.3.6.1.4.1.9.9.413.1.1.1.1.16 | inetaddress | read-only |
This is the destination address set to all packets received from wireless clients associated to this wireless station using the cdot11SecAuxSsid. The cdot11SecSsidRedirectAddrType specifies the type of this address. The default value '00000000'H of cdot11SecSsidRedirectAddrType 'ipv4' indicates that this packet redirection feature is not enabled. |
cdot11SecSsidRedirectFilter | 1.3.6.1.4.1.9.9.413.1.1.1.1.17 | snmpadminstring | read-only |
When the packet redirection feature is enable (i.e., cdot11SecSsidRedirectAddrType is 'ipv4' and cdot11SecSsidRedirectDestAddr value is not '00000000'H), this is the Cisco IP extended access list number or name used for filtering packets from wireless clients. Only packets passed by the access list will be allowed to forward to the cdot11SecSsidRedirectDestAddr. If packet redirection is disabled, this access list will not be applied. The default value is an empty string to indicate that no access list filter will be applied. |
cdot11SecSsidInformationElement | 1.3.6.1.4.1.9.9.413.1.1.1.1.18 | cdot11informationelementtype | read-only |
This is the set of Information Elements and extended capabilities embedded in the SSID broadcasted in beacons and probe responses. The extended capabilities 'advertisement' and 'wps' are allowed only if 'ssidl' is set. |
cdot11SecAuxSsidVlanName | 1.3.6.1.4.1.9.9.413.1.1.1.1.19 | cdot11vlanname | read-only |
This is the name of the cdot11SecAuxSsidVlan. Either cdot11SecAuxSsidVlan or cdot11SecAuxSsidVlanName can be used to set the VLAN trunk for client traffic of this SSID. If both cdot11SecAuxSsidVlanName and cdot11SecAuxSsidVlan are set in a query, the set query will succeed if only if there is a matching pair of cdot11SecVlanName and cdot11SecVlanNameId in the cdot11SecVlanNameTable. The default value is a blank string, no VLAN or VLAN name is configured or used for this SSID. |
cdot11SecAuxSsidMbssidBroadcast | 1.3.6.1.4.1.9.9.413.1.1.1.1.20 | truthvalue | read-only |
This object controls if this SSID shall be broadcasted if MBSSID is enabled at the interface which this SSID is attached, i.e. if both cd11IfMultipleBssidEnable and cdot11SecAuxSsidMbssidBroadcastis are 'true', then this SSID is broadcasted. Otherwise, this SSID is not broadcasted. |
cdot11SecAuxSsidMbssidDtimPeriod | 1.3.6.1.4.1.9.9.413.1.1.1.1.21 | integer32 | read-only |
This is the DTIM period for this MBSSID enabled SSID. It is the number of beacon intervals that shall elapse between transmission of Beacons frames containing a TIM element whose DTIM Count field is 0. This DTIM period is only applicable if MBSSID is enabled at the interface which this SSID is attached, i.e. cd11IfMultipleBssidEnable is 'true'. The default value is 0 which indicates dot11DTIMPeriod of IEEE802dot11-MIB is used. The current valid DTIM period range for the radio is 1 to 100. |
cdot11SecAuxSsidAuthTable | 1.3.6.1.4.1.9.9.413.1.1.2 | no-access |
This table contains attributes to configure authentication parameters for SSIDs listed in the cdot11SecAuxSsidTable. This table extends the IEEE802dot11-MIB dot11AuthenticationAlgorithmsTable to defines additional attributes authentication procedures for multiple SSIDs. Multiple authentication algorithms can apply to a single auxiliary SSID. This table has an expansion dependent relationship on the cdot11SecAuxSsidTable. For each entry in this table, there exists at least an entry in the cdot11SecAuxSsidTable. |
|
1.3.6.1.4.1.9.9.413.1.1.2.1 | no-access |
Each entry specifies a pre-defined authentication algorithms and additional authentication procedures for clients of an auxiliary SSID. The three pre-defined authentication algorithms are: openSystem(1), sharedKey(2), and network-EAP(3). The valid combination of the pre-defined authentications and additional procedures are: openSystem(1) - plus EAP - plus MAC or EAP sharedKey(2) - plus MAC and EAP - plus EAP network-EAP(3) - plus MAC. |
||
cdot11SecAuxSsidAuthEnabled | 1.3.6.1.4.1.9.9.413.1.1.2.1.1 | truthvalue | read-write |
If the value is 'true', this device may authenticate an association using SSID (specified by cdot11SecAuxSsid) with the corresponding pre-defined algorithm (identified by the dot11AuthenticationAlgorithmsIndex). The default value is 'true'. |
cdot11SecAuxSsidAuthPlusEap | 1.3.6.1.4.1.9.9.413.1.1.2.1.2 | truthvalue | read-write |
If both the values of this object and cdot11SecAuxSsidAuthEnabled are 'true', the association authentication must complete additional network-level EAP authentication before client stations will be unblocked from their association attempts. If the value of this object is 'false' while cdot11SecAuxSsidAuthEnabled is 'true', client stations will be unblocked as soon as they complete the enabled IEEE 802.11 authentication. The default value is 'false' for no additional EAP authentication. |
cdot11SecAuxSsidAuthPlusMac | 1.3.6.1.4.1.9.9.413.1.1.2.1.3 | truthvalue | read-write |
If both the values of this object and cdot11SecAuxSsidAuthEnabled are 'true', the association authentication must complete additional MAC address authentication before client stations will be unblocked from their association attempts. If the value of this object is 'false' while cdot11SecAuxSsidAuthEnabled is 'true', client stations will be unblocked as soon as they complete the enabled IEEE 802.11 authentication. The default value is 'false' for no additional MAC address authentication. |
cdot11SecAuxSsidAuthEapMethod | 1.3.6.1.4.1.9.9.413.1.1.2.1.4 | snmpadminstring | read-write |
If the value of cdot11SecAuxSsidAuthPlusEap is 'true' or dot11AuthenticationAlgorithm is Network-EAP, this is the EAP method list to use for the EAP authentication. The default is an empty string if EAP is not used. |
cdot11SecAuxSsidAuthMacMethod | 1.3.6.1.4.1.9.9.413.1.1.2.1.5 | snmpadminstring | read-write |
If the value of cdot11SecAuxSsidAuthPlusMac is 'true', this is the MAC address method list to use for the MAC authentication. The default is an empty string if MAC address authentication is not used. |
cdot11SecAuxSsidAuthMacAlternate | 1.3.6.1.4.1.9.9.413.1.1.2.1.6 | truthvalue | read-write |
If the values of this object, cdot11SecAuxSsidAuthEnabled, cdot11SecAuxSsidAuthPlusMac, and cdot11SecAuxSsidAuthPlusEap are all 'true' and the dot11AuthenticationAlgorithm is 'openSystem' the, the association authentication only need to complete either additional MAC address or additional EAP authentication before client stations will be unblocked from their association attempts. If the value of this object is 'false', only one of the two additional authentications should be enabled. The default value is 'false' for only one additional should be configured. |
cdot11SecInterfSsidTable | 1.3.6.1.4.1.9.9.413.1.1.3 | no-access |
This table contains the list of SSIDs installed on radio interfaces of this device and are used for client association. This table has an expansion dependent relationship on the ifTable. For each entry in this table, there exists at least an entry in the ifTable of ifType ieee80211(71). |
|
1.3.6.1.4.1.9.9.413.1.1.3.1 | no-access |
A collection of attributes for an auxiliary service set ID installed on a IEEE 802.11 radio interface. An interface can have multiple auxiliary service set ID installed and the current maximum for each radio interface is 16 SSIDs, and the cd11IfAuxiliarySsidLength object specifies the configured maximum. |
||
cdot11SecInterfSsidRowStatus | 1.3.6.1.4.1.9.9.413.1.1.3.1.1 | rowstatus | read-only |
This is used to install a new SSID configuration, and modify or delete an existing SSID configuration on a radio interface. Creation of rows must be done via 'createAndGo' and with an existing ifIndex of ifType ieee80211(71) and an existing cdot11SecAuxSsid in the cdot11SecAuxSsidTable. This object will become 'active' if the NMS performs a multivarbind set including this object and successfully installs the SSID on this interface. Modification and deletion (via 'destroy') of rows can be done when this object is 'active'. Any change to an existing SSID configuration can cause clients associating with the SSID to disassociate. |
cdot11MbssidMacAddrSupportTable | 1.3.6.1.4.1.9.9.413.1.1.4 | no-access |
This table contains the list of available radio MAC addresses for supporting MBSSID on the IEEE 802.11 radio. This table has an expansion dependent relationship on the ifTable. For each entry in this table, there exists at least an entry in the ifTable of ifType ieee80211(71). |
|
1.3.6.1.4.1.9.9.413.1.1.4.1 | no-access |
Each entry is a MAC address assigned to the IEEE 802.11 radio available to be used as a BSSID and broadcasted in the radio beacon when MBSSID feature is enabled. |
||
cdot11MbssidMacAddrIndex | 1.3.6.1.4.1.9.9.413.1.1.4.1.1 | integer32 | read-only |
This is an unique index identifying the MAC address assigned on the radio. If MBSSID is not supported on this device, the only available index number is 1. Currently, if MBSSID is supported, the index numbers are 1 to 16. |
cdot11MbssidMacAddrSupported | 1.3.6.1.4.1.9.9.413.1.1.4.1.2 | macaddress | read-only |
This MAC address can be used as BSSID and broadcasted in the beacon with a SSID when cd11IfMultipleBssidEnable is 'true'. |
cdot11MbssidInterfaceTable | 1.3.6.1.4.1.9.9.413.1.1.5 | no-access |
This table displays the list of SSIDs and their corresponding BSSIDs configured on the IEEE 802.11 radios. This table has an expansion dependent relationship on the ifTable. For each entry in this table, there exists at least an entry in the ifTable of ifType ieee80211(71). |
|
1.3.6.1.4.1.9.9.413.1.1.5.1 | no-access |
Each entry defines an SSID being configured on the radio and the corresponding BSSID. |
||
cdot11MbssidIfMacAddress | 1.3.6.1.4.1.9.9.413.1.1.5.1.1 | macaddress | read-only |
This is the BSSID to be sent with the radio SSID. If MBSSID feature is not enabled (i.e. cd11IfMultipleBssidEnable is 'false'), all SSIDs will be sent by the radio with the same BSSID and that is the radio hardware MAC address. If MBSSID feature is enabled (i.e. cd11IfMultipleBssidEnable is 'true'), all SSIDs will be sent by the radio with different BSSIDs. |
cdot11MbssidIfBroadcast | 1.3.6.1.4.1.9.9.413.1.1.5.1.2 | truthvalue | read-only |
If d11IfMultipleBssidEnable is 'true', MBSSID is enabled for the radio and this SSID is a broadcast SSID as follows 'true' - This SSID is a broadcast SSID and being broadcasted in the radio beacon. 'false' - This SSID is not a broadcast SSID and is not broadcasted in the radio beacon. |
cdot11SecSsidMaxBackupVlans | 1.3.6.1.4.1.9.9.413.1.1.6 | unsigned32 | read-write |
Maximum number of backup VLANs that can be configured on a SSID. |
cdot11SecSsidBackupVlanTable | 1.3.6.1.4.1.9.9.413.1.1.7 | no-access |
This table lists the backup VLANs configured on a SSID. The number of backup VLANs that can be configured for each SSID identified by cdot11SecAuxSsid is limited by the value of dot11SecSsidMaxBackupVlans. This table has an expansion depedent relationship with cdot11SecAuxSsidTable. The value of cdot11SecAuxSsid for the entries in this table must exist in cdot11SecAuxSsidTable. When an entry in cdot11SecAuxSsidTable is deleted, all the backup VLANs configured for the corresponding SSID get deleted from this table. |
|
1.3.6.1.4.1.9.9.413.1.1.7.1 | no-access |
Each entry defines a backup VLAN configured on an SSID. |
||
cdot11SecSsidBackupVlan | 1.3.6.1.4.1.9.9.413.1.1.7.1.1 | cdot11ifvlanidorzero | no-access |
The backup VLAN configured on a SSID identified by the instance identifier value of cdot11SecAuxSsid. |
cdot11SecSsidBackupVlanRowStatus | 1.3.6.1.4.1.9.9.413.1.1.7.1.2 | rowstatus | read-only |
The status of this conceptual row. |
cdot11SecAuthManagement | 1.3.6.1.4.1.9.9.413.1.2 | |||
cdot11SecLocalAuthServerEnabled | 1.3.6.1.4.1.9.9.413.1.2.1 | truthvalue | read-write |
This object configures the use of local authentication server. If it is 'true', local authentication server is enabled. If it is 'false', the local authentication server is disabled. If both local and network servers are configured, the local server is used as back up when network authentication server is not available. |
cdot11SecStatistics | 1.3.6.1.4.1.9.9.413.1.3 | |||
cdot11SecVlanManagement | 1.3.6.1.4.1.9.9.413.1.4 | |||
cdot11SecVlanNameTable | 1.3.6.1.4.1.9.9.413.1.4.1 | no-access |
This table contains the mapping of VLAN names to IDs. A RADIUS server servering this wireless station can assign wireless clients associating to this station to a particular VLAN by either a VLAN name or an ID. When the VLAN assign of a client is via VLAN name, this table is used to look up for the corresponding VLAN ID and VLAN configured on this wireless station. Each VLAN name uniquely identifies a VLAN on a wireless station, and a VLAN ID can associate to multiple VLAN names in this table. |
|
1.3.6.1.4.1.9.9.413.1.4.1.1 | no-access |
A collection of attributes defining the properties of a VLAN name and the corresponding VLAN ID. |
||
cdot11SecVlanName | 1.3.6.1.4.1.9.9.413.1.4.1.1.1 | cdot11vlanname | no-access |
This object defines the VLAN name assigned to wireless clients by the RADIUS server serving this wireless station. |
cdot11SecVlanNameId | 1.3.6.1.4.1.9.9.413.1.4.1.1.2 | cdot11ifvlanidorzero | read-only |
This object defines the VLAN trunk to which a client associating to this wireless station will be on. The value is '0' is not valid. |
cdot11SecVlanNameRowStatus | 1.3.6.1.4.1.9.9.413.1.4.1.1.3 | rowstatus | read-only |
This is used to create a new VLAN name to ID mapping entry on this device, and modify or delete an existing mapping entry. Creation of rows must be done via 'createAndGo' with all other mandatory objects. This object will become 'active' if the NMS performs a multivarbind set including this object and successfully creates the VLAN name entry on this device. Modification and deletion (via 'destroy') of rows can be done when this object is 'active'. Any change to an existing VLAN name to ID mapping configuration do not affect existing associated wireless clients. |
ciscoDot11SsidSecMIBConformance | 1.3.6.1.4.1.9.9.413.2 | |||
ciscoDot11SsidSecMIBCompliances | 1.3.6.1.4.1.9.9.413.2.1 | |||
ciscoDot11SsidSecCompliance | 1.3.6.1.4.1.9.9.413.2.1.1 |
This is the compliance statement for the ciscoDot11SsidSecMIB module. |
||
ciscoDot11SsidSecComplianceRev1 | 1.3.6.1.4.1.9.9.413.2.1.2 |
This is the compliance statement for the ciscoDot11SsidSecMIB module. |
||
ciscoDot11SsidSecMIBGroups | 1.3.6.1.4.1.9.9.413.2.2 | |||
cdot11SecSsidManagementGroup | 1.3.6.1.4.1.9.9.413.2.2.1 |
This group includes objects to manage SSID on IEEE 802.11 devices and interfaces. |
||
cdot11SsidAuthenticationGroup | 1.3.6.1.4.1.9.9.413.2.2.2 |
This group includes objects to manage the association and authentication algorithms for SSIDs. |
||
cdot11ModuleAuthenticationGroup | 1.3.6.1.4.1.9.9.413.2.2.3 |
This group includes objects to manage the association and authentication of this wireless station module. |
||
cdot11SecVlanManagementGroup | 1.3.6.1.4.1.9.9.413.2.2.4 |
This group includes objects to manage the VLAN name and ID mapping table. |
||
cdot11MbssidSupportGroup | 1.3.6.1.4.1.9.9.413.2.2.5 |
This group includes objects providing MBSSID configuration information. |
||
cdot11SecSsidBackupVlanManagementGroup | 1.3.6.1.4.1.9.9.413.2.2.6 |
This group of objects are to manage the backup VLAN configuration on a SSID. |