CISCO-LWAPP-WAPI-MIB: View SNMP OID List / Download MIB
VENDOR: CISCO
| Home | MIB: CISCO-LWAPP-WAPI-MIB | |||
|---|---|---|---|---|
| Download as: |
Download standard MIB format if you are planning to load a MIB file into some system (OS, Zabbix, PRTG ...) or view it with a MIB browser. CSV is more suitable for analyzing and viewing OID' and other MIB objects in excel. JSON and YAML formats are usually used in programing even though some systems can use MIB in YAML format (like Logstash).
|
|||
| Object Name | OID | Type | Access | Info |
| ciscoLwappWapiMIB | 1.3.6.1.4.1.9.9.9997 |
cisco WiFi Controller Snmp agent support for Wapi. WAPI is a Chinese National Standard for Wireless LAN (GB 15629.11-2003) GLOSSARY: WAPI - WLAN Authentication and Privacy Infrastructures WAI - WLAN Authentication Interface WLAN - Wireless Local Area Network WPI - Wireless Privacy Interface MSK - multicast session key AKM - authentication and key management BKID - Base Key IDentification |
||
| ciscoLwappWapiMIBObjects | 1.3.6.1.4.1.9.9.9997.1 | |||
| cLWapiWlanStats | 1.3.6.1.4.1.9.9.9997.1.1 | no-access |
This table maintains the WAPI statistics for each WLAN on which WAPI is configured as the security protocol. |
|
| 1.3.6.1.4.1.9.9.9997.1.1.1 | no-access |
An entry in the cLWWSW Table |
||
| cLWWSWAISignatureErrors | 1.3.6.1.4.1.9.9.9997.1.1.1.1 | counter32 | read-only |
This counter shall increment when the signature in the received WAI message is incorrect |
| cLWWSWAIHMACErrors | 1.3.6.1.4.1.9.9.9997.1.1.1.2 | counter32 | read-only |
This counter shall increment when the message authentication code in the received WAI message is incorrect |
| cLWWSWAIAuthResultFailures | 1.3.6.1.4.1.9.9.9997.1.1.1.3 | counter32 | read-only |
This counter shall increment when the WAI authentication is unsuccessful |
| cLWWSWAIDiscardCounters | 1.3.6.1.4.1.9.9.9997.1.1.1.4 | counter32 | read-only |
This counter shall increment when the received WAI message is discarded |
| cLWWSWAITimeoutCounters | 1.3.6.1.4.1.9.9.9997.1.1.1.5 | counter32 | read-only |
This counter shall increment when the WAI message is timeout |
| cLWWSWAIFormatErrors | 1.3.6.1.4.1.9.9.9997.1.1.1.6 | counter32 | read-only |
This counter shall increment when there exists format error in the WAI message |
| cLWWSWAICertHandshakeFailures | 1.3.6.1.4.1.9.9.9997.1.1.1.7 | counter32 | read-only |
This counter shall increment when the WAI Certificate Authentication is unsuccessful |
| cLWWSWAIUnicastHandshakeFailures | 1.3.6.1.4.1.9.9.9997.1.1.1.8 | counter32 | read-only |
This counter shall increment when the WAI Unicast Key Negotiation is unsuccessful |
| cLWWSWAIMulticastHandshakeFailures | 1.3.6.1.4.1.9.9.9997.1.1.1.9 | counter32 | read-only |
This counter shall increment when the WAI Multicast Key Negotiation is unsuccessful |
| cLWWSWPIRXReplayCounters | 1.3.6.1.4.1.9.9.9997.1.1.1.10 | counter32 | read-only |
This counter shall increment when the WPI RX replay check is unsuccessful |
| cLWWSWPIRXMicErrorCounters | 1.3.6.1.4.1.9.9.9997.1.1.1.11 | counter64 | read-only |
This counter shall increment when the WPI MIC is error |
| cLWWSWPIRXDecryptErrorCounters | 1.3.6.1.4.1.9.9.9997.1.1.1.12 | counter64 | read-only |
This counter shall increment when the WPI Decryption is error |
| cLWapiClientStats | 1.3.6.1.4.1.9.9.9997.1.2 | no-access |
This table maintains the WAPI statistics for each client connected to a WLAN on which WAPI is configured as the security protocol. |
|
| 1.3.6.1.4.1.9.9.9997.1.2.1 | no-access |
An entry in the cLWapiClientStats Table |
||
| cLWCSWapiClientVersion | 1.3.6.1.4.1.9.9.9997.1.2.1.1 | integer32 | read-only |
This object represents the WAPI draft version used by the WAPI client |
| cLWCSWAISignatureErrors | 1.3.6.1.4.1.9.9.9997.1.2.1.2 | counter32 | read-only |
This counter shall increment when the signature in the received WAI message is incorrect |
| cLWCSWAIHMACErrors | 1.3.6.1.4.1.9.9.9997.1.2.1.3 | counter32 | read-only |
This counter shall increment when the message authentication code in the received WAI message is incorrect |
| cLWCSWAIAuthResultFailures | 1.3.6.1.4.1.9.9.9997.1.2.1.4 | counter32 | read-only |
This counter shall increment when the WAI authentication is unsuccessful |
| cLWCSWAIDiscardCounters | 1.3.6.1.4.1.9.9.9997.1.2.1.5 | counter32 | read-only |
This counter shall increment when the received WAI message is discarded |
| cLWCSWAITimeoutCounters | 1.3.6.1.4.1.9.9.9997.1.2.1.6 | counter32 | read-only |
This counter shall increment when the WAI message is timeout |
| cLWCSWAIFormatErrors | 1.3.6.1.4.1.9.9.9997.1.2.1.7 | counter32 | read-only |
This counter shall increment when there exists format error in the WAI message |
| cLWCSWAICertHandshakeFailures | 1.3.6.1.4.1.9.9.9997.1.2.1.8 | counter32 | read-only |
This counter shall increment when the WAI Certificate Authentication is unsuccessful |
| cLWCSWAIUnicastHandshakeFailures | 1.3.6.1.4.1.9.9.9997.1.2.1.9 | counter32 | read-only |
This counter shall increment when the WAI Unicast Key Negotiation is unsuccessful |
| cLWCSWAIMulticastHandshakeFailures | 1.3.6.1.4.1.9.9.9997.1.2.1.10 | counter32 | read-only |
This counter shall increment when the WAI Multicast Key Negotiation is unsuccessful |
| cLWCSWAIUnicastCipherSuite | 1.3.6.1.4.1.9.9.9997.1.2.1.11 | octet string | read-only |
This value represents the Client Unicast Cipher Suite in use, of which obtained from Assoc req frame |
| cLWCSWAIMcastCipherSuite | 1.3.6.1.4.1.9.9.9997.1.2.1.12 | octet string | read-only |
This value represents the Client Multicast Cipher Suite in use, of which obtained from Assoc req frame |
| cLWCSWAIAuthenticationSuiteRequested | 1.3.6.1.4.1.9.9.9997.1.2.1.13 | octet string | read-only |
This object specificies the last AKM suite requested from client. 0x 00 14 72 01 : cert 0x 00 14 72 02 : psk |
| cLWCSWAIBKIDUsed | 1.3.6.1.4.1.9.9.9997.1.2.1.14 | octet string | read-only |
This value represents the selector of the last BKID used in the last Unicast Key Negotiation Handshake |
| cLWCSWAICtrPortState | 1.3.6.1.4.1.9.9.9997.1.2.1.15 | truthvalue | read-only |
This value represents the state of client controlled port entity, true means authenticated, false means not authenticated |
| cLWapiWlanConfig | 1.3.6.1.4.1.9.9.9997.1.3 | no-access |
This table maintains the WAPI config entry for the WLAN. |
|
| 1.3.6.1.4.1.9.9.9997.1.3.1 | no-access |
An entry in the cLWapiWlanConfig Table |
||
| cLWCSWlanWapiEnable | 1.3.6.1.4.1.9.9.9997.1.3.1.1 | truthvalue | read-write |
This object is used to enable the WAPI security on the WLAN. |
| cLWCSWlanWapiAkmKeyMgmtMode | 1.3.6.1.4.1.9.9.9997.1.3.1.2 | integer | read-write |
This object is used to enable the AKM type to be used for the WAPI WLAN. Enumeration: 'psk': 2, 'cert': 1, 'invalid': 0. |
| cLWCSWlanWapiEncryptType | 1.3.6.1.4.1.9.9.9997.1.3.1.3 | bits | read-write |
This object is used to enable the encryption type for WAPI WLAN. Bits: 'sms4': 0. |
| cLWCSWlanWapiPskFmt | 1.3.6.1.4.1.9.9.9997.1.3.1.4 | clseckeyformat | read-write |
This object indicates the type of the authentication preshared key configured through the object cLWCSWlanWapiPskSetkey. Note that the key configuration is applicable only when psk is configured as the key management mechanism through the cLWCSWlanWapiAkmKeyMgmtMode object. |
| cLWCSWlanWapiPsk | 1.3.6.1.4.1.9.9.9997.1.3.1.5 | octet string | read-write |
This object is used to configure the Pre-Shared Key for WAI PSK authentication for the WLAN. The key can be in ASCII or HEX format. 'ascii' 8-40 characters 'hex' 4-40 octets. |
| cLWCSWlanWapiConfigUnicasCiphersEntry | 1.3.6.1.4.1.9.9.9997.1.3.1.6 | octet string | read-only |
The selector of a supported unicast cipher suite. It consists of an OUI (the first 3 octets) and a cipher suite identifier (the last octet). |
| cLWCSWlanWapiConfigUnicastCipherSize | 1.3.6.1.4.1.9.9.9997.1.3.1.7 | unsigned32 | read-only |
This object indicates the length in bit of the USK. This should be 256 for SMS4. The first 128bits is the UEK and the last 128bits is the UCK. |
| cLWCSWlanWapiMcastCipherSize | 1.3.6.1.4.1.9.9.9997.1.3.1.8 | unsigned32 | read-only |
This object indicates the length in bit of the MSK. This should be 256 for in SMS4. The first 128bits is the MEK and the last 128bits is the MCK. |
| cLWCSWlanBKLifeTime | 1.3.6.1.4.1.9.9.9997.1.3.1.9 | unsigned32 | read-write |
This object is used to configure the maximum lifetime of a BK in the BK cache. |
| cLWCSWlanBKReauthThreshold | 1.3.6.1.4.1.9.9.9997.1.3.1.10 | unsigned32 | read-write |
This object is used to configure the percentage of the BK lifetime that should expire before a WAI reauthentication occurs. |
| cLWCSWlanWapiConfigMulticastCipher | 1.3.6.1.4.1.9.9.9997.1.3.1.11 | octet string | read-write |
This object indicates the multicast cipher suite that this entity must adopt. The WAPI Parameter Set information element shall adopt the value of this variable, which contains a 3-octet OUI and a one-octet cipher suite identifier. |
| cLWCSWlanWapiAuthenticationSuiteSelected | 1.3.6.1.4.1.9.9.9997.1.3.1.12 | octet string | read-only |
This object represents the selector of the last AKM suite negotiated. |
| cLWCSWlanWapiUnicastCipherSelected | 1.3.6.1.4.1.9.9.9997.1.3.1.13 | octet string | read-only |
This object indicates the selector of the last unicast cipher suite negotiated. |
| cLWCSWlanWapiMulticastCipherSelected | 1.3.6.1.4.1.9.9.9997.1.3.1.14 | octet string | read-only |
This object indicates the selector of the last multicast cipher suite negotiated. |
| cLWCSWlanWapiPreauthenticationState | 1.3.6.1.4.1.9.9.9997.1.3.1.15 | truthvalue | read-only |
This object represents the state of Preauthentication in WAPI and currently it is not supported. |
| cLWapiAPTable | 1.3.6.1.4.1.9.9.9997.1.4 | no-access |
This table maintains the WAPI details and configurations for each AP connected. |
|
| 1.3.6.1.4.1.9.9.9997.1.4.1 | no-access |
An entry in the cLWapiAPTable Table. |
||
| cLWCSWapiAPMaxUnicastKeysSupport | 1.3.6.1.4.1.9.9.9997.1.4.1.1 | integer32 | read-only |
This object represents the maximum number of USK's that an AP can support. |
| cLWapiWlanAKMSuitesConfigTable | 1.3.6.1.4.1.9.9.9997.1.5 | no-access |
This table maintains the WAPI config entry for the WLAN. |
|
| 1.3.6.1.4.1.9.9.9997.1.5.1 | no-access |
An entry in the cLWapiWlanAKMSuitesConfig Table |
||
| cLWCSWlanWapiAuthenticationSuiteIndex | 1.3.6.1.4.1.9.9.9997.1.5.1.1 | integer | no-access |
This object is used to a index for AKM suites on the WLAN. Enumeration: 'psk': 2, 'cert': 1. |
| cLWCSWlanWapiAuthenticationSuite | 1.3.6.1.4.1.9.9.9997.1.5.1.2 | octet string | read-only |
This object is used to indicate the AKM suite octects on the WLAN. |
| cLWCSWlanWapiAuthenticationSuiteEnable | 1.3.6.1.4.1.9.9.9997.1.5.1.3 | truthvalue | read-write |
This object is used to enable the AKM suites on the WLAN. |
| cLWapiCiphers | 1.3.6.1.4.1.9.9.9997.1.6 | no-access |
This table maintains the unicast cipher suites supported by this entity. It allows enabling and disabling of each unicast cipher suite by network management. The unicast cipher suite list in the WAPI Parameter Set information element is formed using the information in this table. |
|
| 1.3.6.1.4.1.9.9.9997.1.6.1 | no-access |
An entry in the cLWapiCiphers Table. |
||
| cLWCSWlanCipherIndex | 1.3.6.1.4.1.9.9.9997.1.6.1.1 | unsigned32 | no-access |
This object represents auxiliary index of the CiscoWapiCiphersEntry. |
| cLWCSWlanCipherEnabled | 1.3.6.1.4.1.9.9.9997.1.6.1.2 | truthvalue | read-write |
This object represents enables or disables the unicast cipher. |
| ciscoLwappWapiConfig | 1.3.6.1.4.1.9.9.9997.2 | |||
| clWapiASIpAddress | 1.3.6.1.4.1.9.9.9997.2.1 | ipaddress | read-write |
This object represents the IP address of the WAPI authentication server. |
| clWapiASPortNumber | 1.3.6.1.4.1.9.9.9997.2.2 | integer32 | read-write |
This object represents the UDP port number for WAPI authentication server. |
| clWapiASRequestTimeout | 1.3.6.1.4.1.9.9.9997.2.3 | integer32 | read-write |
This object represents timeout value for the packets sent to Auth Server. |
| clWapiMulticastRekeyMethod | 1.3.6.1.4.1.9.9.9997.2.4 | integer | read-write |
This object selects a mechanism for rekeying the WAPI MSK. The default is time-based, once per day. Rekeying the MSK is only applicable to an entry acting in the AE role. Enumeration: 'disabled': 1, 'timeBased': 2, 'messageBased': 3, 'timemessageBased': 4. |
| clWapiMulticastRekeyTime | 1.3.6.1.4.1.9.9.9997.2.5 | unsigned32 | read-write |
This object represents the time in seconds after which the WAPI MSK will be refreshed. The timer will start the moment the MSK was set using the MLME-SETWPIKEYS request primitive. |
| clWapiMulticastRekeyMessages | 1.3.6.1.4.1.9.9.9997.2.6 | unsigned32 | read-write |
This object represents the message count in thousands after which the WAPI MSK will be refreshed. The message counter will start the moment the MSK was set using the MLME-SETWPIKEYS request primitive. |
| clWapiMulticastRekeyStrict | 1.3.6.1.4.1.9.9.9997.2.7 | truthvalue | read-write |
This object signals that the MSK shall be refreshed whenever a STA leaves the BSS that possesses the MSK. |
| clWapiConfigCertificateUpdateCount | 1.3.6.1.4.1.9.9.9997.2.8 | unsigned32 | read-write |
This object represents the number of times messages in the WAPI hhandshake protocol will be retried per certificate handshake attempt. |
| clWapiConfigMulticastUpdateCount | 1.3.6.1.4.1.9.9.9997.2.9 | unsigned32 | read-write |
This object represents the number of times message 1 in the WAPI muticast key announcement handshake will be retried per MSK handshake attempt. |
| clWapiConfigUnicastUpdateCount | 1.3.6.1.4.1.9.9.9997.2.10 | unsigned32 | read-write |
This object represents the number of times message 1 and message 3 in the WAPI unicast key announcement handshake will be retried per USK handshake attempt. |
| cLWCSWapiConfigureVersion | 1.3.6.1.4.1.9.9.9997.2.11 | integer32 | read-only |
This object represents the WAPI configuration version |
| clWapiConfigControlledPortControl | 1.3.6.1.4.1.9.9.9997.2.12 | integer | read-only |
This object indicates the value of the Controlled port. If the value is 0 which means automatic, the current behaviour. The state of the controlled port shall be based on the result of authentication. Enumeration: 'auto': 0. |
| clWapiUserInvalidCertificationInbreakNetwork | 1.3.6.1.4.1.9.9.9997.2.13 | displaystring | read-only |
This object represents the WAPI user with invalid certification. |
| cLApWAPISecurityLowAttack | 1.3.6.1.4.1.9.9.9997.2.14 | displaystring | read-only |
This object represents the WAPI security low attack notification information. |
| clWapiUnicastRekeyMethod | 1.3.6.1.4.1.9.9.9997.2.15 | integer | read-write |
This object selects a mechanism for rekeying the WAPI USK. The default is time-based, once per day. Rekeying the USK is only applicable to an entry acting in the AE role. Method 1 (disabled) will temporarily stop the unicast rekeying Enumeration: 'disabled': 1, 'timeBased': 2, 'messageBased': 3, 'timeMessageBased': 4. |
| clWapiUnicastRekeyTime | 1.3.6.1.4.1.9.9.9997.2.16 | unsigned32 | read-write |
This object represents the time in seconds after which the WAPI USK will be refreshed. The timer will start the moment the USK was set using the MLME-SETWPIKEYS request primitive. |
| clWapiUnicastRekeyMessage | 1.3.6.1.4.1.9.9.9997.2.17 | unsigned32 | read-write |
This object represents the message count in thousands after which the WAPI USK will be refreshed. The message counter will start the moment the USK was set using the MLME-SETWPIKEYS request primitive. This MIB will be configurable od of TIME or TIME&PACKET |
| clWapiConfigSATimeout | 1.3.6.1.4.1.9.9.9997.2.18 | unsigned32 | read-write |
This object represents the maximum time a security association shall take to set up. |
| cLApWAPIReplayAttack | 1.3.6.1.4.1.9.9.9997.2.19 | displaystring | read-only |
This object represents the WAPI replay attack notification information. |
| cLApWAPITamperAttack | 1.3.6.1.4.1.9.9.9997.2.20 | displaystring | read-only |
This object represents the WAPI tamper attack notification information. |
| clWapiAddressRedirectAttack | 1.3.6.1.4.1.9.9.9997.2.21 | displaystring | read-only |
This object represents the WAPI redirect attack notification information. |
| ciscoLwappWapiCertificateObjects | 1.3.6.1.4.1.9.9.9997.3 | |||
| clWapiWLCCertificateStatus | 1.3.6.1.4.1.9.9.9997.3.1 | truthvalue | read-only |
This object represents the installation state of WLC Certificate. True means the WLC certificate is installed. False means it is uninstalled. |
| clWapiCACertificateStatus | 1.3.6.1.4.1.9.9.9997.3.2 | truthvalue | read-only |
This object represents the installation state of Certificate Authority Certificate. True means the CA certificate is installed. False means it is uninstalled |
| clWapiASCertificateStatus | 1.3.6.1.4.1.9.9.9997.3.3 | truthvalue | read-only |
This object represents the installation state of Auth Server Certificate. True means the AS certificate is installed. False means it is uninstalled. |
| ciscoLwappWapiMIBNotifObjects | 1.3.6.1.4.1.9.9.9997.4 | |||
| ciscoLwappWapiUserInvalidCertificateNetworkTrap | 1.3.6.1.4.1.9.9.9997.4.1 |
This notification will be sent when the WAPI Client is installed with invalid certificates. |
||
| ciscoLwappWapiSecurityLowAttackTrap | 1.3.6.1.4.1.9.9.9997.4.2 |
This notification will be sent when AP received a fake Unicast Key Negotiation Response frame of which the WIE_AUSE is different with that of AP sent before. |
||
| ciscoLwappWapiReplayAttackTrap | 1.3.6.1.4.1.9.9.9997.4.3 |
This notification will be sent when AP received an AE challenge is different with that of AP received before. |
||
| ciscoLwappWapiTamperAttackTrap | 1.3.6.1.4.1.9.9.9997.4.4 |
This notification will be sent when AP received an invaild Message Authentication Code. |
||
| ciscoLwappWapiAddressRedirectAttackTrap | 1.3.6.1.4.1.9.9.9997.4.5 |
This notification will be sent when AP received an address redirect attack trap. Radio interface information (MAC), BSSID, SSID, Mac of station |
||