USERGROUP-MIB: View SNMP OID List / Download MIB

The Hirschmann Private Usergroup MIB definitions for Platform devices.

The events of hmUserGroup.

This trap is sent if an unknown MAC address is detected on a port.

This trap is sent if a MAC address / IP address is detected on a port which is not acceptable for the current setting of hmPortSecPermission AND ...SecAction is either set to trapOnly(2) or portDisable(3).

This trap is sent when two or more users with incompatible user group settings have been detected at the port.

A list of user group definitions.

user group definition

The user group number identifying this instance.

A textual description of the user group instance.

If set to true(1) any member of this group is restricted to ports - which have hmPortSecPermission set to group(2) and - the group is in hmPortSecAllowedGroupIDs. If set to false(2) the user may also connect to a port if permitted by other hmPortSecPermission settings, e.g. known(3) or world(4). The following access restrictions apply: UserRestr. UserGroupRestr. PortSecPermission access allowed -------------------------------------------------------------------- false false user hmPortSecAllowedUserID false false group hmPortSecAllowedGroupIDs false false known any user group member false false world yes true false/true user hmPortSecAllowedUserID true false/true group no true false/true known no true false/true world no false true user hmPortSecAllowedUserID false true group hmPortSecAllowedGroupIDs false true known no false true world no Enumeration: 'false': 2, 'true': 1.

This variable specifies the action which is taken if a user tries to connect to the given port when he is not allowed to do so. Setting the variable to none(1) disables any action. A value of trapOnly(2) generates a trap. Setting the value to portDisable(3) will send a trap, and additionally disable the port until it is re-enabled by management. Enumeration: 'none': 1, 'portDisable': 3, 'trapOnly': 2.

A list of users which are members of a given user group.

An user group member entry.

user group id of this member.

user ID of this member.

List of all user group members.

An user entry.

User ID.

If set to true(1) the user may only connect to ports which have hmPortSecPermission set to user(1) and hmPortSecAllowedUserID set to hmUserID. If set to false(2) the user may also connect to a port if permitted by other hmPortSecPermission settings, e.g. group(2), known(3) or world(4). The following access restrictions apply: UserRestr. UserGroupRestr. PortSecPermission access allowed --------------------------------------------------------------------- false false user hmPortSecAllowedUserID false false group hmPortSecAllowedGroupIDs false false known any user group member false false world yes true false/true user hmPortSecAllowedUserID true false/true group no true false/true known no true false/true world no false true user hmPortSecAllowedUserID false true group hmPortSecAllowedGroupIDs false true known no false true world no Enumeration: 'false': 2, 'true': 1.

List of port security entries.

A single port security entry.

Slot number the switch unit is plugged in.

Port number within the group.

This variable specifies the security level of the port. If set to user(1) only the user defined by hmPortSecAllowedUserID may connect to this port. In group(2) mode only members of the user group specified by hmPortSecAllowedGroupIDs are allowed. known(3) means that all users belonging to any user group (all known users) are accepted. Setting the value to world(4) disables the security features, i.e. any user is permitted. For backbone ports the value uplink(5) should be used. If a user does not match the allowed permission he is not able to connect to the network over this port, additionally the actions configured through hmPortSecAction are taken. Enumeration: 'known': 3, 'world': 4, 'group': 2, 'user': 1, 'uplink': 5.

This variable specifies the allowed user ID if hmPortSecPermission has been set to user(1).

This variable specifies the allowed user groups if hmPortSecPermission has been set to group(2). Each group is represented by a single bit. If a group does not exist the value of the bit is ignored.

This variable reflects the user ID of a connected user actually seen on this port. If there is no user connected the value will be 0x00:00:00:00:00:00.

This variable specifies the action which is taken if a user tries to connect to the given port when he is not allowed to do so. Setting the variable to none(1) disables any action. A value of trapOnly(2) generates a trap. Setting the value to portDisable(3) will send a trap, and additionally disable the port until it is re-enabled by management. Setting the value to autoDisable(3) will send a trap, and additionally auto-disable the port for the amount of time specified per port. Enumeration: 'autoDisable': 4, 'none': 1, 'portDisable': 3, 'trapOnly': 2.

This variable controls whether the agent should re-configure the port when another user with an incompatible user group setting has been detected. The default setting, true(1), should be used if a single user is connected to the port. The value false(2) might be useful if more than one user is connected to the port (workgroup mode). Enumeration: 'false': 2, 'true': 1.

This variable shows the current status of the port with respect to port security. If the address seen on the port is allowed, the status is enabled(1), if it is not allowed, the status is disabled(2) if hmUserGroupSecurityAction is portDisable(3), or enabledWithWrongAddr(3) if hmUserGroupSecurityAction is none(1) or trapOnly(2). Enumeration: 'disabled': 2, 'enabledWithWrongAddr': 3, 'enabled': 1.

This variable specifies the allowed user IP ID if hmPortSecPermission has been set to user(1).

This variable signifies the limit of dynamically learned allowed MAC addresses for a specific port.

The current number of dynamically learned allowed MAC addresses on this port.

This variable specifies the action which is taken if a user tries to connect to the given port when he is not allowed to do so. Setting the variable to none(1) disables any action. A value of trapOnly(2) generates a trap. Setting the value to portDisable(3) will send a trap, and additionally disable the port until it is re-enabled by management. Enumeration: 'none': 1, 'portDisable': 3, 'trapOnly': 2.

This variable specifies the mode of the hmPortSecurityTable. Enumeration: 'ipAddressBased': 2, 'macAddressBased': 1.

List of extended port security entries.

A single extended port security entry.

Slot number the switch unit is plugged in.

Port number within the group.

This variable specifies the action which is taken if a user tries to connect to the given port when he is not allowed to do so. Setting the variable to none(1) disables any action. A value of trapOnly(2) generates a trap. Setting the value to portDisable(3) will send a trap, and additionally disable the port until it is re-enabled by management. Enumeration: 'none': 1, 'portDisable': 3, 'trapOnly': 2.

This variable shows the current status of the port with respect to port security. If the address seen on the port is allowed, the status is enabled(1), if it is not allowed, the status is disabled(2) if hmUserGroupSecurityAction is portDisable(3), or enabledWithWrongAddr(3) if hmUserGroupSecurityAction is none(1) or trapOnly(2). Enumeration: 'disabled': 2, 'enabledWithWrongAddr': 3, 'enabled': 1.

List of port security entries with multiple allowed addresses.

A single port security entry with multiple allowed addresses.

Slot number the switch unit is plugged in.

Port number within the group.

Number of adresses.

This variable specifies the allowed user ID if hmPortSecPermission has been set to user(1).

This variable specifies the allowed user IP ID if hmPortSecPermission has been set to user(1).

The number of bits from left ro right, that are used from the MAC address.