No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

MIB Reference

S7700 and S9700 V200R011C10

This document provides the function overview, relationships between tables, description of single objects, description of MIB tables, and description of alarm objects.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
HUAWEI-BRAS-SRVCFG-EAP-MIB

HUAWEI-BRAS-SRVCFG-EAP-MIB

Functions Overview

HUAWEI-BRAS-SRVCFG-EAP-MIB describes global 802.1X configurations and 802.1X configurations on an interface.

Root directory:

iso(1).org(3).dod(6).internet(1).private(4).enterprises(1).huawei(2011).huaweiMgmt(5).hwDatacomm(25).hwBRASMib(40).hwBRASSrvcfgEap(4)

NOTE:

The functions provided by this MIB only apply to the common NAC configuration mode.

Relationships Between Tables

None.

Description of Single Objects

hwDot1xGlobal

OID

Object Name

Syntax

Maximum Access

Description

Access

1.3.6.1.4.1.2011.5.25.40.4.1.2

hwDot1xGlobal

EnabledStatus

read-write

This object indicates whether 802.1X authentication is enabled globally.
  • enable
  • disable
By default, 802.1X authentication is disabled globally.

This object is implemented as defined in the corresponding MIB files.

hwDot1xAuthenMethod

OID

Object Name

Syntax

Access

Description

Status

1.3.6.1.4.1.2011.5.25.40.4.1.3

hwDot1xAuthenMethod

INTEGER { chap(1), pap(2), eap(3) }

read-write

This object identifies the authentication method of 802.1X users.
  • chap(1)
  • pap(2)
  • eap(3)
By default, CHAP is used.

current

hwDot1xDhcpTrigger

OID

Object Name

Syntax

Access

Description

Status

1.3.6.1.4.1.2011.5.25.40.4.1.4

hwDot1xDhcpTrigger

EnabledStatus

read-write

This object identifies whether 802.1X authentication is enabled when the switch receives a Dynamic Host Configuration Protocol (DHCP) packet requesting an IP address from a user.
  • enable
  • disable
By default, 802.1X authentication is disabled.

current

hwDot1xHandshake

OID

Object Name

Syntax

Access

Description

Status

1.3.6.1.4.1.2011.5.25.40.4.1.5

hwDot1xHandshake

EnabledStatus

read-write

This object indicates whether the handshake function is enabled for online users.
  • enable
  • disable
By default, the handshake function is disabled for online users.

current

hwDot1xQuietPeriod

OID

Object Name

Syntax

Access

Description

Status

1.3.6.1.4.1.2011.5.25.40.4.1.6

hwDot1xQuietPeriod

EnabledStatus

read-write

This object identifies whether the quiet timer is enabled.
  • enabled
  • disabled
By default, the quiet timer is enabled.

current

hwDot1xRetry

OID

Object Name

Syntax

Access

Description

Status

1.3.6.1.4.1.2011.5.25.40.4.1.7

hwDot1xRetry

Integer32 (1..10)

read-write

This object identifies the maximum number of times for sending an authentication request to an access user. The value ranges from 1 to 10. By default, the value is 2.

current

hwDot1xTimerHandshakePeriod

OID

Object Name

Syntax

Access

Description

Status

1.3.6.1.4.1.2011.5.25.40.4.1.8

hwDot1xTimerHandshakePeriod

Integer32

read-write

This object identifies the interval for sending handshake request messages. The value ranges from 5 to 7200, in seconds. By default, the value is 120.

current

hwDot1xTimerQuietPeriod

OID

Object Name

Syntax

Access

Description

Status

1.3.6.1.4.1.2011.5.25.40.4.1.9

hwDot1xTimerQuietPeriod

Integer32

read-write

The value of this object identifies the quiet period.The value is an integer that ranges from 1 to 3600, in seconds. The default value is 60 seconds.

current

hwDot1xTimerClientTimeout

OID

Object Name

Syntax

Access

Description

Status

1.3.6.1.4.1.2011.5.25.40.4.1.11

hwDot1xTimerClientTimeout

Integer32 (1..120)

read-write

This object identifies the timeout interval of the response from the authentication client. The value ranges from 1 to 120, in seconds. By default, the value is 5.

current

hwDot1xTimerTxPeriod

OID

Object Name

Syntax

Access

Description

Status

1.3.6.1.4.1.2011.5.25.40.4.1.12

hwDot1xTimerTxPeriod

Integer32 (1..120)

read-write

This object identifies the timeout interval for transmitting packets. The value ranges from 1 to 120, in seconds. By default, the value is 30.

current

hwDot1xReauthenPeriod

OID

Object Name

Syntax

Access

Description

Status

1.3.6.1.4.1.2011.5.25.40.4.1.13

hwDot1xReauthenPeriod

Integer32 (60..7200)

read-write

This object identifies the interval for 802.1X re-authentication. The value ranges from 60 to 7200, in seconds. By default, the value is 3600.

current

hwDot1xQuietFailTimes

OID

Object Name

Syntax

Access

Description

Status

1.3.6.1.4.1.2011.5.25.40.4.1.15

hwDot1xQuietFailTimes

Integer32 (1..10)

read-write

This object identifies the number of authentication failures before the 802.1X user enters the silent state. The value ranges from 1 to 10. By default, the value is 10.

current

Description of MIB Tables

hwDot1xPortConfigTable

This table describes information about interface-based 802.1X authentication.

The index of this table is hwDot1xPortIndex.

OID

Object Name

Syntax

Access

Description

Status

1.3.6.1.4.1.2011.5.25.40.4.1.14.1.1

hwDot1xPortIndex

Integer32

not-accessible

This object indicates the interface index.

The value ranges from 0 to 1280.

current

1.3.6.1.4.1.2011.5.25.40.4.1.14.1.2

hwDot1xPortSwitch

EnabledStatus

read-create

NOTE:

The NAC unified mode only supports read.

This object identifies whether 802.1X authentication is enabled on the specified interface.

  • 1: enable
  • 2: disable

By default, 802.1X authentication is disabled.

current

1.3.6.1.4.1.2011.5.25.40.4.1.14.1.3

hwDot1xPortGuestVlan

VlanidOrNone

read-create

NOTE:

The NAC unified mode only supports read.

This object indicates the ID of a guest VLAN.

The value ranges from 0 to 4094. Values 1 to 4094 specify guest VLAN IDs, and the value 0 is used to disable the guest VLAN.

current

1.3.6.1.4.1.2011.5.25.40.4.1.14.1.4

hwDot1xPortMaxUser

Integer32

read-create

NOTE:

The NAC unified mode does not support the node.

This object identifies the maximum number of access users on the specified interface.

The value is an integer that varies depending on product models.

current

1.3.6.1.4.1.2011.5.25.40.4.1.14.1.5

hwDot1xPortControl

INTEGER

read-create

NOTE:

The NAC unified mode only supports read.

This object identifies the access control mode on the specified interface.

  • 1: auto: Auto mode.
  • 2: authorizedForce: Authorized-force mode.
  • 3: unauthorizedForce: Unauthorized-force mode.

By default, the value is auto.

current

1.3.6.1.4.1.2011.5.25.40.4.1.14.1.6

hwDot1xPortMethod

INTEGER

read-create

NOTE:

The NAC unified mode only supports read.

This object identifies the access mode on the specified interface.

  • 1: macbased: Based on MAC address.
  • 2: portbased: Based on port.

By default, macbased 802.1X authentication is used.

current

1.3.6.1.4.1.2011.5.25.40.4.1.14.1.7

hwDot1xPortReauthen

EnabledStatus

read-create

NOTE:

The NAC unified mode only supports read.

This object identifies whether 802.1X re-authentication is enabled on the specified interface or all the interfaces of a switch.

  • 1: enable
  • 2: disable

By default, 802.1X re-authentication is disabled.

current

1.3.6.1.4.1.2011.5.25.40.4.1.14.1.8

hwDot1xMacByPass

EnabledStatus

read-create

NOTE:

The NAC unified mode only supports read.

This object identifies whether MAC address bypass authentication is enabled on the specified interface.

  • 1: enable
  • 2: disable

By default, MAC address bypass authentication is disabled.

NOTE:

When MAC address bypass authentication is enabled, 802.1X authentication must be enabled on the interface so that MAC address bypass authentication takes effect.

When MAC address bypass authentication is disabled, you must disable 802.1X authentication on the interface.

current

1.3.6.1.4.1.2011.5.25.40.4.1.14.1.9

hwDot1xModemVersion

DisplayString

read-only

This object indicates the version number of the modem.

current

1.3.6.1.4.1.2011.5.25.40.4.1.14.1.13

hwDot1xMacByPassMacAuthFirst

EnabledStatus

read-create

NOTE:

The NAC unified mode only supports read.

This object identifies whether MAC address authentication first during MAC address bypass authentication is enabled on the device.

  • 1: enable
  • 2: disable

By default, the device is disabled from performing MAC address authentication first during MAC address bypass authentication.

current

1.3.6.1.4.1.2011.5.25.40.4.1.14.1.15

hwDot1xTriggerDhcpbind

EnabledStatus

read-create

This object identifies whether automatically generate the DHCP snooping binding table is enabled on the device after 802.1X authentication is successfully configured for static IP users or when the users are at the pre-authentication phase.

  • 1: enable
  • 2: disable

By default, the device is disabled from automatically generating the DHCP snooping binding table after 802.1X authentication is successfully configured for static IP users or when the users are at the pre-authentication phase.

NOTE:

The device automatically generates the DHCP snooping binding table when the users are at the pre-authentication phase only in unified mode.

current

Creation Restriction

No entry can be created in this table.

Modification Restriction

The entries in this table can be modified.

Deletion Restriction

The entries in this table cannot be deleted.

Access Restriction

The entries in this table can be read without restriction.

Description of Alarm Objects

hwSrvcfgEapMaxUserAlarm

OID

Object Name

Binding Variable

Description

Status

1.3.6.1.4.1.2011.5.25.40.4.2.1

hwSrvcfgEapMaxUserAlarm

ifDescr

When the number of users that pass authentication reaches the upper limit, a trap is generated.

current

Unsupported Objects

The functions corresponding to the following objects are not supported on the device. Do not use these MIB objects to maintain the device.

Table 20-1  List of unsupported objects

Object ID

Object Name

Table

1.3.6.1.4.1.2011.5.25.40.4.2

hwSrvcfgEapMibTraps

Single object

1.3.6.1.4.1.2011.5.25.40.4.3

hwSrvcfgEapConformance

Single object

1.3.6.1.4.1.2011.5.25.40.4.3.1

hwSrvcfgEapCompliances

Single object

1.3.6.1.4.1.2011.5.25.40.4.1.10

hwDot1xTimerServerTimeout

Single object

1.3.6.1.4.1.2011.5.25.40.4.3.2

hwDot1xSystemConfigGroups

Single object

1.3.6.1.4.1.2011.5.25.40.4.1.14.1.10

hwDot1xForceDomain hwDot1xPortConfigTable

1.3.6.1.4.1.2011.5.25.40.4.1.14.1.11

hwDot1xAuthStatus hwDot1xPortConfigTable
Translation
Download
Updated: 2019-10-17

Document ID: EDOC1000178290

Views: 884865

Downloads: 58

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next