You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
328 lines
13 KiB
328 lines
13 KiB
PPP-SEC-MIB DEFINITIONS ::= BEGIN
|
|
|
|
IMPORTS
|
|
Counter
|
|
FROM RFC1155-SMI
|
|
OBJECT-TYPE
|
|
FROM RFC-1212
|
|
ppp
|
|
FROM PPP-LCP-MIB;
|
|
|
|
pppSecurity OBJECT IDENTIFIER ::= { ppp 2 }
|
|
|
|
pppSecurityProtocols OBJECT IDENTIFIER ::= { pppSecurity 1 }
|
|
|
|
-- The following uniquely identify the various protocols
|
|
-- used by PPP security. These OBJECT IDENTIFIERS are
|
|
-- used in the pppSecurityConfigProtocol and
|
|
-- pppSecuritySecretsProtocol objects to identify to which
|
|
-- protocols the table entries apply.
|
|
|
|
pppSecurityPapProtocol OBJECT IDENTIFIER ::=
|
|
{ pppSecurityProtocols 1 }
|
|
pppSecurityChapMD5Protocol OBJECT IDENTIFIER ::=
|
|
{ pppSecurityProtocols 2 }
|
|
|
|
-- PPP Security Group
|
|
-- Implementation of this group is optional.
|
|
|
|
-- This table allows the network manager to configure
|
|
-- which security protocols are to be used on which
|
|
-- link and in what order of preference each is to be tried
|
|
|
|
|
|
pppSecurityConfigTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF PppSecurityConfigEntry
|
|
ACCESS not-accessible
|
|
STATUS mandatory
|
|
DESCRIPTION
|
|
"Table containing the configuration and
|
|
preference parameters for PPP Security."
|
|
::= { pppSecurity 2 }
|
|
|
|
|
|
pppSecurityConfigEntry OBJECT-TYPE
|
|
SYNTAX PppSecurityConfigEntry
|
|
ACCESS not-accessible
|
|
STATUS mandatory
|
|
DESCRIPTION
|
|
|
|
|
|
|
|
|
|
|
|
"Security configuration information for a
|
|
particular PPP link."
|
|
INDEX { pppSecurityConfigLink,
|
|
pppSecurityConfigPreference }
|
|
::= { pppSecurityConfigTable 1 }
|
|
|
|
|
|
PppSecurityConfigEntry ::= SEQUENCE {
|
|
pppSecurityConfigLink
|
|
INTEGER,
|
|
pppSecurityConfigPreference
|
|
INTEGER,
|
|
pppSecurityConfigProtocol
|
|
OBJECT IDENTIFIER,
|
|
pppSecurityConfigStatus
|
|
INTEGER
|
|
}
|
|
|
|
|
|
pppSecurityConfigLink OBJECT-TYPE
|
|
SYNTAX INTEGER(0..2147483647)
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
DESCRIPTION
|
|
"The value of ifIndex that identifies the entry
|
|
in the interface table that is associated with
|
|
the local PPP entity's link for which this
|
|
particular security algorithm shall be
|
|
attempted. A value of 0 indicates the default
|
|
algorithm - i.e., this entry applies to all
|
|
links for which explicit entries in the table
|
|
do not exist."
|
|
::= { pppSecurityConfigEntry 1 }
|
|
|
|
|
|
pppSecurityConfigPreference OBJECT-TYPE
|
|
SYNTAX INTEGER(0..2147483647)
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
DESCRIPTION
|
|
"The relative preference of the security
|
|
protocol identified by
|
|
pppSecurityConfigProtocol. Security protocols
|
|
with lower values of
|
|
pppSecurityConfigPreference are tried before
|
|
protocols with higher values of
|
|
pppSecurityConfigPreference."
|
|
::= { pppSecurityConfigEntry 2 }
|
|
|
|
|
|
pppSecurityConfigProtocol OBJECT-TYPE
|
|
SYNTAX OBJECT IDENTIFIER
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
|
|
|
|
|
|
|
|
DESCRIPTION
|
|
"Identifies the security protocol to be
|
|
attempted on the link identified by
|
|
pppSecurityConfigLink at the preference level
|
|
identified by pppSecurityConfigPreference. "
|
|
::= { pppSecurityConfigEntry 3 }
|
|
|
|
|
|
pppSecurityConfigStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
invalid(1),
|
|
valid(2)
|
|
}
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
DESCRIPTION
|
|
"Setting this object to the value invalid(1)
|
|
has the effect of invalidating the
|
|
corresponding entry in the
|
|
pppSecurityConfigTable. It is an
|
|
implementation-specific matter as to whether
|
|
the agent removes an invalidated entry from the
|
|
table. Accordingly, management stations must
|
|
be prepared to receive tabular information from
|
|
agents that corresponds to entries not
|
|
currently in use. Proper interpretation of
|
|
such entries requires examination of the
|
|
relevant pppSecurityConfigStatus object."
|
|
DEFVAL { valid }
|
|
::= { pppSecurityConfigEntry 4 }
|
|
|
|
|
|
-- This table contains all of the ID/Secret pair information.
|
|
|
|
|
|
pppSecuritySecretsTable OBJECT-TYPE
|
|
SYNTAX SEQUENCE OF PppSecuritySecretsEntry
|
|
ACCESS not-accessible
|
|
STATUS mandatory
|
|
DESCRIPTION
|
|
"Table containing the identities and secrets
|
|
used by the PPP authentication protocols. As
|
|
this table contains secret information, it is
|
|
expected that access to this table be limited
|
|
to those SNMP Party-Pairs for which a privacy
|
|
protocol is in use for all SNMP messages that
|
|
the parties exchange. This table contains both
|
|
the ID and secret pair(s) that the local PPP
|
|
entity will advertise to the remote entity and
|
|
the pair(s) that the local entity will expect
|
|
from the remote entity. This table allows for
|
|
multiple id/secret password pairs to be
|
|
specified for a particular link by using the
|
|
pppSecuritySecretsIdIndex object."
|
|
|
|
|
|
|
|
|
|
|
|
::= { pppSecurity 3 }
|
|
|
|
|
|
pppSecuritySecretsEntry OBJECT-TYPE
|
|
SYNTAX PppSecuritySecretsEntry
|
|
ACCESS not-accessible
|
|
STATUS mandatory
|
|
DESCRIPTION
|
|
"Secret information."
|
|
INDEX { pppSecuritySecretsLink,
|
|
pppSecuritySecretsIdIndex }
|
|
::= { pppSecuritySecretsTable 1 }
|
|
|
|
|
|
PppSecuritySecretsEntry ::= SEQUENCE {
|
|
pppSecuritySecretsLink
|
|
INTEGER,
|
|
pppSecuritySecretsIdIndex
|
|
INTEGER,
|
|
pppSecuritySecretsDirection
|
|
INTEGER,
|
|
pppSecuritySecretsProtocol
|
|
OBJECT IDENTIFIER,
|
|
pppSecuritySecretsIdentity
|
|
OCTET STRING,
|
|
pppSecuritySecretsSecret
|
|
OCTET STRING,
|
|
pppSecuritySecretsStatus
|
|
INTEGER
|
|
}
|
|
|
|
pppSecuritySecretsLink OBJECT-TYPE
|
|
SYNTAX INTEGER(0..2147483647)
|
|
ACCESS read-only
|
|
STATUS mandatory
|
|
DESCRIPTION
|
|
"The link to which this ID/Secret pair applies.
|
|
By convention, if the value of this object is 0
|
|
then the ID/Secret pair applies to all links."
|
|
::= { pppSecuritySecretsEntry 1 }
|
|
|
|
|
|
pppSecuritySecretsIdIndex OBJECT-TYPE
|
|
SYNTAX INTEGER(0..2147483647)
|
|
ACCESS read-only
|
|
STATUS mandatory
|
|
DESCRIPTION
|
|
"A unique value for each ID/Secret pair that
|
|
has been defined for use on this link. This
|
|
allows multiple ID/Secret pairs to be defined
|
|
for each link. How the local entity selects
|
|
which pair to use is a local implementation
|
|
decision."
|
|
::= { pppSecuritySecretsEntry 2 }
|
|
|
|
|
|
|
|
|
|
|
|
pppSecuritySecretsDirection OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
local-to-remote(1),
|
|
remote-to-local(2)
|
|
}
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
DESCRIPTION
|
|
"This object defines the direction in which a
|
|
particular ID/Secret pair is valid. If this
|
|
object is local-to-remote then the local PPP
|
|
entity will use the ID/Secret pair when
|
|
attempting to authenticate the local PPP entity
|
|
to the remote PPP entity. If this object is
|
|
remote-to-local then the local PPP entity will
|
|
expect the ID/Secret pair to be used by the
|
|
remote PPP entity when the remote PPP entity
|
|
attempts to authenticate itself to the local
|
|
PPP entity."
|
|
::= { pppSecuritySecretsEntry 3 }
|
|
|
|
|
|
pppSecuritySecretsProtocol OBJECT-TYPE
|
|
SYNTAX OBJECT IDENTIFIER
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
DESCRIPTION
|
|
"The security protocol (e.g. CHAP or PAP) to
|
|
which this ID/Secret pair applies."
|
|
::= { pppSecuritySecretsEntry 4 }
|
|
|
|
|
|
pppSecuritySecretsIdentity OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
DESCRIPTION
|
|
"The Identity of the ID/Secret pair. The
|
|
actual format, semantics, and use of
|
|
pppSecuritySecretsIdentity depends on the
|
|
actual security protocol used. For example, if
|
|
pppSecuritySecretsProtocol is
|
|
pppSecurityPapProtocol then this object will
|
|
contain a PAP Peer-ID. If
|
|
pppSecuritySecretsProtocol is
|
|
pppSecurityChapMD5Protocol then this object
|
|
would contain the CHAP NAME parameter."
|
|
::= { pppSecuritySecretsEntry 5 }
|
|
|
|
|
|
pppSecuritySecretsSecret OBJECT-TYPE
|
|
SYNTAX OCTET STRING (SIZE(0..255))
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
|
|
|
|
|
|
|
|
|
|
DESCRIPTION
|
|
"The secret of the ID/Secret pair. The actual
|
|
format, semantics, and use of
|
|
pppSecuritySecretsSecret depends on the actual
|
|
security protocol used. For example, if
|
|
pppSecuritySecretsProtocol is
|
|
pppSecurityPapProtocol then this object will
|
|
contain a PAP Password. If
|
|
pppSecuritySecretsProtocol is
|
|
pppSecurityChapMD5Protocol then this object
|
|
would contain the CHAP MD5 Secret."
|
|
::= { pppSecuritySecretsEntry 6 }
|
|
|
|
|
|
pppSecuritySecretsStatus OBJECT-TYPE
|
|
SYNTAX INTEGER {
|
|
invalid(1),
|
|
valid(2)
|
|
}
|
|
ACCESS read-write
|
|
STATUS mandatory
|
|
DESCRIPTION
|
|
"Setting this object to the value invalid(1)
|
|
has the effect of invalidating the
|
|
corresponding entry in the
|
|
pppSecuritySecretsTable. It is an
|
|
implementation-specific matter as to whether
|
|
the agent removes an invalidated entry from the
|
|
table. Accordingly, management stations must
|
|
be prepared to receive tabular information from
|
|
agents that corresponds to entries not
|
|
currently in use. Proper interpretation of
|
|
such entries requires examination of the
|
|
relevant pppSecuritySecretsStatus object."
|
|
DEFVAL { valid }
|
|
::= { pppSecuritySecretsEntry 7 }
|
|
|
|
|
|
END
|