-- ******************************************************************* -- CISCO-LWAPP-SYS-MIB.my -- March 2007, Devesh Pujari, Srinath Candadai -- -- Copyright (c) 2007 by Cisco Systems, Inc. -- All rights reserved. -- ******************************************************************* CISCO-LWAPP-SYS-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32 FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF TruthValue FROM SNMPv2-TC SnmpAdminString FROM SNMP-FRAMEWORK-MIB ciscoMgmt FROM CISCO-SMI; -- ******************************************************************** -- * MODULE IDENTITY -- ******************************************************************** ciscoLwappSysMIB MODULE-IDENTITY LAST-UPDATED "200703140000Z" ORGANIZATION "Cisco Systems Inc." CONTACT-INFO "Cisco Systems, Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 USA Tel: +1 800 553-NETS Email: cs-wnbu-snmp@cisco.com" DESCRIPTION "This MIB is intended to be implemented on all those devices operating as Central controllers, that terminate the Light Weight Access Point Protocol tunnel from Cisco Light-weight LWAPP Access Points. This MIB provides global configuration and status information for the controller. All general system related information is presented in this MIB. The relationship between CC and the LWAPP APs can be depicted as follows: +......+ +......+ +......+ + + + + + + + CC + + CC + + CC + + + + + + + +......+ +......+ +......+ .. . . .. . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ + + + + + + + + + AP + + AP + + AP + + AP + + + + + + + + + +......+ +......+ +......+ +......+ . . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ + + + + + + + + + MN + + MN + + MN + + MN + + + + + + + + + +......+ +......+ +......+ +......+ The LWAPP tunnel exists between the controller and the APs. The MNs communicate with the APs through the protocol defined by the 802.11 standard. LWAPP APs, upon bootup, discover and join one of the controllers and the controller pushes the configuration, that includes the WLAN parameters, to the LWAPP APs. The APs then encapsulate all the 802.11 frames from wireless clients inside LWAPP frames and forward the LWAPP frames to the controller. GLOSSARY Access Point ( AP ) An entity that contains an 802.11 medium access control ( MAC ) and physical layer ( PHY ) interface and provides access to the distribution services via the wireless medium for associated clients. LWAPP APs encapsulate all the 802.11 frames in LWAPP frames and sends them to the controller to which it is logically connected. Light Weight Access Point Protocol ( LWAPP ) This is a generic protocol that defines the communication between the Access Points and the Central Controller. Mobile Node ( MN ) A roaming 802.11 wireless device in a wireless network associated with an access point. Mobile Node and client are used interchangeably. Extensible Authentication Protocol ( EAP ) EAP is a universal authentication protocol used in wireless and PPP networks. It is defined by RFC 3748. EAP-Flexible Authentication ( EAP-FAST ) This protocol is used via secure tunneling for 802.1X EAP. PAC PAC (Protected Access Credential) is a meachanism for mutual authentication in EAP-FAST. REFERENCE [1] Wireless LAN Medium Access Control ( MAC ) and Physical Layer ( PHY ) Specifications. [2] Draft-obara-capwap-lwapp-00.txt, IETF Light Weight Access Point Protocol. [3] IEEE 802.1X - Authentication for Wireless and Wired Connections." REVISION "200703140000Z" DESCRIPTION "Initial version of this MIB module." ::= { ciscoMgmt 618 } ciscoLwappSysMIBNotifs OBJECT IDENTIFIER ::= { ciscoLwappSysMIB 0 } ciscoLwappSysMIBObjects OBJECT IDENTIFIER ::= { ciscoLwappSysMIB 1 } ciscoLwappSysMIBConform OBJECT IDENTIFIER ::= { ciscoLwappSysMIB 2 } clsConfig OBJECT IDENTIFIER ::= { ciscoLwappSysMIBObjects 1 } clsDot3BridgeEnabled OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies whether 803.2 bridging mode is enabled or disabled on the controller. A value of 'true' specifies that the bridging mode is enabled. A value of 'false' specifies that the bridging mode is disabled." ::= { clsConfig 1 } clsConfigDownload OBJECT IDENTIFIER ::= { clsConfig 2 } clsConfigUpload OBJECT IDENTIFIER ::= { clsConfig 3 } clsDownloadFileType OBJECT-TYPE SYNTAX INTEGER { unknown(1), code(2), config(3), webAuthCert(4), webAdminCert(5), signatures(6), customWebAuth(7), vendorDeviceCert(8), vendorCaCert(9) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the file types that can be downloaded to the controller. The file types for download are: unknown - Unknown file type code - Code file config - Configuration file webAuthCert - Web authentication certificates webAdminCert - Web administrative certificates signatures - Signature file customWebAuth - Custom web authentication tar file vendorDeviceCert - Vendor device certificates vendorCaCert - Vendor certificate authority certificates" ::= { clsConfigDownload 1 } clsDownloadCertificateKey OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (0..255)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the key used to encrypt the EAP certificate, specified by IEEE 802.1X standard, during upload from the controller and for decrypting the file after its downloaded to the controller. This object is relevant only when clsDownloadFileType is 'vendorDeviceCert'. For all other values of clsDownloadFileType object this will return an empty string." ::= { clsConfigDownload 2 } clsUploadFileType OBJECT-TYPE SYNTAX INTEGER { unknown(1), config(2), errorLog(3), systemTrace(4), trapLog(5), crashFile(6), signatures(7), pac(8) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the file types that can be uploaded to the controller. The file types for upload are: unknown - Unknown file config - Configuration file errorLog - Error log systemTrace - System trace trapLog - Trap log crashFile - Crash file signatures - Signature file pac - PAC file" ::= { clsConfigUpload 1 } clsUploadPacUsername OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (0..63)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the upload user name for protected access credential (PAC). This object needs to be set before setting clsUploadFileType to 'pac'. For all other values of clsUploadFileType this will return an empty string." ::= { clsConfigUpload 2 } clsUploadPacPassword OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (0..128)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the upload password for protected access credential (PAC). This object needs to be set before setting clsUploadFileType to 'pac'. For all other values of clsUploadFileType this will return an empty string." ::= { clsConfigUpload 3 } clsUploadPacValidity OBJECT-TYPE SYNTAX Unsigned32 (0..65535 ) UNITS "days" MAX-ACCESS read-write STATUS current DESCRIPTION "This object specifies the upload validity in days for protected access credential (PAC). This object is relevant only when clsUploadFileType is set to 'pac'. For all other values of clsUploadFileType this will return an empty string." ::= { clsConfigUpload 4 } -- ******************************************************************** ciscoLwappSysMIBCompliances OBJECT IDENTIFIER ::= { ciscoLwappSysMIBConform 1 } ciscoLwappSysMIBGroups OBJECT IDENTIFIER ::= { ciscoLwappSysMIBConform 2 } -- ******************************************************************** -- * Units of conformance -- ******************************************************************** ciscoLwappSysMIBCompliance MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoLwappSysMIB module." MODULE -- this module MANDATORY-GROUPS { ciscoLwappSysConfigGroup } ::= { ciscoLwappSysMIBCompliances 1 } ciscoLwappSysConfigGroup OBJECT-GROUP OBJECTS { clsDot3BridgeEnabled, clsDownloadFileType, clsDownloadCertificateKey, clsUploadFileType, clsUploadPacUsername, clsUploadPacPassword, clsUploadPacValidity } STATUS current DESCRIPTION "This collection of objects represents the system wide configuration on the controller." ::= { ciscoLwappSysMIBGroups 1 } END