-
Notifications
You must be signed in to change notification settings - Fork 59
/
Copy pathCISCO-LWAPP-WLAN-MIB.mib
500 lines (418 loc) · 17.9 KB
/
CISCO-LWAPP-WLAN-MIB.mib
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
160
161
162
163
164
165
166
167
168
169
170
171
172
173
174
175
176
177
178
179
180
181
182
183
184
185
186
187
188
189
190
191
192
193
194
195
196
197
198
199
200
201
202
203
204
205
206
207
208
209
210
211
212
213
214
215
216
217
218
219
220
221
222
223
224
225
226
227
228
229
230
231
232
233
234
235
236
237
238
239
240
241
242
243
244
245
246
247
248
249
250
251
252
253
254
255
256
257
258
259
260
261
262
263
264
265
266
267
268
269
270
271
272
273
274
275
276
277
278
279
280
281
282
283
284
285
286
287
288
289
290
291
292
293
294
295
296
297
298
299
300
301
302
303
304
305
306
307
308
309
310
311
312
313
314
315
316
317
318
319
320
321
322
323
324
325
326
327
328
329
330
331
332
333
334
335
336
337
338
339
340
341
342
343
344
345
346
347
348
349
350
351
352
353
354
355
356
357
358
359
360
361
362
363
364
365
366
367
368
369
370
371
372
373
374
375
376
377
378
379
380
381
382
383
384
385
386
387
388
389
390
391
392
393
394
395
396
397
398
399
400
401
402
403
404
405
406
407
408
409
410
411
412
413
414
415
416
417
418
419
420
421
422
423
424
425
426
427
428
429
430
431
432
433
434
435
436
437
438
439
440
441
442
443
444
445
446
447
448
449
450
451
452
453
454
455
456
457
458
459
460
461
462
463
464
465
466
467
468
469
470
471
472
473
474
475
476
477
478
479
480
481
482
483
484
485
486
487
488
489
490
491
492
493
494
495
496
497
-- *******************************************************************
-- CISCO-LWAPP-WLAN-MIB.my
-- This MIB helps to manage the WLANs on the controller
-- January 2006, Devesh Pujari, Prasanna Viswakumar
--
-- Copyright (c) 2006, 2007 by Cisco Systems, Inc.
-- All rights reserved.
-- *******************************************************************
CISCO-LWAPP-WLAN-MIB DEFINITIONS ::= BEGIN
IMPORTS
MODULE-IDENTITY,
OBJECT-TYPE,
Unsigned32
FROM SNMPv2-SMI
MODULE-COMPLIANCE,
OBJECT-GROUP
FROM SNMPv2-CONF
TruthValue,
RowStatus,
DisplayString,
StorageType
FROM SNMPv2-TC
SnmpAdminString
FROM SNMP-FRAMEWORK-MIB
ciscoMgmt
FROM CISCO-SMI;
ciscoLwappWlanMIB MODULE-IDENTITY
LAST-UPDATED "2007020300Z"
ORGANIZATION "Cisco Systems Inc."
CONTACT-INFO
"Cisco Systems,
Customer Service
Postal: 170 West Tasman Drive
San Jose, CA 95134
USA
Tel: +1 800 553-NETS
Email: [email protected]"
DESCRIPTION
"This MIB is intended to be implemented on all those
devices operating as Central Controllers (CC) that
terminate the Light Weight Access Point Protocol
tunnel from Cisco Light-weight LWAPP Access Points.
This MIB helps to manage the WLANs on the controller.
The relationship between CC and the LWAPP APs
can be depicted as follows:
+......+ +......+ +......+ +......+
+ + + + + + + +
+ CC + + CC + + CC + + CC +
+ + + + + + + +
+......+ +......+ +......+ +......+
.. . . .
.. . . .
. . . . .
. . . . .
. . . . .
. . . . .
+......+ +......+ +......+ +......+ +......+
+ + + + + + + + + +
+ AP + + AP + + AP + + AP + + AP +
+ + + + + + + + + +
+......+ +......+ +......+ +......+ +......+
. . . .
. . . . .
. . . . .
. . . . .
. . . . .
+......+ +......+ +......+ +......+ +......+
+ + + + + + + + + +
+ MN + + MN + + MN + + MN + + MN +
+ + + + + + + + + +
+......+ +......+ +......+ +......+ +......+
The LWAPP tunnel exists between the controller and
the APs. The MNs communicate with the APs through
the protocol defined by the 802.11 standard.
LWAPP APs, upon bootup, discover and join one of the
controllers and the controller pushes the configuration,
that includes the WLAN parameters, to the LWAPP APs.
The APs then encapsulate all the 802.11 frames from
wireless clients inside LWAPP frames and forward
the LWAPP frames to the controller.
GLOSSARY
Access Point ( AP )
An entity that contains an 802.11 medium access
control ( MAC ) and physical layer ( PHY ) interface
and provides access to the distribution services via
the wireless medium for associated clients.
LWAPP APs encapsulate all the 802.11 frames in
LWAPP frames and sends it to the controller to which
it is logically connected to.
Central Controller ( CC )
The central entity that terminates the LWAPP protocol
tunnel from the LWAPP APs. Throughout this MIB,
this entity also referred to as 'controller'.
Light Weight Access Point Protocol ( LWAPP )
This is a generic protocol that defines the
communication between the Access Points and the
controllers.
Mobile Node ( MN )
A roaming 802.11 wireless device in a wireless
network associated with an access point.
Access Control List ( ACL )
A list of rules used to restrict the traffic reaching
an interface or the CPU or WLAN. Each ACL is an ordered
set of rules and actions. If a rule matches then the
action for that rule is applied to the packet.
802.1x
The IEEE ratified standard for enforcing port based
access control. This was originally intended for
use on wired LANs and later extended for use in
802.11 WLAN environments. This defines an
architecture with three main parts - a supplicant
(Ex. an 802.11 wireless client), an authenticator
(the AP) and an authentication server(a Radius
server). The authenticator passes messages back
and forth between the supplicant and the
authentication server to enable the supplicant
get authenticated to the network.
Temporal Key Integrity Protocol ( TKIP )
A security protocol defined to enhance the limitations
of WEP. Message Integrity Check and per-packet keying
on all WEP-encrypted frames are two significant
enhancements provided by TKIP to WEP.
Cisco Key Integrity Protocol ( CKIP )
A proprietary implementation similar to TKIP. CKIP
implements key permutation for protecting the CKIP
key against attacks. Other features of CKIP include
expansion of encryption key to 16 bytes of length for
key protection and MIC to ensure data integrity.
Wired Equivalent Privacy ( WEP )
A security method defined by 802.11. WEP uses a
symmetric key stream cipher called RC4 to encrypt the
data packets.
Wi-Fi Protected Access ( WPA )
Wi-Fi Protected Access (WPA and WPA2) are security
systems created in response to several serious
weaknesses found in Wired Equivalent Privacy (WEP).
WPA implements the majority of the IEEE 802.11i
standard, and was intended as an intermediate
measure to take the place of WEP while 802.11i was
prepared. WPA is designed to work with all wireless
network interface cards, but not necessarily with
first generation wireless access points.
WLAN Layer 2 Security
WLAN layer 2 (MAC) security defines the encryption and
authentication approaches such as 802.1x, WPA,
WPA2, CKIP and WEP.
REFERENCE
[1] Wireless LAN Medium Access Control ( MAC ) and
Physical Layer ( PHY ) Specifications.
[2] Draft-obara-capwap-lwapp-00.txt, IETF Light
Weight Access Point Protocol
[3] IEEE 802.11 - The original 1 Mbit/s and 2 Mbit/s,
2.4 GHz RF and IR standard."
REVISION "200702030000Z"
DESCRIPTION
"Added following objects in cLWlanConfigTable:
cLWlanProfileName
cLWlanSsid
cLWlanDiagChan
cLWlanStorageType
Added following table:
cLWlanConfigClientTable
Added the following OBJECT-GROUPs:
ciscoLwappWlanConfigGroupSup1
ciscoLwappWlanConfigClientGroup
Added ciscoLwappWlanMIBComplianceRev1 MODULE-COMPLIANCE."
REVISION "200603210000Z"
DESCRIPTION
"Initial version of this MIB module."
::= { ciscoMgmt 512 }
ciscoLwappWlanMIBNotifs OBJECT IDENTIFIER
::= { ciscoLwappWlanMIB 0 }
ciscoLwappWlanMIBObjects OBJECT IDENTIFIER
::= { ciscoLwappWlanMIB 1 }
ciscoLwappWlanMIBConform OBJECT IDENTIFIER
::= { ciscoLwappWlanMIB 2 }
ciscoLwappWlanConfig OBJECT IDENTIFIER
::= { ciscoLwappWlanMIBObjects 1 }
-- ********************************************************************
-- WLAN configuration
-- ********************************************************************
cLWlanConfigTable OBJECT-TYPE
SYNTAX SEQUENCE OF CLWlanConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table represents the WLAN configuration sent by
the controller to the LWAPP APs for their operation.
LWAPP APs exchange configuration messages with the
controller and get the required configuration for
their 802.11 related operations. As part of these
messages, the WLAN configuration is pushed by the
controller to the LWAPP APs.
This table doesn't have any dependencies on other
existing tables. By defining cLWlanIndex, the
unique identifier for a WLAN, this table provides
a common index structure for use in several other
new tables that populate information on security
related attributes like authentication, encryption,
802.11 parameters, Quality-of-Service attributes
etc., that would relate to a particular WLAN.
Rows are added or deleted by explicit
management actions initiated by the user from a
network management station through the
cLWlanRowStatus object."
::= { ciscoLwappWlanConfig 1 }
cLWlanConfigEntry OBJECT-TYPE
SYNTAX CLWlanConfigEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry in this table represents the WLAN
configuration sent by the controller to LWAPP APs
for use during their operations. entries can be added/deleted by explicit management actions by NMS or by user console"
INDEX { cLWlanIndex }
::= { cLWlanConfigTable 1 }
CLWlanConfigEntry ::= SEQUENCE {
cLWlanIndex Unsigned32,
cLWlanRowStatus RowStatus,
cLWlanProfileName SnmpAdminString,
cLWlanSsid OCTET STRING,
cLWlanDiagChan TruthValue,
cLWlanStorageType StorageType
}
cLWlanIndex OBJECT-TYPE
SYNTAX Unsigned32 (1..255 )
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This object uniquely identifies one instance of
a WLAN on the controller."
::= { cLWlanConfigEntry 1 }
cLWlanRowStatus OBJECT-TYPE
SYNTAX RowStatus
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This is the status column for this row and used
to create and delete specific instances of rows
in this table.
The following objects are mandatory for successful
creation of an entry:
cLWlanProfileName
cLWlanSsid."
::= { cLWlanConfigEntry 2 }
cLWlanProfileName OBJECT-TYPE
SYNTAX SnmpAdminString (SIZE (1..64))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object represents the profile name assigned
to this WLAN. The name assigned to a WLAN has to be
unique across all the WLANs on the controller.
An administrator can assign a meaningful
name that could be later used to refer a particular
WLAN on the controller. This object cannot be
modified when cLWlanRowStatus is 'active'."
::= { cLWlanConfigEntry 3 }
cLWlanSsid OBJECT-TYPE
SYNTAX OCTET STRING (SIZE (1..32))
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object represents the SSID assigned to
this WLAN. The access points will broadcast this SSID
on this WLAN. Different WLAN could use the same SSID as
long as the layer 2 security is different. This object
cannot be modified when cLWlanRowStatus is 'active'."
::= { cLWlanConfigEntry 4 }
cLWlanDiagChan OBJECT-TYPE
SYNTAX TruthValue
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object is used to configure this WLAN as a
diagnostic WLAN. A value of 'true' indicates that
the diagnostic WLAN is enabled. A value of 'false'
indicates that the diagnostic WLAN is disabled."
DEFVAL { false }
::= { cLWlanConfigEntry 5 }
cLWlanStorageType OBJECT-TYPE
SYNTAX StorageType
MAX-ACCESS read-create
STATUS current
DESCRIPTION
"This object represnts the storage type for this conceptual
row."
DEFVAL { nonVolatile }
::= { cLWlanConfigEntry 6 }
-- ********************************************************************
-- WLAN Client Configuration
-- ********************************************************************
cLWlanConfigClientTable OBJECT-TYPE
SYNTAX SEQUENCE OF CLWlanConfigClientEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"This table represents the WLAN configuration for
the 802.11 wireless clients that are associated
with the APs that have joined this controller.
The creation of a new row in cLWlanConfigTable,
through an explicit network management action,
results in creation of an entry in this table.
Similarly, deletion of a row in
cLWlanConfigTable through user action causes the
deletion of corresponding row in this table.
This table has an one-to-one relationship with
cLWlanConfigTable. There exists an entry in this
table for each corresponding entry in the
cLWlanConfigTable."
::= { ciscoLwappWlanConfig 2 }
cLWlanConfigClientEntry OBJECT-TYPE
SYNTAX CLWlanConfigClientEntry
MAX-ACCESS not-accessible
STATUS current
DESCRIPTION
"Each entry represents a conceptual row in this
table and provides the information about the
clients associated on the WLAN, uniquely identified by
the cLWlanIndex."
AUGMENTS { cLWlanConfigEntry }
::= { cLWlanConfigClientTable 1 }
CLWlanConfigClientEntry ::= SEQUENCE {
cLWlanClientAclName DisplayString
}
cLWlanClientAclName OBJECT-TYPE
SYNTAX DisplayString (SIZE (0..64))
MAX-ACCESS read-write
STATUS current
DESCRIPTION
"This object represents the name of the ACL applied
to this WLAN. If it is required to remove the ACL
name for a WLAN, it should be set to 'none'.
ACL's are applied in the following priority order -
interfaces ACLs, WLAN ACLs, client ACLs."
::= { cLWlanConfigClientEntry 1 }
-- ********************************************************************
-- * Compliance statements
-- ********************************************************************
ciscoLwappWlanMIBCompliances OBJECT IDENTIFIER
::= { ciscoLwappWlanMIBConform 1 }
ciscoLwappWlanMIBGroups OBJECT IDENTIFIER
::= { ciscoLwappWlanMIBConform 2 }
ciscoLwappWlanMIBCompliance MODULE-COMPLIANCE
STATUS deprecated
DESCRIPTION
"The compliance statement for the SNMP entities that
implement the ciscoLwappWlanMIB module."
MODULE -- this module
MANDATORY-GROUPS { ciscoLwappWlanConfigGroup }
OBJECT cLWlanRowStatus
SYNTAX INTEGER {
active(1),
createAndGo(4),
destroy(6)
}
DESCRIPTION
"An implementation is only required to support
three of the six enumerated values of the
RowStatus textual convention, specifically,
'active', 'createAndGo' and 'destroy'."
::= { ciscoLwappWlanMIBCompliances 1 }
ciscoLwappWlanMIBComplianceRev1 MODULE-COMPLIANCE
STATUS current
DESCRIPTION
"The compliance statement for the SNMP entities that
implement the ciscoLwappWlanMIB module."
MODULE -- this module
MANDATORY-GROUPS {
ciscoLwappWlanConfigGroupSup1,
ciscoLwappWlanConfigClientGroup
}
OBJECT cLWlanRowStatus
SYNTAX INTEGER {
active(1),
createAndGo(4),
destroy(6)
}
DESCRIPTION
"An implementation is only required to support
three of the six enumerated values of the
RowStatus textual convention, specifically,
'active', 'createAndGo' and 'destroy'."
::= { ciscoLwappWlanMIBCompliances 2 }
-- ********************************************************************
-- * Units of conformance
-- ********************************************************************
ciscoLwappWlanConfigGroup OBJECT-GROUP
OBJECTS { cLWlanRowStatus }
STATUS deprecated
DESCRIPTION
"This collection of objects represent the
configuration of WLANs on the controller to be passed
to an LWAPP AP."
::= { ciscoLwappWlanMIBGroups 1 }
ciscoLwappWlanConfigGroupSup1 OBJECT-GROUP
OBJECTS {
cLWlanRowStatus,
cLWlanProfileName,
cLWlanSsid,
cLWlanDiagChan,
cLWlanStorageType
}
STATUS current
DESCRIPTION
"This collection of objects represent the
configuration of WLANs on the controller to be passed
to an LWAPP AP."
::= { ciscoLwappWlanMIBGroups 2 }
ciscoLwappWlanConfigClientGroup OBJECT-GROUP
OBJECTS { cLWlanClientAclName }
STATUS current
DESCRIPTION
"This collection of objects represent the
configuration of WLANs on the controller to be passed
to an 8021.11 clients."
::= { ciscoLwappWlanMIBGroups 3 }
END