-- ******************************************************************* -- CISCO-LWAPP-WLAN-MIB.my -- This MIB helps to manage the WLANs on the controller -- January 2006, Devesh Pujari, Prasanna Viswakumar -- -- Copyright (c) 2006, 2007, 2009-2011 by Cisco Systems Inc. -- All rights reserved. -- ******************************************************************* CISCO-LWAPP-WLAN-MIB DEFINITIONS ::= BEGIN IMPORTS MODULE-IDENTITY, OBJECT-TYPE, Unsigned32 FROM SNMPv2-SMI MODULE-COMPLIANCE, OBJECT-GROUP FROM SNMPv2-CONF TimeStamp, TruthValue, RowStatus, DisplayString, StorageType FROM SNMPv2-TC SnmpAdminString FROM SNMP-FRAMEWORK-MIB ciscoMgmt FROM CISCO-SMI; ciscoLwappWlanMIB MODULE-IDENTITY LAST-UPDATED "201103100000Z" ORGANIZATION "Cisco Systems Inc." CONTACT-INFO "Cisco Systems, Customer Service Postal: 170 West Tasman Drive San Jose, CA 95134 USA Tel: +1 800 553-NETS Email: cs-wnbu-snmp@cisco.com" DESCRIPTION "This MIB is intended to be implemented on all those devices operating as Central Controllers (CC) that terminate the Light Weight Access Point Protocol tunnel from Cisco Light-weight LWAPP Access Points. This MIB helps to manage the WLANs on the controller. The relationship between CC and the LWAPP APs can be depicted as follows: +......+ +......+ +......+ +......+ + + + + + + + + + CC + + CC + + CC + + CC + + + + + + + + + +......+ +......+ +......+ +......+ .. . . . .. . . . . . . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ +......+ + + + + + + + + + + + AP + + AP + + AP + + AP + + AP + + + + + + + + + + + +......+ +......+ +......+ +......+ +......+ . . . . . . . . . . . . . . . . . . . . . . . . +......+ +......+ +......+ +......+ +......+ + + + + + + + + + + + MN + + MN + + MN + + MN + + MN + + + + + + + + + + + +......+ +......+ +......+ +......+ +......+ The LWAPP tunnel exists between the controller and the APs. The MNs communicate with the APs through the protocol defined by the 802.11 standard. LWAPP APs, upon bootup, discover and join one of the controllers and the controller pushes the configuration, that includes the WLAN parameters, to the LWAPP APs. The APs then encapsulate all the 802.11 frames from wireless clients inside LWAPP frames and forward the LWAPP frames to the controller. GLOSSARY Access Point ( AP ) An entity that contains an 802.11 medium access control ( MAC ) and physical layer ( PHY ) interface and provides access to the distribution services via the wireless medium for associated clients. LWAPP APs encapsulate all the 802.11 frames in LWAPP frames and sends it to the controller to which it is logically connected to. Central Controller ( CC ) The central entity that terminates the LWAPP protocol tunnel from the LWAPP APs. Throughout this MIB, this entity also referred to as 'controller'. Light Weight Access Point Protocol ( LWAPP ) This is a generic protocol that defines the communication between the Access Points and the controllers. Mobile Node ( MN ) A roaming 802.11 wireless device in a wireless network associated with an access point. Access Control List ( ACL ) A list of rules used to restrict the traffic reaching an interface or the CPU or WLAN. Each ACL is an ordered set of rules and actions. If a rule matches then the action for that rule is applied to the packet. 802.1x The IEEE ratified standard for enforcing port based access control. This was originally intended for use on wired LANs and later extended for use in 802.11 WLAN environments. This defines an architecture with three main parts - a supplicant (Ex. an 802.11 wireless client), an authenticator (the AP) and an authentication server(a Radius server). The authenticator passes messages back and forth between the supplicant and the authentication server to enable the supplicant get authenticated to the network. Temporal Key Integrity Protocol ( TKIP ) A security protocol defined to enhance the limitations of WEP. Message Integrity Check and per-packet keying on all WEP-encrypted frames are two significant enhancements provided by TKIP to WEP. Cisco Key Integrity Protocol ( CKIP ) A proprietary implementation similar to TKIP. CKIP implements key permutation for protecting the CKIP key against attacks. Other features of CKIP include expansion of encryption key to 16 bytes of length for key protection and MIC to ensure data integrity. Wired Equivalent Privacy ( WEP ) A security method defined by 802.11. WEP uses a symmetric key stream cipher called RC4 to encrypt the data packets. Wi-Fi Protected Access ( WPA ) Wi-Fi Protected Access (WPA and WPA2) are security systems created in response to several serious weaknesses found in Wired Equivalent Privacy (WEP). WPA implements the majority of the IEEE 802.11i standard, and was intended as an intermediate measure to take the place of WEP while 802.11i was prepared. WPA is designed to work with all wireless network interface cards, but not necessarily with first generation wireless access points. WLAN Layer 2 Security WLAN layer 2 (MAC) security defines the encryption and authentication approaches such as 802.1x, WPA, WPA2, CKIP and WEP. Delivery Traffic Indication Map ( DTIM ) DTIM is measured in beacon intervals and is the time period during which multicast/broadcast packets are sent to clients. This helps client to go in Power Saving mode and helps to save battery power. Network Admission Control (NAC) Cisco NAC uses the network infrastructure to enforce security policy compliance on all devices that seek to access network computing resources. With the Cisco NAC appliance, network administrators can authenticate, authorize, evaluate, and remediate wired, wireless, and remote users and their machines prior to network access. The Cisco NAC appliance identifies whether networked devices such as laptops, IP phones, or game consoles are compliant with network security policies, and repairs any vulnerabilities before it permits access to the network. Out of Band (OOB) Out-of-band deployments require user traffic to traverse through the NAC appliance only within authentication, posture assessment, and remediation. When a user is authenticated and passes all policy checks, the traffic is switched normally through the network and bypasses the NAC server. Band Select The 2.4 GHz band is congested and clients have to contend with numerous performance challenges. These consist of interference from Bluetooth, microwave ovens, cordless phones, etc.; protection mechanisms from 802.11b legacy clients; and co-channel interference from other access points due to 802.11bg?s limit of three non-overlapping channels. Allowing client Wi-Fi radios capable of dual band (2.4 and 5 GHz) operation move to the less congested 5 GHz radios would improve the overall performance of the network. The Band Select algorithm is based on probe response suppression on clients 2.4G radio. The feature is OFF by default and has to be manually switched ON globally for a WLC. It can be optionally over-ridden per-SSID to disallow it. REFERENCE [1] Wireless LAN Medium Access Control ( MAC ) and Physical Layer ( PHY ) Specifications. [2] Draft-obara-capwap-lwapp-00.txt, IETF Light Weight Access Point Protocol [3] IEEE 802.11 - The original 1 Mbit/s and 2 Mbit/s, 2.4 GHz RF and IR standard." REVISION "201103100000Z" DESCRIPTION "Added the following objects to cLWlanConfigTable. cLWlanReAnchorRoamedVoiceClientsEnable, cLWlanMulticastInterfaceEnable, cLWlanMulticastInterface, cLWlanMulticastDirectEnable, cLWlanNACPostureSupport, cLWlanMaxClientsAccepted, cLWlanScanDeferPriority, cLWlanScanDeferTime, cLWlanLanSubType, cLWlanWebAuthOnMacFilterFailureEnabled, cLWlanStaticIpTunnelingEnabled. - Added new group ciscoLwappWlanConfigGroupSup3. - Added new compliance ciscoLwappWlanMIBComplianceRev3 which deprecates ciscoLwappWlanMIBComplianceRev2." REVISION "201003030000Z" DESCRIPTION "Added the following OBJECT-GROUPs: ciscoLwappWlan11uConfigGroup ciscoLwappAPGroupsVlanConfigGroup ciscoLwappWlanConfigGroupSup2 ciscoLwappWlanConfigClientGroupSup1" REVISION "200704020000Z" DESCRIPTION "Added following object in cLWlanConfigClientTable cLWlanP2PBlocking" REVISION "200702030000Z" DESCRIPTION "Added following objects in cLWlanConfigTable: cLWlanProfileName cLWlanSsid cLWlanDiagChan cLWlanStorageType Added following table: cLWlanConfigClientTable Added the following OBJECT-GROUPs: ciscoLwappWlanConfigGroupSup1 ciscoLwappWlanConfigClientGroup Added ciscoLwappWlanMIBComplianceRev1 MODULE-COMPLIANCE." REVISION "200603210000Z" DESCRIPTION "Initial version of this MIB module." ::= { ciscoMgmt 512 } ciscoLwappWlanMIBNotifs OBJECT IDENTIFIER ::= { ciscoLwappWlanMIB 0 } ciscoLwappWlanMIBObjects OBJECT IDENTIFIER ::= { ciscoLwappWlanMIB 1 } ciscoLwappWlanMIBConform OBJECT IDENTIFIER ::= { ciscoLwappWlanMIB 2 } ciscoLwappWlanConfig OBJECT IDENTIFIER ::= { ciscoLwappWlanMIBObjects 1 } ciscoLwappAPGroupsVlanConfig OBJECT IDENTIFIER ::= { ciscoLwappWlanMIBObjects 2 } ciscoLwappWlan11uConfig OBJECT IDENTIFIER ::= { ciscoLwappWlanMIBObjects 3 } -- ******************************************************************** -- WLAN configuration -- ******************************************************************** cLWlanConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF CLWlanConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table represents the WLAN configuration sent by the controller to the LWAPP APs for their operation. LWAPP APs exchange configuration messages with the controller and get the required configuration for their 802.11 related operations. As part of these messages, the WLAN configuration is pushed by the controller to the LWAPP APs. This table doesn't have any dependencies on other existing tables. By defining cLWlanIndex, the unique identifier for a WLAN, this table provides a common index structure for use in several other new tables that populate information on security related attributes like authentication, encryption, 802.11 parameters, Quality-of-Service attributes etc., that would relate to a particular WLAN. Rows are added or deleted by explicit management actions initiated by the user from a network management station through the cLWlanRowStatus object." ::= { ciscoLwappWlanConfig 1 } cLWlanConfigEntry OBJECT-TYPE SYNTAX CLWlanConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry in this table represents the WLAN configuration sent by the controller to LWAPP APs for use during their operations. entries can be added/deleted by explicit management actions by NMS or by user console" INDEX { cLWlanIndex } ::= { cLWlanConfigTable 1 } CLWlanConfigEntry ::= SEQUENCE { cLWlanIndex Unsigned32, cLWlanRowStatus RowStatus, cLWlanProfileName SnmpAdminString, cLWlanSsid OCTET STRING, cLWlanDiagChan TruthValue, cLWlanStorageType StorageType, cLWlanIsWired TruthValue, cLWlanIngressInterface OCTET STRING, cLWlanNACSupport TruthValue, cLWlanWepKeyChange TimeStamp, cLWlanChdEnable TruthValue, cLWlan802dot11anDTIM Unsigned32, cLWlan802dot11bgnDTIM Unsigned32, cLWlanLoadBalancingEnable TruthValue, cLWlanBandSelectEnable TruthValue, cLWlanPassiveClientEnable TruthValue, cLWlanReAnchorRoamedVoiceClientsEnable TruthValue, cLWlanMulticastInterfaceEnable TruthValue, cLWlanMulticastInterface SnmpAdminString, cLWlanMulticastDirectEnable TruthValue, cLWlanNACPostureSupport TruthValue, cLWlanMaxClientsAccepted Unsigned32, cLWlanScanDeferPriority BITS, cLWlanScanDeferTime Unsigned32, cLWlanLanSubType INTEGER, cLWlanWebAuthOnMacFilterFailureEnabled TruthValue, cLWlanStaticIpTunnelingEnabled TruthValue } cLWlanIndex OBJECT-TYPE SYNTAX Unsigned32 (1..517) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object uniquely identifies one instance of a WLAN on the controller. The value 513-517 indicates wired clients." ::= { cLWlanConfigEntry 1 } cLWlanRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This is the status column for this row and used to create, modify and delete specific instances of rows in this table. This table supports modification of writable objects when the RowStatus is 'active'. The following objects are mandatory for successful creation of an entry: cLWlanProfileName cLWlanSsid." ::= { cLWlanConfigEntry 2 } cLWlanProfileName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..64)) MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the profile name assigned to this WLAN. The name assigned to a WLAN has to be unique across all the WLANs on the controller. An administrator can assign a meaningful name that could later be used to refer a particular WLAN on the controller. This object cannot be modified when cLWlanRowStatus is 'active'." ::= { cLWlanConfigEntry 3 } cLWlanSsid OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the SSID assigned to this WLAN. The access points will broadcast this SSID on this WLAN. Different WLAN could use the same SSID as long as the layer 2 security is different. This object cannot be modified when cLWlanRowStatus is 'active'." ::= { cLWlanConfigEntry 4 } cLWlanDiagChan OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to configure this WLAN as a diagnostic WLAN. A value of 'true' indicates that the WLAN can be used for diagnostic purposes. A value of 'false' indicates that the WLAN can not be used for diagnostic purposes." DEFVAL { false } ::= { cLWlanConfigEntry 5 } cLWlanStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object represnts the storage type for this conceptual row." DEFVAL { nonVolatile } ::= { cLWlanConfigEntry 6 } cLWlanIsWired OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to configure this WLAN as a wired or wireless WLAN. A value of 'true' indicates that this is a wired WLAN. A value of 'false' indicates that this is a wireless WLAN." ::= { cLWlanConfigEntry 7 } cLWlanIngressInterface OBJECT-TYPE SYNTAX OCTET STRING (SIZE (0..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the ingress interface attached to the wireless lan." ::= { cLWlanConfigEntry 8 } cLWlanNACSupport OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to configure the NAC- Out Of Band(OOB) support for the WLAN. A value of 'true' indicates that the WLAN supports the NAC- Out Of Band(OOB) feature. A value of 'false' indicates that the WLAN does not support the NAC- Out Of Band(OOB) feature." DEFVAL { false } ::= { cLWlanConfigEntry 9 } cLWlanWepKeyChange OBJECT-TYPE SYNTAX TimeStamp MAX-ACCESS read-only STATUS current DESCRIPTION "This object represents the time when the static WEP key was changed by the user." ::= { cLWlanConfigEntry 10 } cLWlanChdEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates whether Coverage Hole Detection (CHD) is enabled on the controller. A value of 'true' indicates CHD is on and a value of 'false' indicates CHD is turned off for this WLAN." DEFVAL { true } ::= { cLWlanConfigEntry 11 } cLWlan802dot11anDTIM OBJECT-TYPE SYNTAX Unsigned32 (1..255) UNITS "Beacon Intervals" MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents DTIM configuration per WLAN for each 802.11 network. The DTIM value is measured in Beacon Intervals." DEFVAL { 1 } ::= { cLWlanConfigEntry 12 } cLWlan802dot11bgnDTIM OBJECT-TYPE SYNTAX Unsigned32 (1..255) UNITS "Beacon Intervals" MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents DTIM configuration per WLAN for each 802.11 network. The DTIM value is measured in Beacon Intervals." DEFVAL { 1 } ::= { cLWlanConfigEntry 13 } cLWlanLoadBalancingEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates whether Load Balancing is enabled on the controller for this WLAN . A value of 'true' indicates Load Balance is on and a value of 'false' indicates Load Balance is turned off for this WLAN." DEFVAL { true } ::= { cLWlanConfigEntry 14 } cLWlanBandSelectEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object indicates whether Band Select is enabled on the controller for this WLAN. A value of 'true' indicates Band Select is on and a value of 'false' indicates Band Select is turned off for this WLAN." DEFVAL { true } ::= { cLWlanConfigEntry 15 } cLWlanPassiveClientEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies whether passive client is enabled on the controller for this WLAN. A value of 'true' indicates passive client is on and a value of 'false' indicates passive client is turned off for this WLAN." DEFVAL { false } ::= { cLWlanConfigEntry 16 } cLWlanReAnchorRoamedVoiceClientsEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies whether the Roamed Voice Client Re-Anchoring feature is enabled on the controller for this WLAN. A value of 'true' indicates the roamed voice clients will get re-anchored. A value of 'false' indicates the roamed voice clients re-anchoring is turned off for this WLAN." DEFVAL { false } ::= { cLWlanConfigEntry 17 } cLWlanMulticastInterfaceEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies whether multicast interface is enabled on the controller. A value of 'true' indicates that multicast interface feature is enabled and the interface represented by 'cLWlanMulticastInterface' would be used for the multicast traffic on this WLAN. A value of 'false' indicates that multicast interface feature is turned off for this WLAN." DEFVAL { false } ::= { cLWlanConfigEntry 18 } cLWlanMulticastInterface OBJECT-TYPE SYNTAX SnmpAdminString MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the interface, which would be used for the multicast traffic for all the clients that are associated to this WLAN." DEFVAL { "" } ::= { cLWlanConfigEntry 19 } cLWlanMulticastDirectEnable OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies whether multicast direct is enabled on the controller for this WLAN. A value of 'true' indicates multicast direct is ON. A value of 'false' indicates multicast direct is turned off for this WLAN." DEFVAL { false } ::= { cLWlanConfigEntry 20 } cLWlanNACPostureSupport OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to configure the NAC-Posture support for the WLAN. A value of 'true' indicates that the WLAN supports the NAC-Posture feature. A value of 'false' indicates that the WLAN does not support the NAC-Posture feature." DEFVAL { false } ::= { cLWlanConfigEntry 21 } cLWlanMaxClientsAccepted OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the maximum number of client connection allowed for this WLAN. A value of 0 indicates that there is no limit on maximum allowed clients for this WLAN." DEFVAL { 0 } ::= { cLWlanConfigEntry 22 } cLWlanScanDeferPriority OBJECT-TYPE SYNTAX BITS { bit0(0), bit1(1), bit2(2), bit3(3), bit4(4), bit5(5), bit6(6), bit7(7) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the priority of packets that defer the off-channel scan. This is used in off-channel scanning to improve performance for medical devices using Radio Resource Management. Each bit represents a packet type for which off-channel scanning needs to be deferred. bit0 - Best effort. bit1 - Background bit2 - Spare bit3 - Excellent effort bit4 - Controlled load bit5 - Video, less than 100-ms latency and jitter bit6 - Voice, less than 10-ms latency and jitter bit7 - Network control" DEFVAL { { bit5 , bit6 } } ::= { cLWlanConfigEntry 23 } cLWlanScanDeferTime OBJECT-TYPE SYNTAX Unsigned32 (0..60000) UNITS "milliseconds" MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the minimum number of milliseconds that must elapse without the appearance of a specified packet before the access point radios begin an off-channel scan." DEFVAL { 100 } ::= { cLWlanConfigEntry 24 } cLWlanLanSubType OBJECT-TYPE SYNTAX INTEGER { wirelessLan(1), guestLan(2), remoteLan(3), other(4) } MAX-ACCESS read-create STATUS current DESCRIPTION "This object specifies the sub-type of the LAN created. This has to be congruent with cLWlanIswired. If cLWlanIswired is set to 'true', allowed values are guestLan(2) and remoteLan(3). If cLWlanIswired is set to 'false', allowed value is wirelessLan(1). A value of other(4) will be returned if it doesnt match any values defined here. This value is not configurable." ::= { cLWlanConfigEntry 25 } cLWlanWebAuthOnMacFilterFailureEnabled OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to configure the Web based authentication on Mac Filter failure support for the WLAN. A value of 'true' enables Web authentication on MAC filter failure for the WLAN. A value of 'false' disables Web authentication on MAC filter failure for the WLAN." DEFVAL { false } ::= { cLWlanConfigEntry 26 } cLWlanStaticIpTunnelingEnabled OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to configure the Static IP Tunneling of clients feature support for the WLAN. A value of 'true' enables static IP Tunneling of client for the WLAN. A value of 'false' disables static IP Tunneling of client for the WLAN." DEFVAL { false } ::= { cLWlanConfigEntry 27 } -- ******************************************************************** -- * WLAN 11u Table -- ******************************************************************** cLWlan11uTable OBJECT-TYPE SYNTAX SEQUENCE OF CLWlan11uEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table represents the generic 802.11u configuration for a particular WLAN in a controller. This table has a one-to-one relationship with cLWlanConfigTable. There exist a row in this table corresponding to each row representing a WLAN in cLWlanConfigTable." ::= { ciscoLwappWlan11uConfig 1 } cLWlan11uEntry OBJECT-TYPE SYNTAX CLWlan11uEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry in this table represents the generic 802.11u configuration for a WLAN." INDEX { cLWlanIndex } ::= { cLWlan11uTable 1 } CLWlan11uEntry ::= SEQUENCE { cLWlan11uStatus TruthValue, cLWlan11uInternetAccess TruthValue, cLWlan11uNetworkType INTEGER, cLWlan11uVenueGroup INTEGER, cLWlan11uVenueType INTEGER, cLWlan11uVenueName SnmpAdminString } cLWlan11uStatus OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object is used to configure the 802.11u support for this WLAN. A value of 'true' indicates that 802.11u support is enabled for this WLAN and a value of 'false' indicates that the support is disabled for this WLAN." DEFVAL { false } ::= { cLWlan11uEntry 1 } cLWlan11uInternetAccess OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-write STATUS current DESCRIPTION "This object is used to configure the internet access with respect to 802.11u feature for this WLAN. A value of 'true' indicates that internet access is enabled for this WLAN and a value of 'false' indicates that the internet access is disabled for this WLAN." DEFVAL { true } ::= { cLWlan11uEntry 2 } cLWlan11uNetworkType OBJECT-TYPE SYNTAX INTEGER { invalid(1), private(2), privateWithGuestAccess(3), chargeablePublicNetwork(4), freePublicNetwork(5), testOrEquipment(6), wildcard(7) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object indicates the network type with respect to 802.11u feature , for this WLAN. invalid : Invalid network type. private : Non-authorized users are not permitted on this network. privateWithGuestAccess : Private network but guest accounts area available. chargeablePublicNetwork : The network is accessible to anyone, however, access to the network requires payment. freePublicNetwork : The network is accessible to anyone and no charges apply for the network use. testOrEquipment : The network is used for test or experimental purposes only. wildcard : Wildcard network type." DEFVAL { private } ::= { cLWlan11uEntry 3 } cLWlan11uVenueGroup OBJECT-TYPE SYNTAX INTEGER { unspecified(1), assembly(2), business(3), educational(4), factoryAndIndustrial(5), institutional(6), mercantile(7), residential(8), storage(9), utilityAndMisc(10), vehicular(11), outdoor(12) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object indicates the venue group with respect to 802.11u feature , for this WLAN." DEFVAL { unspecified } ::= { cLWlan11uEntry 4 } cLWlan11uVenueType OBJECT-TYPE SYNTAX INTEGER { unspecified(1), unspecifiedAssembly(2), arena(3), stadium(4), passengerTerminal(5), amphitheater(6), amusementPark(7), placeOfWorship(8), conventionCenter(9), library(10), museum(11), restaurant(12), theater(13), bar(14), coffeeShop(15), zooOrAquarium(16), emergencyCoordinationCenter(17), unspecifiedBusiness(18), doctorOrDentistOffice(19), bank(20), fireStation(21), policeStation(22), postOffice(23), professionalOffice(24), researchAndDevelopmentFacility(25), attorneyOffice(26), unspecifiedEducational(27), schoolPrimary(28), schoolSecondary(29), universityOrCollege(30), unspecifiedFactoryAndIndustrial(31), factory(32), unspecifiedInstitutional(33), hospital(34), longTermCareFacility(35), alcoholAndDrugRehabilitationCenter(36), groupHome(37), prisonOrJail(38), unspecifiedMercantile(39), retailStore(40), groceryMarket(41), atomotiveServiceStation(42), unspecifiedResidential(43), hotelOrMotel(44), dormitory(45), boardingHouse(46), unspecifiedVehicular(47), automobileOrTruck(48), airplane(49), bus(50), ferry(51), shipOrBoat(52), train(53), unspecifiedOutdoor(54), muniMeshNetwork(55), cityPark(56) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object indicates the venue type within a particular venue group, with respect to 802.11u feature , for this WLAN. The Venue group-Venue Type relationship is per the following table: Venue Group Venue Type Code Venue Description =========== =============== ================= 0 0 Unspecified 0 1-255 Reserved 1 0 Unspecified Assembly 1 1 Arena 1 2 Stadium 1 3 Passenger Terminal (e.g., airport, port, bus station, ferry terminal, train station) 1 4 Amphitheater 1 5 Amusement Park 1 6 Place of Worship 1 7 Convention Center 1 8 Library 1 9 Museum 1 10 Restaurant 1 11 Theater 1 12 Bar 1 13 Coffee Shop 1 14 Zoo or Aquarium 1 15 Emergency Coordination Center 1 16-255 Reserved 2 0 Unspecified Business 2 1 Doctor or Dentist office 2 2 Bank 2 3 Fire Station 2 4 Police Station 2 6 Post Office 2 7 Professional Office 2 8 Research and Development Facility 2 9 Attorney Office 2 10-255 Reserved 3 0 Unspecified Educational 3 1 School, Primary 3 2 School, Secondary 3 3 University or College 3 4-255 Reserved 4 0 Unspecified Factory and Industrial 4 1 Factory 4 2-255 Reserved 5 0 Unspecified Institutional 5 1 Hospital 5 2 Long-Term Care Facility (e.g., Nursing home, Hospice, etc.) 5 3 Alcohol and Drug Re-habilitation Center 5 4 Group Home 5 5 Prison or Jail 5 6-255 Reserved 6 0 Unspecified Mercantile 6 1 Retail Store 6 2 Grocery Market 6 3 Automotive Service Station 6 4-255 Reserved 7 0 Unspecified Residential 7 1 Hotel or Motel 7 2 Dormitory 7 3 Boarding House 7 4-255 Reserved 8 0-255 Reserved 9 0-255 Reserved 10 0 Unspecified Vehicular 10 1 Automobile or Truck 10 2 Airplane 10 3 Bus 10 4 Ferry 10 5 Ship or Boat 10 6 Train 10 7-255 Reserved 11 0 Unspecified Outdoor 11 1 Muni-mesh Network 11 2 City Park 11 3-255 Reserved" DEFVAL { unspecified } ::= { cLWlan11uEntry 5 } cLWlan11uVenueName OBJECT-TYPE SYNTAX SnmpAdminString (SIZE (1..255)) MAX-ACCESS read-write STATUS current DESCRIPTION "This is the venue name defined for this WLAN with respect to 802.11u feature." ::= { cLWlan11uEntry 6 } -- ******************************************************************** -- * WLAN 11u OUI Table -- ******************************************************************** cLWlan11uOuiTable OBJECT-TYPE SYNTAX SEQUENCE OF CLWlan11uOuiEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table represents the OUI (organizational unique identifier) configuration for a particular WLAN. OUIs are assigned by IEEE. A WLAN can have up to 32 OUIs defined. OUI configuration per WLAN is required for the 802.11u feature to work. Rows are added or deleted by explicit management actions initiated by the user from a network management station through the cLWlan11uOuiRowStatus object." ::= { ciscoLwappWlan11uConfig 2 } cLWlan11uOuiEntry OBJECT-TYPE SYNTAX CLWlan11uOuiEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry in this table represents the OUI (organizational unique identifier) configuration for a particular WLAN. OUIs are assigned by IEEE. A WLAN can have up to 32 OUIs defined. OUI configuration per WLAN is required for the 802.11u feature to work." INDEX { cLWlanIndex, cLWlan11uOuiIndex } ::= { cLWlan11uOuiTable 1 } CLWlan11uOuiEntry ::= SEQUENCE { cLWlan11uOuiIndex Unsigned32, cLWlan11uOui OCTET STRING, cLWlan11uOuiIsBeacon TruthValue, cLWlan11uOuiRowStatus RowStatus, cLWlan11uOuiStorageType StorageType } cLWlan11uOuiIndex OBJECT-TYPE SYNTAX Unsigned32 MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object uniquely identifies one instance of a OUI on a WLAN.Each WLAN can have up to 32 OUIs defined. Each OUI should be unique." ::= { cLWlan11uOuiEntry 1 } cLWlan11uOui OBJECT-TYPE SYNTAX OCTET STRING (SIZE (6)) MAX-ACCESS read-create STATUS current DESCRIPTION "The OUI field is a public OUI assigned by the IEEE. Each OUI identifies a roaming consortium (group of SSPs with inter-SSP roaming agreement) or a single SSP.WLAN can have up to 32 OUIs defined. Each OUI defined for a WLAN should be unique. For example the value for Cisco is 004096." ::= { cLWlan11uOuiEntry 2 } cLWlan11uOuiIsBeacon OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to configure this particular OUI as one of the beacon OUIs. Beacon can carry at most 3 OUIs. User should be able to select 0-3 OUIs (from the already configured OUIs for this WLAN). A value of 'true' indicates that this OUI would be carried in beacon. A value of 'false' indicates that this OUI is not a beacon OUI." DEFVAL { false } ::= { cLWlan11uOuiEntry 3 } cLWlan11uOuiRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "Row Status for creation/deletion of a particular OUI entry in the table." ::= { cLWlan11uOuiEntry 4 } cLWlan11uOuiStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object represnts the storage type for this conceptual row." DEFVAL { nonVolatile } ::= { cLWlan11uOuiEntry 5 } -- ******************************************************************** -- * AP Groups Vlan Config -- ******************************************************************** cLAPGroupsVlanConfigTable OBJECT-TYPE SYNTAX SEQUENCE OF CLAPGroupsVlanConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "A table for the WLAN-interface-mappings and WLAN-NAC settings allowed for each configured site. Each site can have a set of WLANs associated with it. Rows are added or deleted by explicit management actions initiated by the user from a network management station through the cLAPGroupsVlanConfigRowStatus object." ::= { ciscoLwappAPGroupsVlanConfig 1 } cLAPGroupsVlanConfigEntry OBJECT-TYPE SYNTAX CLAPGroupsVlanConfigEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "An entry in cLAPGroupsVlanMappingTable. cLWlanProfileName is mandatory for creating a entry in cLWlanConfigEntry." INDEX { cLAPGroupName, cLWlanProfileName } ::= { cLAPGroupsVlanConfigTable 1 } CLAPGroupsVlanConfigEntry ::= SEQUENCE { cLAPGroupName OCTET STRING, cLAPGroupsVlanMappingInterfaceName OCTET STRING, cLAPGroupNACSupport TruthValue, cLAPGroupsVlanConfigRowStatus RowStatus, cLAPGroupsVlanConfigStorageType StorageType } cLAPGroupName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..64)) MAX-ACCESS not-accessible STATUS current DESCRIPTION "This object uniquely identifies a AP group. The string is an unique name assigned to a site." ::= { cLAPGroupsVlanConfigEntry 1 } cLAPGroupsVlanMappingInterfaceName OBJECT-TYPE SYNTAX OCTET STRING (SIZE (1..32)) MAX-ACCESS read-create STATUS current DESCRIPTION "This object represents the interface to be used when a client connects to the 'cLWlanProfileName' WLAN on the AP. When an AP is associated with a site, and the site has an associated set of WLANs, then only those WLANs are beamed by the AP." ::= { cLAPGroupsVlanConfigEntry 2 } cLAPGroupNACSupport OBJECT-TYPE SYNTAX TruthValue MAX-ACCESS read-create STATUS current DESCRIPTION "This object is used to configure the NAC- Out Of Band(OOB) support for this AP groups VLAN. A value of 'true' indicates that the AP group supports the NAC- Out Of Band(OOB) feature. A value of 'false' indicates that the AP group does not support the NAC- Out Of Band(OOB) feature." DEFVAL { false } ::= { cLAPGroupsVlanConfigEntry 3 } cLAPGroupsVlanConfigRowStatus OBJECT-TYPE SYNTAX RowStatus MAX-ACCESS read-create STATUS current DESCRIPTION "This is the status column for this row and used to create and delete specific instances of rows in this table." ::= { cLAPGroupsVlanConfigEntry 4 } cLAPGroupsVlanConfigStorageType OBJECT-TYPE SYNTAX StorageType MAX-ACCESS read-create STATUS current DESCRIPTION "This object represnts the storage type for this conceptual row." DEFVAL { nonVolatile } ::= { cLAPGroupsVlanConfigEntry 5 } -- ******************************************************************** -- WLAN Client Configuration -- ******************************************************************** cLWlanConfigClientTable OBJECT-TYPE SYNTAX SEQUENCE OF CLWlanConfigClientEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "This table represents the WLAN configuration for the 802.11 wireless clients that are associated with the APs that have joined this controller. The creation of a new row in cLWlanConfigTable, through an explicit network management action, results in creation of an entry in this table. Similarly, deletion of a row in cLWlanConfigTable through user action causes the deletion of corresponding row in this table. This table has an one-to-one relationship with cLWlanConfigTable. There exists an entry in this table for each corresponding entry in the cLWlanConfigTable." ::= { ciscoLwappWlanConfig 2 } cLWlanConfigClientEntry OBJECT-TYPE SYNTAX CLWlanConfigClientEntry MAX-ACCESS not-accessible STATUS current DESCRIPTION "Each entry represents a conceptual row in this table and provides the information about the clients associated on the WLAN, uniquely identified by the cLWlanIndex." INDEX { cLWlanIndex } ::= { cLWlanConfigClientTable 1 } CLWlanConfigClientEntry ::= SEQUENCE { cLWlanClientAclName DisplayString, cLWlanP2PBlocking INTEGER } cLWlanClientAclName OBJECT-TYPE SYNTAX DisplayString (SIZE (0..64)) MAX-ACCESS read-write STATUS current DESCRIPTION "This object represents the name of the ACL applied to this WLAN. If it is required to remove the ACL name for a WLAN, it should be set to 'none'. ACL's are applied in the following priority order - interfaces ACLs, WLAN ACLs, client ACLs." ::= { cLWlanConfigClientEntry 1 } cLWlanP2PBlocking OBJECT-TYPE SYNTAX INTEGER { disable(1), drop(2), forwardUp(3) } MAX-ACCESS read-write STATUS current DESCRIPTION "This object represents per WLAN peer-to-peer blocking behavior on controller. Peer-to-peer blocking means traffic between two clients on same VLAN will not be bridged. disable : Peer-to-peer blocking is disabled and traffic is bridged locally within the controller. drop : The packet will be discarded. forwardUp : The packet will be forwarded on the upstream VLAN. The device 'north' of the controller can then make the decision about what to do with the packet." ::= { cLWlanConfigClientEntry 2 } -- ******************************************************************** -- * Compliance statements -- ******************************************************************** ciscoLwappWlanMIBCompliances OBJECT IDENTIFIER ::= { ciscoLwappWlanMIBConform 1 } ciscoLwappWlanMIBGroups OBJECT IDENTIFIER ::= { ciscoLwappWlanMIBConform 2 } ciscoLwappWlanMIBCompliance MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoLwappWlanMIB module." MODULE -- this module MANDATORY-GROUPS { ciscoLwappWlanConfigGroup } OBJECT cLWlanRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." ::= { ciscoLwappWlanMIBCompliances 1 } ciscoLwappWlanMIBComplianceRev1 MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoLwappWlanMIB module." MODULE -- this module MANDATORY-GROUPS { ciscoLwappWlanConfigGroupSup1, ciscoLwappWlanConfigClientGroup } OBJECT cLWlanRowStatus SYNTAX INTEGER { active(1), createAndGo(4), destroy(6) } DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." ::= { ciscoLwappWlanMIBCompliances 2 } ciscoLwappWlanMIBComplianceRev2 MODULE-COMPLIANCE STATUS deprecated DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoLwappWlanMIB module." MODULE -- this module MANDATORY-GROUPS { ciscoLwappWlanConfigGroupSup1, ciscoLwappWlanConfigClientGroup, ciscoLwappWlan11uConfigGroup, ciscoLwappAPGroupsVlanConfigGroup, ciscoLwappWlanConfigGroupSup2, ciscoLwappWlanConfigClientGroupSup1 } OBJECT cLAPGroupsVlanConfigRowStatus SYNTAX RowStatus DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." OBJECT cLWlan11uOuiRowStatus SYNTAX RowStatus DESCRIPTION "An implementation is only required to support three of the six enumerated values of the RowStatus textual convention, specifically, 'active', 'createAndGo' and 'destroy'." ::= { ciscoLwappWlanMIBCompliances 3 } ciscoLwappWlanMIBComplianceRev3 MODULE-COMPLIANCE STATUS current DESCRIPTION "The compliance statement for the SNMP entities that implement the ciscoLwappWlanMIB module." MODULE -- this module MANDATORY-GROUPS { ciscoLwappWlanConfigGroupSup1, ciscoLwappWlanConfigClientGroup, ciscoLwappWlan11uConfigGroup, ciscoLwappAPGroupsVlanConfigGroup, ciscoLwappWlanConfigGroupSup2, ciscoLwappWlanConfigClientGroupSup1, ciscoLwappWlanConfigGroupSup3 } ::= { ciscoLwappWlanMIBCompliances 4 } -- ******************************************************************** -- * Units of conformance -- ******************************************************************** ciscoLwappWlanConfigGroup OBJECT-GROUP OBJECTS { cLWlanRowStatus } STATUS deprecated DESCRIPTION "This collection of objects represent the configuration of WLANs on the controller to be passed to an LWAPP AP." ::= { ciscoLwappWlanMIBGroups 1 } ciscoLwappWlanConfigGroupSup1 OBJECT-GROUP OBJECTS { cLWlanRowStatus, cLWlanProfileName, cLWlanSsid, cLWlanDiagChan, cLWlanStorageType } STATUS current DESCRIPTION "This collection of objects represent the configuration of WLANs on the controller to be passed to an LWAPP AP." ::= { ciscoLwappWlanMIBGroups 2 } ciscoLwappWlanConfigClientGroup OBJECT-GROUP OBJECTS { cLWlanClientAclName } STATUS current DESCRIPTION "This collection of objects represent the configuration of WLANs on the controller to be passed to an 8021.11 clients." ::= { ciscoLwappWlanMIBGroups 3 } ciscoLwappWlan11uConfigGroup OBJECT-GROUP OBJECTS { cLWlan11uStatus, cLWlan11uInternetAccess, cLWlan11uNetworkType, cLWlan11uVenueGroup, cLWlan11uVenueType, cLWlan11uVenueName, cLWlan11uOui, cLWlan11uOuiIsBeacon, cLWlan11uOuiRowStatus, cLWlan11uOuiStorageType } STATUS current DESCRIPTION "This collection of objects represents 802.11u related configuration of WLANs on the controller to be passed to an AP." ::= { ciscoLwappWlanMIBGroups 4 } ciscoLwappAPGroupsVlanConfigGroup OBJECT-GROUP OBJECTS { cLAPGroupsVlanMappingInterfaceName, cLAPGroupNACSupport, cLAPGroupsVlanConfigRowStatus, cLAPGroupsVlanConfigStorageType } STATUS current DESCRIPTION "This collection of objects represent the configuration of AP Groups Vlan on the controller to be passed to an AP." ::= { ciscoLwappWlanMIBGroups 5 } ciscoLwappWlanConfigGroupSup2 OBJECT-GROUP OBJECTS { cLWlanLoadBalancingEnable, cLWlanBandSelectEnable, cLWlanPassiveClientEnable, cLWlanIsWired, cLWlanIngressInterface, cLWlanNACSupport, cLWlanWepKeyChange, cLWlanChdEnable, cLWlan802dot11anDTIM, cLWlan802dot11bgnDTIM } STATUS current DESCRIPTION "This collection of objects represent the configuration of WLANs on the controller to be passed to an LWAPP AP." ::= { ciscoLwappWlanMIBGroups 6 } ciscoLwappWlanConfigClientGroupSup1 OBJECT-GROUP OBJECTS { cLWlanP2PBlocking } STATUS current DESCRIPTION "This collection of objects represent the configuration of WLANs on the controller to be passed to an 8021.11 clients." ::= { ciscoLwappWlanMIBGroups 7 } ciscoLwappWlanConfigGroupSup3 OBJECT-GROUP OBJECTS { cLWlanReAnchorRoamedVoiceClientsEnable, cLWlanMulticastInterfaceEnable, cLWlanMulticastInterface, cLWlanMulticastDirectEnable, cLWlanNACPostureSupport, cLWlanMaxClientsAccepted, cLWlanScanDeferPriority, cLWlanScanDeferTime, cLWlanLanSubType, cLWlanWebAuthOnMacFilterFailureEnabled, cLWlanStaticIpTunnelingEnabled } STATUS current DESCRIPTION "This collection of objects represent the configuration of WLANs on the controller to be passed to an LWAPP AP." ::= { ciscoLwappWlanMIBGroups 8 } END