-- ****************************************************************************
-- CISCO-WIRELESS-P2P-BPI.my: Baseline Privacy Interface MIB for Cisco
-- Wireless Point to Point Link.
--
-- December 1998, Joseph L Raja
--
-- Copyright (c) 1998-1999 by Cisco Systems, Inc.
-- All rights reserved.
--
-- ****************************************************************************
--
--
-- 1.0 Glossary
--
-- Radio Card: The Point-to-Point(P2P) radio card that will be plugged into
-- a router.
-- RF Unit: The Radio Frequency components and the associated antennas.
-- Radio System: Radio card and RF unit(s).
-- Radio MAC: Represents a Wireless Media Access Control layer.
-- Radio Master: A Radio Card configured to act as the Master,
-- abbreviated as 'Rm'.
-- Radio Slave : A Radio Card configured to act as the Slave
-- abbreviated as 'Rs'.
--
--
-- 2.0 Cisco Wireless P2P Privacy MIB Organization
--
-- The Cisco Wireless P2P Privacy MIB is derived from the DOCSIS docsBpiMib.
-- Reference doc number SP-OSSI-BPI-I01-98331.
-- The Cisco Wireless P2P Baseline Privacy Document is : Firestar
-- (Wireless P2P) Privacy.
--
--
-- 3.0 Differences between DOCSIS and Cisco P2P BPI MIBs.
--
-- The mapping is as follows:
-- CMTS maps to Master Radio. The Mibs related to Master Radio are tagged
-- with 'Rm'.
-- CM maps to Slave Radio. The Mibs related to Slave Radio are tagged
-- with 'Rs'.
--
-- The fundamental differences are:
--
-- 3.1 In docsBpiMib, the docsBpiCmTEKTable is indexed by the
-- docsIfCmServiceId. i.e. It directly associates the TEK attributes with
-- the SID. In a P2P there is no SID. Therefore this association has been
-- severed. The equivalent table cwrBpiRxTEKTable is indexed only by
-- ifIndex.
--
-- 3.2 In docsBpiMib docsBpiCmtsAuthTable is indexed by the
-- docsBpiCmtsAuthCmMacAddress. In case of a P2P there is no
-- MAC address. Therefore this relationship has been severed.
-- The equivalent cwrBpiRmAuthTable is indexed only by ifIndex.
--
-- 3.3 In docsBpiMib, docsBpiCmtsTEKTable is indexed by docsIfCmtsServiceId.
-- In case of a P2P there are no service classes and so no SID.
-- Therefore this relationship has been severed.
-- The equivalent cwrBpiRmTEKTable is indexed only by ifIndex.
--
-- 3.4 In case of P2P there is no multicast support at all so
-- docsBpiIpMulticastMapTable and docsBpiMulticastAuthTable have
-- been eliminated completely.
--
-- 3.5 In P2P link Authentication failures are not possible so
-- Objects related to authentication failures have been removed.
----
-- 4.0 MIB Organization
--
-- The Cisco P2P Wireless Baseline Privacy MIB has the following groups:
--
-- o. Radio Slave Group : This includes
-- 1. Configuration
-- 2. Authorization
-- 3. Traffic Encryption Key (TEK) information.
-- For a Radio Slave.
--
-- o. Radio Master Group: This includes
-- 1. Configuration
-- 2. Authorization
-- 3. Traffic Encryption Key (TEK) information.
-- For the Radio Master.
----
-- 5. Cisco P2P Wireless Radio Baseline Privacy MIB.
--CISCO-WIRELESS-P2P-BPI-MIB DEFINITIONS::=BEGINIMPORTSMODULE-IDENTITY,OBJECT-TYPE,Counter32FROM SNMPv2-SMI
DisplayString,TruthValue,TimeInterval
FROM SNMPv2-TC
OBJECT-GROUP,MODULE-COMPLIANCEFROM SNMPv2-CONF
ifIndex
FROM IF-MIB
ciscoMgmt
FROM CISCO-SMI;ciscoWirelessP2pBpiMIB MODULE-IDENTITYLAST-UPDATED"9905181200Z"ORGANIZATION"Cisco Systems Inc."CONTACT-INFO" Cisco Systems
Customer Service
Postal: 170 W Tasman Drive
San Jose, CA 95134
USA
Tel: +1 800 553-NETS
E-mail: cs-wireless@cisco.com"DESCRIPTION"This is the MIB Module for the Baseline Privacy Interface (BPI)
at Point to Point Wireless Radio Card.
This is a specialization on the MCNS docsBpiMib for Cisco Wireless
point to point communication links."::={ ciscoMgmt 135}cwrBpiMIBObjects OBJECTIDENTIFIER::={ ciscoWirelessP2pBpiMIB 1}
--
-- The Radio Slave Group.
--cwrBpiRsObjects OBJECTIDENTIFIER::={ cwrBpiMIBObjects 1}--
-- The BPI base and authorization table for Radio Slave, indexed by ifIndex
--cwrBpiRsBaseTable OBJECT-TYPESYNTAXSEQUENCEOF CwrBpiRsBaseEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"Describes the basic and authorization-related Baseline Privacy
attributes of each Slave Radio interface."::={ cwrBpiRsObjects 1}cwrBpiRsBaseEntry OBJECT-TYPESYNTAX CwrBpiRsBaseEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"An entry containing objects describing attributes of one Slave
Radio interface. An entry in this table exists for each
ifEntry with an ifType of ciscoWirelessP2P."
INDEX{ ifIndex }::={ cwrBpiRsBaseTable 1}
CwrBpiRsBaseEntry ::=SEQUENCE{
cwrBpiRsPrivacyEnable TruthValue,
cwrBpiRsPublicKey OCTETSTRING,
cwrBpiRsAuthState INTEGER,
cwrBpiRsAuthKeySequenceNumber INTEGER,
cwrBpiRsAuthExpires TimeInterval,
cwrBpiRsAuthReset TruthValue,
cwrBpiRsAuthGraceTime INTEGER,
cwrBpiRsTEKGraceTime INTEGER,
cwrBpiRsAuthWaitTimeout INTEGER,
cwrBpiRsReauthWaitTimeout INTEGER,
cwrBpiRsOpWaitTimeout INTEGER,
cwrBpiRsRekeyWaitTimeout INTEGER,
cwrBpiRsAuthRequests Counter32,
cwrBpiRsAuthReplies Counter32,
cwrBpiRsAuthInvalids Counter32,
cwrBpiRsAuthInvalidErrorCode INTEGER,
cwrBpiRsAuthInvalidErrorString DisplayString}cwrBpiRsPrivacyEnable OBJECT-TYPESYNTAXTruthValueMAX-ACCESSread-writeSTATUScurrentDESCRIPTION"This object identifies whether the Slave Radio is provisioned
to use Encryption or not."::={ cwrBpiRsBaseEntry 1}cwrBpiRsPublicKey OBJECT-TYPESYNTAXOCTETSTRING(SIZE(0..126))MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Public key of the Radio Slave encoded as an ASN.1
SubjectPublicKeyInfo object as defined in the RSA Encryption
Standard (PKCS #1) [RSA1]."
::={ cwrBpiRsBaseEntry 2}cwrBpiRsAuthState OBJECT-TYPESYNTAXINTEGER{start(1),authWait(2),authorized(3),reauthWait(4),authRejectWait(5)}MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The state of the Radio Slave authorization FSM.
The start state indicates that FSM is in its initial state."::={ cwrBpiRsBaseEntry 3}cwrBpiRsAuthKeySequenceNumber OBJECT-TYPESYNTAXINTEGER(0..15)
MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The authorization key sequence number for this FSM."::={ cwrBpiRsBaseEntry 4}cwrBpiRsAuthExpires OBJECT-TYPESYNTAXTimeIntervalMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of seconds left before the current authorization for this
FSM expires. If the Radio Slave does not have an active authorization,
then this value is 0."::={ cwrBpiRsBaseEntry 5}cwrBpiRsAuthReset OBJECT-TYPESYNTAXTruthValueMAX-ACCESSread-writeSTATUScurrentDESCRIPTION"Setting this object to TRUE generates a Reauthorize event in the
authorization FSM, as described in section 4.1.2.3.4 of the Baseline
Privacy Interface Specification. Reading this object always returns
FALSE."::={ cwrBpiRsBaseEntry 6}cwrBpiRsAuthGraceTime OBJECT-TYPESYNTAXINTEGER(1..1800)UNITS"seconds"MAX-ACCESSread-writeSTATUScurrentDESCRIPTION"Grace time for an authorization key. A Radio Slave is expected to
start trying to get a new authorization key beginning AuthGraceTime
seconds before the authorization key actually expires. The value
of this object cannot be changed while the authorization state machine
is running.
NOTE: When installed in the field, this variable should NEVER be set
below 300 which is the lower limit by standard.
This variable accepts a wider range to facilitate testing."::={ cwrBpiRsBaseEntry 7}cwrBpiRsTEKGraceTime OBJECT-TYPESYNTAXINTEGER(1..1800)UNITS"seconds"
MAX-ACCESSread-writeSTATUScurrentDESCRIPTION"Grace time for a TEK. A Radio Slave is expected to start trying
to get a new TEK beginning TEKGraceTime seconds before the
TEK actually expires. The value of this object cannot be changed
while the authorization state machine is running.
NOTE: When installed in the field, this variable should NEVER be set
below 300 which is the lower limit by standard.
This variable accepts a wider range to facilitate testing."::={ cwrBpiRsBaseEntry 8}cwrBpiRsAuthWaitTimeout OBJECT-TYPESYNTAXINTEGER(2..30)UNITS"seconds"MAX-ACCESSread-writeSTATUScurrentDESCRIPTION"Authorize Wait Timeout. The value of this object cannot be changed
while the authorization state machine is running."::={ cwrBpiRsBaseEntry 9}
cwrBpiRsReauthWaitTimeout OBJECT-TYPESYNTAXINTEGER(2..30)UNITS"seconds"MAX-ACCESSread-writeSTATUScurrentDESCRIPTION"Reauthorize Wait Timeout in seconds. The value of this object cannot
be changed while the authorization state machine is running."::={ cwrBpiRsBaseEntry 10}cwrBpiRsOpWaitTimeout OBJECT-TYPESYNTAXINTEGER(1..10)UNITS"seconds"MAX-ACCESSread-writeSTATUScurrentDESCRIPTION"Operational Wait Timeout in seconds. The value of this object cannot
be changed while the authorization state machine is running."::={ cwrBpiRsBaseEntry 11}
cwrBpiRsRekeyWaitTimeout OBJECT-TYPESYNTAXINTEGER(1..10)UNITS"seconds"MAX-ACCESSread-writeSTATUScurrentDESCRIPTION"Rekey Wait Timeout in seconds. The value of this object cannot be
changed while the authorization state machine is running."::={ cwrBpiRsBaseEntry 12}cwrBpiRsAuthRequests OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Count of times the Radio Slave has transmitted an Authorization
Request message."::={ cwrBpiRsBaseEntry 13}cwrBpiRsAuthReplies OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-only
STATUScurrentDESCRIPTION"Count of times the Radio Slave has received an Authorization
Reply message."::={ cwrBpiRsBaseEntry 14}cwrBpiRsAuthInvalids OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Count of times the Radio Slave has received an Authorization
Invalid message."::={ cwrBpiRsBaseEntry 15}cwrBpiRsAuthInvalidErrorCode OBJECT-TYPESYNTAXINTEGER{noInformation(0),unauthorizedSlave(1),undefined(2),unsolicited(3),invalidKeySequence(4),
keyRequestAuthenticationFailure(5)}MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Error-Code in most recent Authorization Invalid message received by
the Radio Slave. On bootup, this has value no-information(0). At all
other times, this object reflects the error code received"::={ cwrBpiRsBaseEntry 16}cwrBpiRsAuthInvalidErrorString OBJECT-TYPESYNTAXDisplayStringMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Display-String in most recent Authorization Invalid message received
by the Radio Slave. This is a zero length string if no Authorization
Invalid message has been received since reboot."::={ cwrBpiRsBaseEntry 17}--
-- The Radio Slave TEK Table, indexed by ifIndex.
--cwrBpiRsTEKTable OBJECT-TYPE
SYNTAXSEQUENCEOF CwrBpiRsTEKEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"Describes the attributes of each Radio Slave Traffic Encryption
Key (TEK) Service."::={ cwrBpiRsObjects 2}cwrBpiRsTEKEntry OBJECT-TYPESYNTAX CwrBpiRsTEKEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"An entry containing objects describing the TEK attributes of
one instantiated TEK service. There will be one such entry for every
Radio Slave of a P2P link."INDEX{ ifIndex }::={ cwrBpiRsTEKTable 1}
CwrBpiRsTEKEntry ::=SEQUENCE{
cwrBpiRsTEKEncryptionNegotiated TruthValue,
cwrBpiRsTEKState INTEGER,
cwrBpiRsTEKExpiresOld TimeInterval,
cwrBpiRsTEKExpiresNew TimeInterval,
cwrBpiRsTEKKeyRequests Counter32,
cwrBpiRsTEKKeyReplies Counter32,
cwrBpiRsTEKInvalids Counter32,
cwrBpiRsTEKAuthPends Counter32,
cwrBpiRsTEKInvalidErrorCode INTEGER,
cwrBpiRsTEKInvalidErrorString DisplayString}cwrBpiRsTEKEncryptionNegotiated OBJECT-TYPESYNTAXTruthValueMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"This identifies whether this TEK service is using encryption or
not. Encryption may not be in use even though cwrBpiRsPrivacyEnable
is provisioned. This is possible if the remote is not configured
for privacy or it's not running an encryption capable image."::={ cwrBpiRsTEKEntry 1}cwrBpiRsTEKState OBJECT-TYPESYNTAXINTEGER{
start (1),opWait (2),opReauthWait (3),operational (4),rekeyWait (5),rekeyReauthWait (6)}MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The state of the indicated TEK FSM. The start(1) state indicates
that FSM is in its initial state."::={ cwrBpiRsTEKEntry 2}cwrBpiRsTEKExpiresOld OBJECT-TYPESYNTAXTimeIntervalMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of seconds left to expire for the oldest active key
for this FSM. If this FSM has no active keys then this value will
be zero."::={ cwrBpiRsTEKEntry 3}cwrBpiRsTEKExpiresNew OBJECT-TYPESYNTAXTimeIntervalMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of seconds left to expire for the newest active key for
this FSM. If this FSM has no active keys then this value will
be zero."::={ cwrBpiRsTEKEntry 4}cwrBpiRsTEKKeyRequests OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Count of times the this TEK Service has transmitted a Key Request
message."::={ cwrBpiRsTEKEntry 5}cwrBpiRsTEKKeyReplies OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-only
STATUScurrentDESCRIPTION"Count of times this TEK Service has received a Key Reply message."::={ cwrBpiRsTEKEntry 6}cwrBpiRsTEKInvalids OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Count of times this TEK Service has received a TEK Invalid message."::={ cwrBpiRsTEKEntry 7}cwrBpiRsTEKAuthPends OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Count of times an Authorization Pending (Auth Pend) event
occurred in this TEK Serivce FSM."::={ cwrBpiRsTEKEntry 8}cwrBpiRsTEKInvalidErrorCode OBJECT-TYPESYNTAXINTEGER{
noInformation(0),unauthorizedSlave(1),undefined(2),unsolicited(3),invalidKeySequence(4),keyRequestAuthenticationFailure(5)}MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Error-Code in most recent TEK Invalid message received by this TEK
service. On bootup, this has value no-information(0). At all
other times, this object reflects the error code received"::={ cwrBpiRsTEKEntry 9}cwrBpiRsTEKInvalidErrorString OBJECT-TYPESYNTAXDisplayStringMAX-ACCESSread-only
STATUScurrentDESCRIPTION"Display-String in most recent TEK Invalid message received by
this TEK Service. This is a zero length string if no TEK Invalid
message has been received since this TEK Service was started."::={ cwrBpiRsTEKEntry 10}--
-- The Radio Master Group.
--cwrBpiRmObjects OBJECTIDENTIFIER::={ cwrBpiMIBObjects 2}--
-- The Radio Master Authorization Table, indexed by ifIndex.
--cwrBpiRmAuthTable OBJECT-TYPESYNTAXSEQUENCEOF CwrBpiRmAuthEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"Describes the attributes of each Radio Master authorization
association. The Radio master maintains one authorization association
with each Baseline Privacy-enabled Radio Slave on each Radio Master
MAC interface."::={ cwrBpiRmObjects 1}cwrBpiRmAuthEntry OBJECT-TYPESYNTAX CwrBpiRmAuthEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"An entry containing objects describing attributes of one authorization
association. The Radio master MUST create one entry per Radio Slave per
MAC interface, based on the receipt of an Authorization Request
message, and MUST not delete the entry before the Radio Slave
authorization permanently expires."INDEX{ ifIndex }::={ cwrBpiRmAuthTable 1}
CwrBpiRmAuthEntry ::=SEQUENCE{
cwrBpiRmAuthPrivacyEnable TruthValue,
cwrBpiRmAuthRsPublicKey OCTETSTRING,
cwrBpiRmAuthRsKeySequenceNumber INTEGER,
cwrBpiRmAuthRsExpires TimeInterval,
cwrBpiRmAuthRsLifetime INTEGER,
cwrBpiRmAuthRsReset TruthValue,
cwrBpiRmAuthRsRequests Counter32,
cwrBpiRmAuthRsReplies Counter32,
cwrBpiRmAuthRsInvalids Counter32,
cwrBpiRmAuthInvalidErrorCode INTEGER,
cwrBpiRmAuthInvalidErrorString DisplayString}cwrBpiRmAuthPrivacyEnable OBJECT-TYPESYNTAXTruthValueMAX-ACCESSread-writeSTATUScurrentDESCRIPTION"This object identifies whether the Master Radio is provisioned
to use Encryption or not."::={ cwrBpiRmAuthEntry 1}cwrBpiRmAuthRsPublicKey OBJECT-TYPESYNTAXOCTETSTRING(SIZE(0..126))MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Public key of the Radio Slave encoded as an ASN.1 SubjectPublicKeyInfo
object as defined in the RSA Encryption Standard (PKCS #1) [RSA1].
This is a zero-length string if the Radio Master does not retain the
public key."::={ cwrBpiRmAuthEntry 2}cwrBpiRmAuthRsKeySequenceNumber OBJECT-TYPESYNTAXINTEGER(0..15)MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The authorization key sequence number for this Radio Slave."::={ cwrBpiRmAuthEntry 3}cwrBpiRmAuthRsExpires OBJECT-TYPESYNTAXTimeIntervalMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of seconds left before the current authorization for
this Radio Slave expires. If this Radio Slave does not have an active
authorization, then the value is zero."::={ cwrBpiRmAuthEntry 4}
cwrBpiRmAuthRsLifetime OBJECT-TYPESYNTAXINTEGER(1..6048000)UNITS"seconds"MAX-ACCESSread-writeSTATUScurrentDESCRIPTION"Lifetime, in seconds, the Radio Master assigns to an authorization key
for this Radio Slave.
NOTE: When installed in the field, this variable should NEVER be set
below 86400 which is the lower limit by standard.
This variable accepts a wider range to facilitate testing."::={ cwrBpiRmAuthEntry 5}cwrBpiRmAuthRsReset OBJECT-TYPESYNTAXTruthValueMAX-ACCESSread-writeSTATUScurrentDESCRIPTION"Setting this object to True(1) causes the Radio Master
to invalidate the current Radio Slave authorization key, to transmit
an Authorization Invalid message to the Radio Slave, and to invalidate
the unicast TEK associated with this Radio Slave authorization.
Reading this object always returns False"::={ cwrBpiRmAuthEntry 6}cwrBpiRmAuthRsRequests OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Count of times the Radio Master has received an Authorization Request
message from this Radio Slave."::={ cwrBpiRmAuthEntry 7}cwrBpiRmAuthRsReplies OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Count of times the Radio master has transmitted an Authorization Reply
message to this Radio Slave."::={ cwrBpiRmAuthEntry 8}cwrBpiRmAuthRsInvalids OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-only
STATUScurrentDESCRIPTION"Count of times the Radio Master has transmitted an Authorization
Invalid message to this Radio Slave."::={ cwrBpiRmAuthEntry 9}cwrBpiRmAuthInvalidErrorCode OBJECT-TYPESYNTAXINTEGER{noInformation(0),unauthorizedSlave(1),undefined(2),unsolicited(3),invalidKeySequence(4),keyRequestAuthenticationFailure(5)}MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Error-Code in most recent Authorization Invalid message transmitted to
the Radio Slave. On bootup, this has value no-information(0). At all
other times, this object reflects the error code transmitted"::={ cwrBpiRmAuthEntry 10}cwrBpiRmAuthInvalidErrorString OBJECT-TYPESYNTAXDisplayStringMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Display-String in most recent Authorization Invalid message
transmitted to the Radio Slave. This is a zero length string if no
Authorization Invalid message has been transmitted to the Radio Slave."::={ cwrBpiRmAuthEntry 11}--
-- The Radio Master TEK Table, indexed by ifIndex.
--cwrBpiRmTEKTable OBJECT-TYPESYNTAXSEQUENCEOF CwrBpiRmTEKEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"Describes the attributes of each Radio Slave Traffic Encryption Key
(TEK) association. The Radio master maintains one TEK association
for the Radio Slave."::={ cwrBpiRmObjects 2}cwrBpiRmTEKEntry OBJECT-TYPESYNTAX CwrBpiRmTEKEntry
MAX-ACCESSnot-accessibleSTATUScurrentDESCRIPTION"An entry containing objects describing attributes of one
TEK service on a particular Radio Master MAC interface. The Radio
Master MUST create one entry per TEK Service per MAC interface,
based on the receipt of an Key Request message, and MUST not
delete the entry before the Radio Slave authorization for that
TEK Service permanently expires."INDEX{ ifIndex }::={ cwrBpiRmTEKTable 1}
CwrBpiRmTEKEntry ::=SEQUENCE{
cwrBpiRmTEKEncryptionNegotiated TruthValue,
cwrBpiRmTEKLifetime INTEGER,
cwrBpiRmTEKExpiresOld TimeInterval,
cwrBpiRmTEKExpiresNew TimeInterval,
cwrBpiRmTEKReset TruthValue,
cwrBpiRmKeyRequests Counter32,
cwrBpiRmKeyReplies Counter32,
cwrBpiRmTEKInvalids Counter32,
cwrBpiRmTEKInvalidErrorCode INTEGER,
cwrBpiRmTEKInvalidErrorString DisplayString}cwrBpiRmTEKEncryptionNegotiated OBJECT-TYPESYNTAXTruthValueMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"This identifies whether this TEK service is using encryption or
not. Encryption may not be in use even though
cwrBpiRmAuthPrivacyEnable is provisioned.
This is possible if the master is not configured
for privacy or it's not running an encryption capable image."::={ cwrBpiRmTEKEntry 1}cwrBpiRmTEKLifetime OBJECT-TYPESYNTAXINTEGER(1..604800)
UNITS"seconds"MAX-ACCESSread-writeSTATUScurrentDESCRIPTION"Lifetime, in seconds, the Radio Master assigns to keys for this TEK
association.
NOTE: When installed in the field, this variable should NEVER be set
below 1800 which is the lower limit by standard.
This variable accepts a wider range to facilitate testing."::={ cwrBpiRmTEKEntry 2}cwrBpiRmTEKExpiresOld OBJECT-TYPESYNTAXTimeIntervalMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"The number of seconds left to expire for the oldest active key for
this TEK association. If this TEK associateion has no active key then
the value will be zero."::={ cwrBpiRmTEKEntry 3}cwrBpiRmTEKExpiresNew OBJECT-TYPESYNTAXTimeIntervalMAX-ACCESSread-only
STATUScurrentDESCRIPTION"The number of seconds left to expire for the newest active key for
this TEK association. If this TEK association has no active keys
then this value will be zero."::={ cwrBpiRmTEKEntry 4}cwrBpiRmTEKReset OBJECT-TYPESYNTAXTruthValueMAX-ACCESSread-writeSTATUScurrentDESCRIPTION"Setting this object to TRUE causes the Radio Master to invalidate the
current active TEK(s) (plural due to key transition periods), and
to generate a new TEK. Reading this object always returns FALSE."::={ cwrBpiRmTEKEntry 5}cwrBpiRmKeyRequests OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Count of times the Radio Master has received a Key Request message."::={ cwrBpiRmTEKEntry 6}
cwrBpiRmKeyReplies OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Count of times the Radio master has transmitted a Key Reply message."::={ cwrBpiRmTEKEntry 7}cwrBpiRmTEKInvalids OBJECT-TYPESYNTAXCounter32MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Count of times the Radio Master has transmitted a TEK Invalid
message."::={ cwrBpiRmTEKEntry 8}cwrBpiRmTEKInvalidErrorCode OBJECT-TYPESYNTAXINTEGER{noInformation(0),unauthorizedSlave(1),
undefined(2),unsolicited(3),invalidKeySequence(4),keyRequestAuthenticationFailure(5)}MAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Error-Code in most recent TEK Invalid message sent in association
with this TEK service. On bootup, this has value no-information(0).
At all other times, this object reflects the error code received"::={ cwrBpiRmTEKEntry 9}cwrBpiRmTEKInvalidErrorString OBJECT-TYPESYNTAXDisplayStringMAX-ACCESSread-onlySTATUScurrentDESCRIPTION"Display-String in the most recent TEK Invalid message sent in
ssociation with this BPI TEK service. This is a zero length
string if no TEK Invalid message has been received since reboot."::={ cwrBpiRmTEKEntry 10}--
-- The BPI MIB Conformance Statements (with a placeholder for notifications)
--cwrBpiNotification OBJECTIDENTIFIER::={ ciscoWirelessP2pBpiMIB 2}cwrBpiConformance OBJECTIDENTIFIER::={ ciscoWirelessP2pBpiMIB 3}cwrBpiCompliances OBJECTIDENTIFIER::={ cwrBpiConformance 1}cwrBpiGroups OBJECTIDENTIFIER::={ cwrBpiConformance 2}cwrBpiBasicCompliance MODULE-COMPLIANCESTATUScurrentDESCRIPTION"The compliance statement for devices which implement the
Cisco Wireless Radio point to point Baseline Privacy Interface."MODULE-- ciscoWirelessP2pBpiMib-- conditionally mandatory group
GROUP cwrBpiRsGroup
DESCRIPTION"This group is implemented for Radio Cards configurable as Radio Slave."-- conditionally mandatory groupGROUP cwrBpiRmGroup
DESCRIPTION"This group is implemented for Radio Cards configurable as
Radio Master."::={ cwrBpiCompliances 1}cwrBpiRsGroup OBJECT-GROUPOBJECTS{
cwrBpiRsPrivacyEnable,
cwrBpiRsPublicKey,
cwrBpiRsAuthState,
cwrBpiRsAuthKeySequenceNumber,
cwrBpiRsAuthExpires,
cwrBpiRsAuthReset,
cwrBpiRsAuthGraceTime,
cwrBpiRsTEKGraceTime,
cwrBpiRsAuthWaitTimeout,
cwrBpiRsReauthWaitTimeout,
cwrBpiRsOpWaitTimeout,
cwrBpiRsRekeyWaitTimeout,
cwrBpiRsAuthRequests,
cwrBpiRsAuthReplies,
cwrBpiRsAuthInvalids,
cwrBpiRsAuthInvalidErrorCode,
cwrBpiRsAuthInvalidErrorString,
cwrBpiRsTEKEncryptionNegotiated,
cwrBpiRsTEKState,
cwrBpiRsTEKExpiresOld,
cwrBpiRsTEKExpiresNew,
cwrBpiRsTEKKeyRequests,
cwrBpiRsTEKKeyReplies,
cwrBpiRsTEKInvalids,
cwrBpiRsTEKAuthPends,
cwrBpiRsTEKInvalidErrorCode,
cwrBpiRsTEKInvalidErrorString
}STATUScurrentDESCRIPTION"A collection of objects providing Radio Slave BPI status and control."::={ cwrBpiGroups 1}cwrBpiRmGroup OBJECT-GROUPOBJECTS{
cwrBpiRmAuthPrivacyEnable,
cwrBpiRmAuthRsPublicKey,
cwrBpiRmAuthRsKeySequenceNumber,
cwrBpiRmAuthRsExpires,
cwrBpiRmAuthRsLifetime,
cwrBpiRmAuthRsReset,
cwrBpiRmAuthRsRequests,
cwrBpiRmAuthRsReplies,
cwrBpiRmAuthRsInvalids,
cwrBpiRmAuthInvalidErrorCode,
cwrBpiRmAuthInvalidErrorString,
cwrBpiRmTEKEncryptionNegotiated,
cwrBpiRmTEKLifetime,
cwrBpiRmTEKExpiresOld,
cwrBpiRmTEKExpiresNew,
cwrBpiRmTEKReset,
cwrBpiRmKeyRequests,
cwrBpiRmKeyReplies,
cwrBpiRmTEKInvalids,
cwrBpiRmTEKInvalidErrorCode,
cwrBpiRmTEKInvalidErrorString
}STATUScurrentDESCRIPTION"A collection of objects providing Radio Master BPI status and control."::={ cwrBpiGroups 2}END-- 6. References
--
-- 1. Cisco Wireless Proprietary Management Information Base
-- CISCO-WIRELESS-IF-MIB.my
--
-- 2. [IPCDN2] G. Roeck, "Radio Frequency (RF) Interface Management Information
-- Base for MCNS compliant RF Interfaces",
-- draft-ietf-ipcdn-rf-interface-mib-03.txt, January 1998.
--
-- 3. [MCNS1] Data-Over-Cable Service Interface Specifications, Baseline Privacy
-- Interface Specification,SP-BPI-I01-980331
--
-- 4. [MCNS5] Data-Over-Cable Service Interface Specifications, OSSI
-- Specification Overview "Telephony Return MIB, SP-OSSI-TRD02-970901.
--
-- 5. [RSA1] RSA Laboratories, "The Public-Key Cryptography Standards", RSA Data
-- Security Inc., Redwood City, CA.
--