-- These MIBs were created on 05/027/2001
-- This module defines enterprise MIBs for Authentication Configuration
--
-- Copyright (c) 1999-2004, Juniper Networks, Inc.
-- All rights reserved.
---- MODULE-IDENTITY
-- OrgName
-- Juniper Networks, Inc.
-- ContactInfo
-- Customer Support
--
-- 1194 North Mathilda Avenue
-- Sunnyvale, California 94089-1206
-- USA
--
-- Tel: 1-800-638-8296
-- E-mail: customerservice@juniper.net
-- HTTP://www.juniper.net"
--
-- Descr
-- This module defines the object that are used to monitor
-- all the configuration info
--
-- Last modified date: 11/10/2004
-- Added nsSetAuthCfgEntry attributes
--
-- Last modified date: 05/03/2004
-- Modified copyright and contact info
--
-- Last modified date: 04/27/2002
-- More than one auth setting allowed in one system
-- Zhong Wang
--
-- Last modified date: 11/10/2003
-- Correct spelling mistake
--NETSCREEN-SET-AUTH-MIB DEFINITIONS::=BEGIN
IMPORTSDisplayStringFROM RFC1213-MIB
netscreenSetting FROM NETSCREEN-SMI;nsSetAuth OBJECTIDENTIFIER::={ netscreenSetting 2}nsSetAuthCfgTable OBJECT-TYPESYNTAXSEQUENCEOF NsSetAuthCfgEntry
ACCESSnot-accessibleSTATUSmandatoryDESCRIPTION"The authentication configuration of NetScreen device."::={ nsSetAuth 1}
nsSetAuthCfgEntry OBJECT-TYPESYNTAX NsSetAuthCfgEntry
ACCESSnot-accessibleSTATUSmandatoryDESCRIPTION"NetScreen admin user authentication setting table."INDEX{ nsSetAuthCfgIdx }::={ nsSetAuthCfgTable 1}
NsSetAuthCfgEntry ::=SEQUENCE{
nsSetAuthCfgIdx
INTEGER,
nsSetAuthCfgVsys
INTEGER,
nsSetAuthCfgName
DisplayString,
nsSetAuthCfgPrimary
DisplayString,
nsSetAuthCfgBackup1
DisplayString,
nsSetAuthCfgBackup2
DisplayString,
nsSetAuthCfgConnIdleTimeout
INTEGER,
nsSetAuthCfgAuthAccount
INTEGER,
nsSetAuthCfgIkeAccount
INTEGER,
nsSetAuthCfgL2tpAccount
INTEGER,
nsSetAuthCfgAdminAccount
INTEGER,
nsSetAuthCfgXauthAccount
INTEGER,
nsSetAuthCfgMethod
INTEGER,
nsSetAuthCfgPort
INTEGER,
nsSetAuthCfgSecCliRetry
INTEGER,
nsSetAuthCfgSecCliTimeout
INTEGER,
nsSetAuthCfgSecEncType
INTEGER,
nsSetAuthCfgSecUseDuress
INTEGER,
nsSetAuthCfgLDAPCni
DisplayString,
nsSetAuthCfgLDAPDn
DisplayString,
nsSetAuthCfgSepChar
DisplayString,
nsSetAuthCfgSepNumber
Integer32,
nsSetAuthCfgRevInterval
Integer32,
nsSetAuthCfgRadRetries
Integer32,
nsSetAuthCfgEnableStnID
INTEGER,
nsSetAuthCfgDomainName
DisplayString,
nsSetAuthCfgAcctSessIdLen
Integer32,
nsSetAuthCfgRFC2138Compatibility
INTEGER,
nsSetAuthCfgSourceIfName
DisplayString,
nsSetAuthCfgAcctPort
Integer32,
nsSetAuthCfgAcctListActn
INTEGER,
nsSetAuthCfgSourceIfInfo
Integer32}nsSetAuthCfgIdx OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"Authentication server config index."::={ nsSetAuthCfgEntry 1}nsSetAuthCfgVsys OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"Virtural system the setting belongs to."::={ nsSetAuthCfgEntry 2}
nsSetAuthCfgName OBJECT-TYPESYNTAXDisplayString(SIZE(0..32))ACCESSread-onlySTATUSmandatoryDESCRIPTION"Authentication server setting entry name."::={ nsSetAuthCfgEntry 3}nsSetAuthCfgPrimary OBJECT-TYPESYNTAXDisplayString(SIZE(0..32))ACCESSread-onlySTATUSmandatoryDESCRIPTION"Primary authentication server IP or domain name."::={ nsSetAuthCfgEntry 4}nsSetAuthCfgBackup1 OBJECT-TYPESYNTAXDisplayString(SIZE(0..32))
ACCESSread-onlySTATUSmandatoryDESCRIPTION"First backup authentication server IP or domain name.It's optional."::={ nsSetAuthCfgEntry 5}nsSetAuthCfgBackup2 OBJECT-TYPESYNTAXDisplayString(SIZE(0..32))ACCESSread-onlySTATUSmandatoryDESCRIPTION"Secondary backup authentication server IP or domain name.It's optional."::={ nsSetAuthCfgEntry 6}nsSetAuthCfgConnIdleTimeout OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"Connection timeout threshold setting. 0 means no timeout setting."::={ nsSetAuthCfgEntry 7}nsSetAuthCfgAuthAccount OBJECT-TYPE
SYNTAXINTEGER{no(0),yes(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"Allow authentication account."::={ nsSetAuthCfgEntry 8}nsSetAuthCfgIkeAccount OBJECT-TYPESYNTAXINTEGER{no(0),yes(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"Allow IKE account."::={ nsSetAuthCfgEntry 9}nsSetAuthCfgL2tpAccount OBJECT-TYPESYNTAXINTEGER{no(0),
yes(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"Allow L2tp account."::={ nsSetAuthCfgEntry 10}nsSetAuthCfgAdminAccount OBJECT-TYPESYNTAXINTEGER{no(0),yes(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"Allow administration account."::={ nsSetAuthCfgEntry 11}nsSetAuthCfgXauthAccount OBJECT-TYPESYNTAXINTEGER{no(0),yes(1)
}ACCESSread-onlySTATUSmandatoryDESCRIPTION"Allow Xauth account."::={ nsSetAuthCfgEntry 12}nsSetAuthCfgMethod OBJECT-TYPESYNTAXINTEGER{build-in-user-db(0),radius-server(1),secureId-server(2),ldap-server(3)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"NetScreen device admin user authentication method."::={ nsSetAuthCfgEntry 13}nsSetAuthCfgPort OBJECT-TYPESYNTAXINTEGERACCESSread-only
STATUSmandatoryDESCRIPTION"Server listening port number."::={ nsSetAuthCfgEntry 14}nsSetAuthCfgSecCliRetry OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"SecureID client client retry times"::={ nsSetAuthCfgEntry 15}nsSetAuthCfgSecCliTimeout OBJECT-TYPESYNTAXINTEGERACCESSread-onlySTATUSmandatoryDESCRIPTION"SecureID client timeout threshold."::={ nsSetAuthCfgEntry 16}nsSetAuthCfgSecEncType OBJECT-TYPESYNTAXINTEGER{sdi(0),des(1)
}ACCESSread-onlySTATUSmandatoryDESCRIPTION"SecureID traffic encryption type."::={ nsSetAuthCfgEntry 17}nsSetAuthCfgSecUseDuress OBJECT-TYPESYNTAXINTEGER{no(0),yes(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"Use duress in SecureID authentication."::={ nsSetAuthCfgEntry 18}nsSetAuthCfgLDAPCni OBJECT-TYPESYNTAXDisplayString(SIZE(0..2))ACCESSread-onlySTATUSmandatory
DESCRIPTION"LDAP server common name identifier"::={ nsSetAuthCfgEntry 19}nsSetAuthCfgLDAPDn OBJECT-TYPESYNTAXDisplayString(SIZE(0..32))ACCESSread-onlySTATUSmandatoryDESCRIPTION"LDAP server distinguished name"::={ nsSetAuthCfgEntry 20}nsSetAuthCfgSepChar OBJECT-TYPESYNTAXDisplayString(SIZE(0..2))ACCESSread-onlySTATUSmandatoryDESCRIPTION"Seperator character for this entry"::={ nsSetAuthCfgEntry 21}nsSetAuthCfgSepNumber OBJECT-TYPESYNTAXInteger32ACCESSread-onlySTATUSmandatoryDESCRIPTION"Seperator number for this entry"::={ nsSetAuthCfgEntry 22}nsSetAuthCfgRevInterval OBJECT-TYPESYNTAXInteger32ACCESSread-onlySTATUSmandatoryDESCRIPTION"Revert interval for this entry"::={ nsSetAuthCfgEntry 23}nsSetAuthCfgRadRetries OBJECT-TYPESYNTAXInteger32ACCESSread-onlySTATUSmandatoryDESCRIPTION"Radius retries for this entries"::={ nsSetAuthCfgEntry 24}nsSetAuthCfgEnableStnID OBJECT-TYPE
SYNTAXINTEGER{no(0),yes(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"Enable/Disable call station ID for this entry."::={ nsSetAuthCfgEntry 25}nsSetAuthCfgDomainName OBJECT-TYPESYNTAXDisplayString(SIZE(0..255))ACCESSread-onlySTATUSmandatoryDESCRIPTION"Domain name for this entry"::={ nsSetAuthCfgEntry 26}nsSetAuthCfgAcctSessIdLen OBJECT-TYPESYNTAXInteger32ACCESSread-onlySTATUSmandatory
DESCRIPTION"Acct session identifier length for this entry"::={ nsSetAuthCfgEntry 27}nsSetAuthCfgRFC2138Compatibility OBJECT-TYPESYNTAXINTEGER{no(0),yes(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"Is RFC2138 compatible for this entry"::={ nsSetAuthCfgEntry 28}nsSetAuthCfgSourceIfName OBJECT-TYPESYNTAXDisplayString(SIZE(0..255))ACCESSread-onlySTATUSmandatoryDESCRIPTION"Source interface name for this entry"::={ nsSetAuthCfgEntry 29}nsSetAuthCfgAcctPort OBJECT-TYPESYNTAXInteger32ACCESSread-onlySTATUSmandatoryDESCRIPTION"Radius accounting port for this entry"::={ nsSetAuthCfgEntry 30}nsSetAuthCfgAcctListActn OBJECT-TYPESYNTAXINTEGER{none(0),cleanup-sess(1)}ACCESSread-onlySTATUSmandatoryDESCRIPTION"Radius accounting action for this entry."::={ nsSetAuthCfgEntry 31}nsSetAuthCfgSourceIfInfo OBJECT-TYPESYNTAXInteger32ACCESSread-onlySTATUSmandatory
DESCRIPTION"Source interface info for this entry. Returns -1 when interface is not present"::={ nsSetAuthCfgEntry 32}END