CISCOSB-RADIUS-COA DEFINITIONS ::= BEGIN

-- Title: CISCOSB CoA Radius Private Extension
-- Version:    9.50
-- Date:       01-Jul-2022

IMPORTS
    Unsigned32, IpAddress,Counter32,
    MODULE-IDENTITY, OBJECT-TYPE                FROM SNMPv2-SMI
    TruthValue, RowStatus, DisplayString,
    DateAndTime, TimeStamp,
    TEXTUAL-CONVENTION                          FROM SNMPv2-TC
    InetAddressType,InetAddress,InetAddressIPv6 FROM INET-ADDRESS-MIB -- RFC2851
    switch001, 	rlRadius,rlAAAEap                FROM CISCOSB-MIB;

rlRadiusCoA MODULE-IDENTITY
        LAST-UPDATED "202207010000Z"
                ORGANIZATION "Cisco Systems, Inc."
                CONTACT-INFO
                "Postal: 170 West Tasman Drive
                San Jose , CA 95134-1706
                USA

                
                Website:  Cisco Small Business Support Community <http://www.cisco.com/go/smallbizsupport>"

        DESCRIPTION
                "The private MIB module definition for CoA Radius feature
                 in CISCOSB devices."
        REVISION "202207010000Z"
        DESCRIPTION
                "Added this MODULE-IDENTITY clause."
        ::= { switch001 247 }

--
-- Radius CoA Client Inet table
--

rlRadiusCoAClientInetTable OBJECT-TYPE
    SYNTAX     SEQUENCE OF RlRadiusCoAClientInetEntry
    MAX-ACCESS     not-accessible
    STATUS current
    DESCRIPTION
        "The table listing the RADIUS CoA entry."
    ::= { rlRadiusCoA 1 }

rlRadiusCoAClientInetEntry OBJECT-TYPE
    SYNTAX     RlRadiusCoAClientInetEntry
    MAX-ACCESS     not-accessible
    STATUS current
    DESCRIPTION
        "The entry in RADIUS CoA table."
    INDEX      { rlRadiusCoAClientInetAddressType,
                 rlRadiusCoAClientInetAddress }
    ::= { rlRadiusCoAClientInetTable 1 }


RlRadiusCoAClientInetEntry ::= SEQUENCE {
    rlRadiusCoAClientInetAddressType                 InetAddressType,
    rlRadiusCoAClientInetAddress                     InetAddress,
    rlRadiusCoAClientInetKey                         DisplayString,
    rlRadiusCoAClientInetKeyDigest                   OCTET STRING,
    rlRadiusCoAClientInetClearCountersAction         TruthValue,
    rlRadiusCoAClientInetRowStatus                   RowStatus
}

rlRadiusCoAClientInetAddressType OBJECT-TYPE
    SYNTAX  InetAddressType
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "The Inet address type of RADIUS CoA referred to
         in this table entry."
    ::= { rlRadiusCoAClientInetEntry 1}

rlRadiusCoAClientInetAddress OBJECT-TYPE
    SYNTAX     InetAddress
    MAX-ACCESS     read-write
    STATUS current
    DESCRIPTION
        "The Inet address of the RADIUS CoA
        referred to in this table entry."
    ::= { rlRadiusCoAClientInetEntry 2 }

rlRadiusCoAClientInetKey  OBJECT-TYPE
    SYNTAX DisplayString (SIZE(0..128|160))
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Secret key to be shared with this RADIUS CoA. The key with length of 160 means the key is not set"
    DEFVAL { "" }
    ::= { rlRadiusCoAClientInetEntry 3 }

rlRadiusCoAClientInetKeyDigest OBJECT-TYPE
    SYNTAX      OCTET STRING
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "The Digest of the rlRadiusCoAClientInetKey"
    ::= { rlRadiusCoAClientInetEntry 4 }

rlRadiusCoAClientInetClearCountersAction OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION
          "Set to TRUE to clear the Radius CoA Client counters."
    ::= { rlRadiusCoAClientInetEntry 5 }

rlRadiusCoAClientInetRowStatus     OBJECT-TYPE
   SYNTAX RowStatus
   MAX-ACCESS read-write
   STATUS current
   DESCRIPTION       "Radius CoA Client Entry status"
   ::= { rlRadiusCoAClientInetEntry 6 }


--
-- Radius CoA Client counters action table
--

rlRadiusCoAClientInetCountersTable        OBJECT-TYPE
    SYNTAX SEQUENCE OF RlRadiusCoAClientInetCountersEntry
    MAX-ACCESS      not-accessible
    STATUS          current
    DESCRIPTION     "MIB to show radius CoA counters per client"
    ::= { rlRadiusCoA 2 }

rlRadiusCoAClientInetCountersEntry OBJECT-TYPE
    SYNTAX          RlRadiusCoAClientInetCountersEntry
    MAX-ACCESS      not-accessible
    STATUS          current
    DESCRIPTION     "The row definition for this table."
    INDEX { rlRadiusCoAClientInetAddressType,
            rlRadiusCoAClientInetAddress }
    ::= { rlRadiusCoAClientInetCountersTable 1 }

RlRadiusCoAClientInetCountersEntry::= SEQUENCE {
    rlRadiusCoAClientInetAverageResponseTime         Unsigned32,
    rlRadiusCoAClientInetCoARequests                 Counter32,
    rlRadiusCoAClientInetCoATransactions             Counter32,
    rlRadiusCoAClientInetCoARetransmissions          Counter32,
    rlRadiusCoAClientInetCoAActiveTransactions       Counter32,
    rlRadiusCoAClientInetCoAAckResponses             Counter32,
    rlRadiusCoAClientInetCoANakResponses             Counter32,
    rlRadiusCoAClientInetCoAInvalidRequests          Counter32,
    rlRadiusCoAClientInetCoAErrors                   Counter32,
    rlRadiusCoAClientInetDisconnectRequests          Counter32,
    rlRadiusCoAClientInetDisconnectTransactions      Counter32,
    rlRadiusCoAClientInetDisconnectRetransmissions   Counter32,
    rlRadiusCoAClientInetDisconnectActiveTransactions Counter32,
    rlRadiusCoAClientInetDisconnectAckResponses       Counter32,
    rlRadiusCoAClientInetDisconnectNakResponses       Counter32,
    rlRadiusCoAClientInetDisconnectInvalidRequests    Counter32,
    rlRadiusCoAClientInetDisconnectErrors             Counter32
}

rlRadiusCoAClientInetAverageResponseTime OBJECT-TYPE
    SYNTAX     Unsigned32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
            "Average Ack response time in milliseconds"
    ::= { rlRadiusCoAClientInetCountersEntry 1 }

rlRadiusCoAClientInetCoARequests OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Counts the CoA Requests received from CoA clients"
    ::= { rlRadiusCoAClientInetCountersEntry 2 }

rlRadiusCoAClientInetCoATransactions OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Counts CoA completed transactions. A Completed transaction occurs once the
        Switch send an CoA-ACK or CoA-NAK in response to a CoA-Request from a CoA client"
    ::= { rlRadiusCoAClientInetCountersEntry 3 }

rlRadiusCoAClientInetCoARetransmissions OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Counts received retransmitted CoA Requests. A retransmitted CoA-Requests is a Request in which the Request identifier is identical
       to the identifier of a previous Request"
    ::= { rlRadiusCoAClientInetCountersEntry 4 }

rlRadiusCoAClientInetCoAActiveTransactions OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Transactions that are currently active. An active transaction is a
        transaction in which a CoA-Request from a COA Client has been received but an CoA-ACK or CoA-NAK
        response has not been sent yet. Once an CoA-ACK or CoA-NAK is sent this counter is decremented"
    ::= { rlRadiusCoAClientInetCountersEntry 5 }

rlRadiusCoAClientInetCoAAckResponses OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Counts the number of CoA-Ack responses sent by the switch"
    ::= { rlRadiusCoAClientInetCountersEntry 6 }

rlRadiusCoAClientInetCoANakResponses OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Counts the number of CoA-Nak responses sent by the switch"
    ::= { rlRadiusCoAClientInetCountersEntry 7 }

rlRadiusCoAClientInetCoAInvalidRequests OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Counts invalid CoA-requests received by the switch. An invalid request is one of the following:
        - A Request in which the secret in the Request does not match the Secret configured on the device
        - A Request with no session identifier
        - A Request with an unsupported attribute
        - A Request in which a supported attribute is empty
        - A Request which is discarded because the event-timestamp is not current, or if eventtimestamp is mandatory and received request does not include this attributes"
    ::= { rlRadiusCoAClientInetCountersEntry 8 }

rlRadiusCoAClientInetCoAErrors OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Counts errors upon receiving CoA-Request. An error can be an internal error in which a request cannot be
        processed due to resource issue, or if a secret has not been configured for the CoA client"
    ::= { rlRadiusCoAClientInetCountersEntry 9 }

rlRadiusCoAClientInetDisconnectRequests OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Counts the Disconnect Requests received from CoA clients"
    ::= { rlRadiusCoAClientInetCountersEntry 10 }

rlRadiusCoAClientInetDisconnectTransactions OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Counts Disconnect completed transactions. A Completed transaction occurs once the
        Switch send an Disconnect-ACK or Disconnect-NAK in response to a Disconnect-Request from a CoA client."
    ::= { rlRadiusCoAClientInetCountersEntry 11 }

rlRadiusCoAClientInetDisconnectRetransmissions OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Counts received retransmitted Disconnect Requests. A retransmitted Disconnect-Requests is a Request in which the Request identifier is identical
       to the identifier of a previous Request"
    ::= { rlRadiusCoAClientInetCountersEntry 12 }

rlRadiusCoAClientInetDisconnectActiveTransactions OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Transactions that are currently active. An active transaction is a
        transaction in which a Disconnect-Request from a COA Client has been received but an Disconnect-ACK or Disconnect-NAK
        response has not been sent yet. Once an Disconnect-ACK or Disconnect-NAK is sent this counter is decremented"
    ::= { rlRadiusCoAClientInetCountersEntry 13 }

rlRadiusCoAClientInetDisconnectAckResponses OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Counts the number of Disconnect-Ack responses sent by the switch"
    ::= { rlRadiusCoAClientInetCountersEntry 14 }

rlRadiusCoAClientInetDisconnectNakResponses OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Counts the number of Disconnect-Nak responses sent by the switch"
    ::= { rlRadiusCoAClientInetCountersEntry 15 }

rlRadiusCoAClientInetDisconnectInvalidRequests OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Counts invalid Disconnect-requests received by the switch. An invalid request is one of the following:
        - A Request in which the secret in the Request does not match the Secret configured on the device
        - A Request with no session identifier
        - A Request with an unsupported attribute
        - A Request in which a supported attribute is empty"
    ::= { rlRadiusCoAClientInetCountersEntry 16 }

rlRadiusCoAClientInetDisconnectErrors OBJECT-TYPE
    SYNTAX     Counter32
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
       "Counts errors upon receiving Disconnect-Request. An error can be an internal error in which a request cannot be
        processed due to resource issue, or if a secret has not been configured for the CoA client"
    ::= { rlRadiusCoAClientInetCountersEntry 17 }


--
-- Radius CoA Clear All counters
--

rlRadiusCoAClearCountersAction  OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "To clear Radius CoA counters for all clients."
    DEFVAL  { false }
    ::= { rlRadiusCoA 3 }


--
-- Radius CoA port
--

rlRadiusCoARxUdpPort  OBJECT-TYPE
    SYNTAX INTEGER (0..65535)
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "To define the UDP port used for Radius CoA requests."
    DEFVAL  { 3799 }
    ::= { rlRadiusCoA 4 }

--
-- Radius CoA Client Default Secret Key
--

rlRadiusCoAGlobalKey OBJECT-TYPE
    SYNTAX DisplayString (SIZE(0..128|160))
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "Global Secret key to be shared with this all Radius CoA clients. The key with length of 160 means the key is not set"
    DEFVAL { "" }
    ::= { rlRadiusCoA 5 }

--
-- Radius CoA Client Default Secret Key Digest
--

rlRadiusCoAGlobalKeyDigest OBJECT-TYPE
    SYNTAX OCTET STRING
    MAX-ACCESS read-only
    STATUS current
    DESCRIPTION
        "Global Secret key Digest"
    ::= { rlRadiusCoA 6 }

--
-- Radius CoA Ignore Secret Key
--

rlRadiusCoAIgnoreServerKey OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "To ignore the CoA server-key"
    DEFVAL { false }
    ::= { rlRadiusCoA 7 }

--
-- Radius CoA Event-Timestamp Attribute behavior
--

rlRadiusCoAEventTimeStampDropPacket OBJECT-TYPE
    SYNTAX TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "To configure the device to discard a Packet of Disconnect (POD) Request or Change of
Authorization (CoA) Request that do not include an Event-Timestamp Attribute"
    DEFVAL  { false }
    ::= { rlRadiusCoA 8 }

--
-- Radius CoA behavior for username domain stripping for received PoD and CoA
--

RlRadiusCoAUserNameDomainStrippingType ::= TEXTUAL-CONVENTION
    STATUS  current
    DESCRIPTION
        "Behavior for username domain stripping for received PoD and CoA"
    SYNTAX  INTEGER {
        disable(0),
        leftToRight(1),
        rightToLeft(2)
}


RlRadiusCoAUserNameDomainDelimiter ::= TEXTUAL-CONVENTION
    STATUS  current
    DESCRIPTION
        "To configure the username domain delimitator for received PoD and CoA Requests"
    SYNTAX  INTEGER {
        at(1),
        hyphen(2),
        slash(3),
        backSlash(4),
        hash(5),
        dollar(6),
        percent(7)
}

rlRadiusCoAUserNameDomainStrippingMethod OBJECT-TYPE
    SYNTAX RlRadiusCoAUserNameDomainStrippingType
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "To enable and define the behavior for username domain stripping for received PoD and CoA
Requests"
    DEFVAL  { disable }
    ::= { rlRadiusCoA 9 }

--
-- Radius CoA username domain delimitator for received PoD and CoA Requests
--

rlRadiusCoAUserNameDomainStrippingDelimiter OBJECT-TYPE
    SYNTAX RlRadiusCoAUserNameDomainDelimiter
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "To configure the username domain delimitator for received PoD and CoA Requests"
    DEFVAL  { at }
    ::= { rlRadiusCoA 10 }

--
-- AAAEAP Ignore disable-port command VSA
--

rlAAAEapIgnoreCommandDisablePort OBJECT-TYPE
    SYNTAX     TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "To configure the device to ignore a RADIUS Change of Authorization (CoA) disable port command VSA"
    DEFVAL  { false }
    ::= { rlRadiusCoA 11 }

--
-- AAAEAP Ignore bounce-port command VSA
--

rlAAAEapIgnoreCommandBouncePort OBJECT-TYPE
    SYNTAX     TruthValue
    MAX-ACCESS read-write
    STATUS current
    DESCRIPTION
        "To configure the device to ignore a RADIUS Change of Authorization (CoA) bounce port command VSA"
    DEFVAL  { false }
    ::= { rlRadiusCoA 12 }

END
