 
RC-RADIUS-MIB DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE, Integer32, Counter32, IpAddress, TimeTicks
        FROM SNMPv2-SMI
    TruthValue, RowStatus, DisplayString, MacAddress
        FROM SNMPv2-TC
    SnmpAdminString
        FROM SNMP-FRAMEWORK-MIB
    InterfaceIndex
        FROM IF-MIB
    rcRadius, rcEap
        FROM RAPID-CITY
    PortList
        FROM Q-BRIDGE-MIB
    InetAddressType, InetAddress, InetPortNumber
        FROM INET-ADDRESS-MIB
    radiusDynAuthClientEntry
        FROM RADIUS-DYNAUTH-SERVER-MIB;

rcRadiusMib MODULE-IDENTITY
       LAST-UPDATED     "202011120000Z"
       ORGANIZATION     "Bay Networks, Rapid-City Group"
       CONTACT-INFO     "
                                        Edwin Tsang
                         Postal:        Bay Networks, Inc.
                                        4401 Great America Parkway
                                        Santa Clara, CA 95052-8185

                         Tel:           408-495-6159
                         Fax:           408-495-5215
                         E-mail:        edwin_tsang@baynetworks.com
                        "
       DESCRIPTION      "Enterprise MIB for the Accelar product family."


       REVISION "202011120000Z" -- 12  Nov 2020       
       DESCRIPTION "Version 54: Correct BITS range to start from 0 for rcEapPortTrafficControlOrigin (Oana)"


       REVISION "202011040000Z" -- 04  Nov 2020       
       DESCRIPTION "Version 53: Update range for rcEapMultiHostStatusAceIdList and 
                                rcEapPortRadiusAceIdList. Request by Andreea Rusu (Oana)"

      
       REVISION "202010270000Z" -- 27  Oct 2020       
       DESCRIPTION "Version 52: Add new element : rcEapPortTrafficControlOrigin  (Oana)"



       REVISION "202010090000Z" -- 09  Oct 2020       
       DESCRIPTION "Version 51: Add new elements : rcEapPortRadiusAclId and rcEapPortRadiusAceIdList;
                                                   rcEapMultiHostStatusAclId and rcEapMultiHostStatusAceIdList  (Oana)"


       REVISION "202010090000Z" -- 09  Oct 2020       
       DESCRIPTION "Version 50: Add new elements : rcEapMultiHostStatusIsidSource, rcEapPortRadiusIsidSource    and rcEapPortRadiusNonEapAuthType  (Oana)"


       REVISION "202010090000Z" -- 09  Oct 2020       
       DESCRIPTION "Version 49: Add new elements rcEapGlobalAutoIsidOffset && rcEapGlobalAutoIsidOffsetEnable(Oana)"


       REVISION "202008240000Z" -- 24 August 2020       
       DESCRIPTION "Version 48: Add new elements to RcEapPortEntry(Oana)"


       REVISION "202006160000Z" -- 16 June 2020       
       DESCRIPTION "Version 47: Modify to read-create element :
                                rcRadiusServHostSecureLogLevel(Oana)"

	   REVISION "202006120000Z" -- 12 June 2020       
       DESCRIPTION "Version 46: Modify DisplayString to (SIZE(1..128))
                                for rcRadiusSecureProfileRootCertDestFile
                                rcRadiusSecureProfileCertDestFile and 
                                rcRadiusSecureProfileKeyDestFile.(Oana)"

       REVISION "202005280000Z" -- 28 May 2020
       DESCRIPTION "Version 45: Add rcRadiusGlobalSecureEnable,
                                rcRadiusServHostSecureEnable,
                                rcRadiusServHostSecureMode,
                                rcRadiusServHostSecureProfile,
                                rcRadiusServHostSecureLogLevel,
                                rcRadiusSecureProfileTable
                                Based on 8.1.60.0 MRT check (Prem)"

       REVISION "202005060000Z" -- 6 May 2020
       DESCRIPTION "Version 44: Add rcEapPortAdminTrafficControl
                                and rcEapPortOperTrafficControl.
                                Requested by Andrei Bolojan (Prem)"

       REVISION "202004270000Z" -- 27 Aril 2020
       DESCRIPTION "Version 43: Add rcEapMultihostStatusSwUniBindings
                                and rcEapPortRadiusSwUniBindings.
                                Requested by Viorel Haiciu (Prem)"

       REVISION "202004130000Z" -- 13 Aril 2020
       DESCRIPTION "Version 42: Add rcEapPortFlexUniStatus
                                under rcEapPortTable.
                                Requested by Andrei Bolojan (Prem)"

       REVISION "202004130000Z" -- 13 Aril 2020
       DESCRIPTION "Version 41: Add rcEapPortGuestIsid and rcEapPortFailOpenIsid
                                under rcEapPortTable.
                                Requested by Andrei Bolojan (Prem)"

       REVISION "201908230000Z" -- 23 Aug 2019
       DESCRIPTION "Version 40: Update rcRadiusServHostTimeOut's default value."


       REVISION "201904250000Z" -- 25 Apr 2019
       DESCRIPTION "Version 39:   Added endpointTracking(6) to
				  rcRadiusServHostUsedBy .
                                  (Oana)."

	   
       REVISION "201904240000Z" -- 24 Apr 2019
       DESCRIPTION "Version 38:   Changed rcEapMultiHostStatusPriority to
	   			  rcEapMultihostStatusPriority to match the
				  VOSS software mib definition.
				  Based on what was released on VOSS software
				  (Prem)."
	   
       REVISION "201809280000Z" -- 28 Sep 2018
       DESCRIPTION "Version 37:   Changed the type for:
                                  - rcEapMultiHostStatusVlanId
                                  - rcEapPortRadiusVlanId
                                  from INTEGER (which should have lower/upper
                                  bounds) to Integer32 (azmeu)"
       REVISION "201802150000Z" -- 15 Feb 2018
       DESCRIPTION "Version 36:   Changed configurable intervals for:
				  - rcRadiusServHostTimeOut
				  - rcEapPortMultiHostMaxClients
				  - rcEapPortNonEapMaxClients"	   
       REVISION "201710180000Z" -- 18 Oct 2017
       DESCRIPTION "Version 35:   Chnaged rcEapPortRadiusMacClearPriority to
	                          rcEapPortRadiusMacPriority"	   
       REVISION "201709250000Z" -- 25 September 2017
       DESCRIPTION "Version 34:  added rcEapMultiHostStatusPriority and
	   			 rcEapPortRaidusMacPriority.
				 Requested by Caludiu 
				 Gabriel Mitroi (ppalarapu)"
	   
       REVISION "201704120000Z" -- 12 April 2017
       DESCRIPTION "Version 33:  added rcRadiusNotifications,
	   			 rcRadiusNotificationObjects,
				 rcRadiusEapRAVErrorMacAddress,
				 rcRadiusEapRAVErrorPort,
				 rcRadiusEapServAddressType and
				 rcRadiusEapServAddress.
				 Requested by Alisa Niculescu/Caludiu 
				 Gabriel Mitroi (prempa)"
	   
       REVISION "201703290000Z" -- 29 March 2017
       DESCRIPTION "Version 32:  added rcRadiusSupportedVendorIds"
	   
       REVISION "201703170000Z" -- 17 March 2017
       DESCRIPTION "Version 31: Added the following -
                    rcRadiusDynAuthClientTable,
                    RcRadiusDynAuthClientEntry,
                    rcRadiusDynAuthClientAddressType,
                    rcRadiusDynAuthClientAddress,
                    rcRadiusDynAuthClientUdpPort,
                    rcRadiusDynAuthClientSecret,
                    rcRadiusDynAuthClientEnabled,
                    rcRadiusDynAuthClientRowStatus,
                    rcRadiusDynAuthClientReplayProtection,
                    rcRadiusDynAuthServerRcRequests,
                    rcRadiusDynAuthServerRcAuthOnlyRequests,
                    rcRadiusDynAuthServerRcDupRequests,
                    rcRadiusDynAuthServerRcAcks,
                    rcRadiusDynAuthServerRcNacks,
                    rcRadiusDynAuthServerRcNacksAuthOnlyRequests,
                    rcRadiusDynAuthServerRcNacksNoSess,
                    rcRadiusDynAuthServerRcSessReauthenticated,
                    rcRadiusDynAuthServerRcMalformed,
                    rcRadiusDynAuthServerRcDropped,
                    rcRadiusDynAuthServerRcBadAuths"

       REVISION "201703130000Z" -- 13 March 2017
       DESCRIPTION "Version 30: Change range of rcEapPortMultiHostMaxClients
                     from 0..32 to 1..32"

       REVISION "201701050000Z" -- 5 January 2017
       DESCRIPTION "Version 29: Added rcRadiusReachability,
	   			rcRadiusReachabilityUserName,
				rcRadiusReachabilityPassword,
				rcRadiusReachabilityUnreachableTimer,
				rcRadiusReachabilityKeepAliveTimer
				in rcRadiusGlobal.
				Requested by Bogdan Alexandrescu (prempa)."

       REVISION "201609260000Z" -- 26 September 2016
       DESCRIPTION "Version 28: Added the following -
                     rcEapPortEapMaxClients,
                     rcEapPortMultiHostSingleAuthEnabled,
                     rcEapPortAllowDhcpPhones,
                     rcEapPortEapPacketMode,
                     rcEapPortProcessRadiusCOAPackets,
                     rcEapPortFailOpenVlanId,
                     rcEapPortFailOpenVlanUBP,
                     rcEapPortCloneSettingsAction,
                     rcEapPortCloneSettingsDestPortList in rcEapPortTable
                     Change description and range for rcEapPortGuestVlanId
                     from 0..4000 to 0..4096
                     Change description and range for rcEapPortNonEapMaxClients
                     from 1..8 to 0..32"

       REVISION "201605020000Z" -- 02 May 2016
       DESCRIPTION "Version 27: Added rcRadiusIpsecEnable"

       REVISION "201506290000Z" -- 29 June 2015
       DESCRIPTION "Version 26: Added rcEapPortRadiusMacClear in
	   			RcEapPortRadiusMacEntry"

       REVISION "201506180000Z" -- 18 June 2015
       DESCRIPTION "Version 25: Added rcEapPortRadiusMacClear,
	                              rcEapGlobalClearNonEap"

       REVISION "201503310000Z" -- 31 March 2015
       DESCRIPTION "Version 24: Added held (6) and authenticating(7) to
	                        rcEapPortRadiusMacStatus"

       REVISION "201412110000Z" -- 11 December 2014
       DESCRIPTION "Version 23: Added the following -
	   	     rcEapGlobalNonEapRadiusPwdAttrFmt,
		     rcEapGlobalNonEapRadiusPwdAttrKeyString,
		     rcEapPortStatus in rcEapPortTable,
		     rcEapMultiHostStatusVlanId in rcEapMultiHostStatusTable,
		     rcEapPortRadiusVlanId in rcEapPortRadiusMacTable.
		     Changed the range of rcEapPortMultiHostMaxClients
		     from 1..8 to 0..32.
		     Added the value unauthenticated(10) to
		     rcEapMultiHostStatusPaeState
		     Changes requested by Nithin Prabhu for EAPOL and NEAP
		     enhancements, submit 22049 (Prem)"

       REVISION "201105130000Z" -- 13 May 2011
       DESCRIPTION "Version 22: Added rcRadiusServHostTable"

       REVISION "201009140000Z" -- 14 September 2010
       DESCRIPTION "Version 21: Added web(5) to rcRadiusServUsedBy."

       REVISION "200907140000Z" -- 14 Jul 2009
       DESCRIPTION "Version 20: Added rcEapGlobalNonEapIpAddrEnable, rcEapGlobalNonEapMacAddrEnable
                                                         and rcEapGlobalNonEapPortNumEnable ."
       REVISION "200706270000Z" -- 27 Jun 2007
       DESCRIPTION "Version 19: Changed the range for rcRadiusServerSecretKey from 20 to 32"
       REVISION "200601030000Z" -- 03 Jan 2006
       DESCRIPTION "Version 18: Added rcRadiusPaePortNumber and
                                rcRadiusEapLastAuthMac."

       REVISION "200512120000Z" -- 12 Dec 2005
       DESCRIPTION "Version 17: Added rcRadiusEapLastRejMac under rcRadiusGlobalSnmp"
       REVISION "200505230000Z" -- 23 May 2005
       DESCRIPTION "Version 16: Added rcEapPortShutDownOnIntrusion"
       REVISION "200505170000Z" -- 17 May 2005
       DESCRIPTION "Version 15: Updated the description for rcEapGlobalRadDiscardFilterAgeout"
       REVISION "200505161800Z" -- 16 May 2005
       DESCRIPTION "Version 14: Updated the DEF value for rcEapGlobalRadDiscardFilterAgeout"
       REVISION "200505160000Z" -- 16 May 2005
       DESCRIPTION "Version 13: Updated rcEapGlobalRadDiscardFilterAgeout"
       REVISION "200505060000Z" -- 06 May 2005
       DESCRIPTION "Version 12: Added rcEapPortRadiusMacTable & rcEapGlobalRadDiscardFilterAgeout"
       REVISION "200501241200Z" -- 24 January 2005
       DESCRIPTION "Version 11: Updated the desc field of rcEapGlobalRadAuthNonEapClients"
       REVISION "200501130000Z" -- 13 January 2005
       DESCRIPTION "Version 10: Added rcEapGlobalRadAuthNonEapClients and rcEapPortRadAuthNonEapClients mibs"
       REVISION "200501040000Z" -- 04 January 2005
       DESCRIPTION "Version 9: Added rcRadiusServSourceIpAddr under Sequence of RcRadiusServEntry "
       REVISION "200412240000Z" -- 24 December 2004
       DESCRIPTION "Version 8: Added rcRadiusServSourceIpAddr "
       REVISION "200409300000Z" -- 30 Sept 2004
       DESCRIPTION "Version 7: Change the range rcEapPortGuestVlanId start from 0.
                             : Import SnmpAdminString, MacAddress, InterfaceIndex type"
       REVISION "200409230000Z" -- 23 Sept 2004
       DESCRIPTION "Version 6: Added rcEapGlobalGuestVlanEnable, rcEapGlobalGuestVlanId , rcEapPortTable, rcEapPortAllowedMacTable, rcEapMultiHostStatusTable, rcEapMultiHostSessionStatsTable mib"
       REVISION "200409080000Z" -- 08 Sept 2004
       DESCRIPTION "Version 5: Added rcRadiusGlobalCliCmdCount mib"
       REVISION "200407200000Z" -- 20 July 2004
       DESCRIPTION "Version 4: Added version info"

       ::= { rcRadius 0 }

-- Radius Group
-- Radius Global Infomation

rcRadiusGlobal   OBJECT IDENTIFIER       ::= { rcRadius 1 }

rcRadiusGlobalEnable OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Enable/disable this feature."
	DEFVAL 	      { false }
        ::= { rcRadiusGlobal 1 }

rcRadiusGlobalMaxNumberServer OBJECT-TYPE
        SYNTAX        INTEGER (1..10)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Maximum number of RADIUS servers."
	DEFVAL 	      { 10 }
        ::= { rcRadiusGlobal 2 }

rcRadiusGlobalAttributeValue OBJECT-TYPE
        SYNTAX        INTEGER (192..240)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Integer value for Access-Priority attribute."
        DEFVAL        { 192 }
        ::= { rcRadiusGlobal 3 }

rcRadiusGlobalServerTableSize OBJECT-TYPE
        SYNTAX          Integer32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "Used to indicate the number of entries in the
                        rcRadiusServerTable."
        ::= { rcRadiusGlobal 4 }

rcRadiusGlobalAcctEnable OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Enable/disable Radius Accounting feature."
        DEFVAL        { false }
        ::= { rcRadiusGlobal 5 }

rcRadiusGlobalAcctAttributeValue OBJECT-TYPE
        SYNTAX        INTEGER (192..240)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Integer value for User-Command attribute."
        DEFVAL        { 193 }
        ::= { rcRadiusGlobal 6 }

rcRadiusGlobalAcctIncludeCli OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Include/Exclude cli-commands in radius
                       acccounting updates."
        DEFVAL        { false }
        ::= { rcRadiusGlobal 7 }

rcRadiusGlobalClearStat OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Clear Radius Statistic for all servers
                       configured."
        DEFVAL        { false }
        ::= { rcRadiusGlobal 8 }

rcRadiusGlobalMcastAttributeValue OBJECT-TYPE
        SYNTAX        INTEGER (0..255)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Integer value for multicast address vendor
                       specific attribute."
        DEFVAL        { 90 }
        ::= { rcRadiusGlobal 9 }

rcRadiusGlobalAuthInfoAttributeValue OBJECT-TYPE
        SYNTAX        INTEGER (0..255)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Integer value for Auth-Info vendor specific attribute."
        DEFVAL        { 91 }
        ::= { rcRadiusGlobal 10 }

rcRadiusGlobalCommandAccess OBJECT-TYPE
        SYNTAX        INTEGER (192..240)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Integer value for Command-Access attribute."
        DEFVAL        { 194 }
        ::= { rcRadiusGlobal 11 }

rcRadiusGlobalCliCommands OBJECT-TYPE
        SYNTAX        INTEGER (192..240)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Integer value for Cli-Command attribute."
        DEFVAL        { 195 }
        ::= { rcRadiusGlobal 12 }

rcRadiusGlobalIgapLogFSize OBJECT-TYPE
        SYNTAX        INTEGER (50..8192)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Maximum size for the IGAP accounting time-out
                       log file in KB."
        DEFVAL        { 512 }
        ::= { rcRadiusGlobal 13 }

rcRadiusGlobalCliProfEnable OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Enable/disable Radius CLI Profiling."
        DEFVAL        { false }
        ::= { rcRadiusGlobal 14 }

rcRadiusGlobalAuthInvalidServerAddress OBJECT-TYPE
        SYNTAX        Counter32
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Number of Access Responses from unknown or
                       invalid Radius servers."
        ::= { rcRadiusGlobal 15 }

rcRadiusGlobalSourceIpFlag OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Flag to include configured IP address as source
                       address in RADIUS packets."
        DEFVAL        { false }
        ::= { rcRadiusGlobal 16 }

rcRadiusGlobalIgapPasswdAttr OBJECT-TYPE
        SYNTAX        INTEGER {
                         standard(1),
                         authinfo(2)
                      }
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "When this variable is set to standard(1), password in
                       IGAP join request is sent in standard RADIUS password
                       attribute. When set to authinfo(2), the password is
                       encoded in Auth-Info attribute."
        DEFVAL        { standard }
        ::= { rcRadiusGlobal 17 }

rcRadiusGlobalCliCmdCount OBJECT-TYPE
        SYNTAX        INTEGER (1..40)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Integer value for Cli-Command-count."
        DEFVAL        { 40 }
        ::= { rcRadiusGlobal 18 }

rcRadiusIpsecEnable  OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Flag to enable IPSEC on RADIUS packets."
        DEFVAL        { false }
        ::= { rcRadiusGlobal 19 }

rcRadiusReachability OBJECT-TYPE
        SYNTAX        INTEGER {
                         useStatusServerPackets(1),
                         useDummyRadiusRequests(2)
		      }
        MAX-ACCESS    read-write
	STATUS        current
	DESCRIPTION   "Select the method used to test RADIUS server reachablity."
	DEFVAL        { useStatusServerPackets }
	::= { rcRadiusGlobal 20 }

rcRadiusReachabilityUserName OBJECT-TYPE
    	SYNTAX        DisplayString (SIZE (1..16))
	MAX-ACCESS    read-write
	STATUS        current
	DESCRIPTION   "The username used for the RADIUS server reachability useDummyRadiusRequests option."
	DEFVAL        { "avaya" }
	::= { rcRadiusGlobal 21 }

rcRadiusReachabilityPassword OBJECT-TYPE
    	SYNTAX        DisplayString (SIZE (1..16))
	MAX-ACCESS    read-write
	STATUS        current
	DESCRIPTION   "The password used for the RADIUS server reachability useDummyRadiusRequests option."
	DEFVAL        { "avaya" }
	::= { rcRadiusGlobal 22 }

rcRadiusReachabilityUnreachableTimer OBJECT-TYPE
    	SYNTAX        Integer32 (30..600)
	UNITS         "seconds"
    	MAX-ACCESS    read-write
	STATUS        current
	DESCRIPTION   "This object specifies the interval between checks when the RADIUS server is unreachable."
	DEFVAL { 60 }
	::= { rcRadiusGlobal 23 }

rcRadiusReachabilityKeepAliveTimer OBJECT-TYPE
    	SYNTAX        Integer32 (30..600)
	UNITS         "seconds"
        MAX-ACCESS    read-write
	STATUS        current
	DESCRIPTION   "This object specifies the interval between checks when the RADIUS server is reachable."
	DEFVAL { 180 }
	::= { rcRadiusGlobal 24 }
    
rcRadiusSupportedVendorIds OBJECT-TYPE
        SYNTAX        DisplayString (SIZE (1..16))
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "This object specifies the supported radius vendor ids." 
        DEFVAL        { "562,1584" }
        ::= { rcRadiusGlobal 25 }       

rcRadiusGlobalSecureEnable OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Enable/disable Radius Secure feature."
        DEFVAL        { false }
        ::= { rcRadiusGlobal 26 }

-- Radius Server Table Infomation

rcRadiusServerTable OBJECT-TYPE
        SYNTAX        SEQUENCE OF RcRadiusServerEntry
        MAX-ACCESS    not-accessible
        STATUS        deprecated
        DESCRIPTION   "The RADIUS table (0 to 10 entries).  This
                      table lists the information of the RADIUS server."
        ::= { rcRadius 2 }

rcRadiusServerEntry OBJECT-TYPE
        SYNTAX        RcRadiusServerEntry
        MAX-ACCESS    not-accessible
        STATUS        deprecated
        DESCRIPTION   "A RADIUS server table entry."
        INDEX         { rcRadiusServerAddress}
        ::= { rcRadiusServerTable 1 }

RcRadiusServerEntry ::=
        SEQUENCE {
                rcRadiusServerPriority            INTEGER,
                rcRadiusServerAddress             IpAddress,
                rcRadiusServerTimeOut             INTEGER,
                rcRadiusServerEnable              TruthValue,
                rcRadiusServerMaxRetries          INTEGER,
                rcRadiusServerUdpPort             INTEGER,
                rcRadiusServerSecretKey           DisplayString,
                rcRadiusServerAccessRequests      Counter32,
                rcRadiusServerAccessAccepts       Counter32,
                rcRadiusServerAccessRejects       Counter32,
                rcRadiusServerBadResponses        Counter32,
                rcRadiusServerPendingRequests     Counter32,
                rcRadiusServerClientRetries       Counter32,
                rcRadiusServerRowStatus           RowStatus,
                rcRadiusServerAcctEnable          TruthValue,
                rcRadiusServerAcctUdpPort         INTEGER,
                rcRadiusServerAcctOnRequests      Counter32,
                rcRadiusServerAcctOffRequests     Counter32,
                rcRadiusServerAcctStartRequests   Counter32,
                rcRadiusServerAcctStopRequests    Counter32,
                rcRadiusServerAcctInterimRequests Counter32,
                rcRadiusServerAcctBadResponses    Counter32,
                rcRadiusServerAcctPendingRequests Counter32,
                rcRadiusServerAcctClientRetries   Counter32

        }

rcRadiusServerPriority OBJECT-TYPE
        SYNTAX        INTEGER (1..10)
        MAX-ACCESS    read-write
        STATUS        deprecated
        DESCRIPTION   "Server priority, used to control which server to choose
                       first to send authentication."
	DEFVAL 	      { 10 }
        ::= { rcRadiusServerEntry 1 }

rcRadiusServerAddress OBJECT-TYPE
        SYNTAX        IpAddress
        MAX-ACCESS    read-write
        STATUS        deprecated
        DESCRIPTION   "Server IP address of the RADIUS authentication server
                       referred to in this table entry."
        ::= { rcRadiusServerEntry 2 }

rcRadiusServerTimeOut OBJECT-TYPE
        SYNTAX        INTEGER (1..10)
        MAX-ACCESS    read-write
        STATUS        deprecated
        DESCRIPTION   "The time interval in seconds before the client
                       retransmit the packet."
	DEFVAL 	      { 3 }
        ::= { rcRadiusServerEntry 3 }

rcRadiusServerEnable  OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        deprecated
        DESCRIPTION   "Enable or disable this server."
	DEFVAL 	      { true }
        ::= { rcRadiusServerEntry 4 }

rcRadiusServerMaxRetries OBJECT-TYPE
        SYNTAX        INTEGER (1..6)
        MAX-ACCESS    read-write
        STATUS        deprecated
        DESCRIPTION   "Maximum number of retransmissions."
	DEFVAL 	      { 3 }
        ::= { rcRadiusServerEntry 5 }

rcRadiusServerUdpPort OBJECT-TYPE
        SYNTAX        INTEGER (1..65536)
        MAX-ACCESS    read-write
        STATUS        deprecated
        DESCRIPTION   "The UDP port the client is using to send requests
                       to this server."
	DEFVAL 	      { 1812 }
        ::= { rcRadiusServerEntry 6 }

rcRadiusServerSecretKey OBJECT-TYPE
        SYNTAX        DisplayString (SIZE (0..32))
        MAX-ACCESS    read-write
        STATUS        deprecated
        DESCRIPTION   "The identifier of the RADIUS authentication client."
        ::= { rcRadiusServerEntry 7 }

rcRadiusServerAccessRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          deprecated
        DESCRIPTION     "The number of RADIUS access-response packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServerEntry 8 }

rcRadiusServerAccessAccepts OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          deprecated
        DESCRIPTION     "The number of RADIUS access-accept packets (valid or
                         invalid) received from this server."
        ::= { rcRadiusServerEntry 9 }

rcRadiusServerAccessRejects OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          deprecated
        DESCRIPTION     "The number of RADIUS access-reject packets (valid or
                         invalid) received from this server."
        ::= { rcRadiusServerEntry 10 }

rcRadiusServerBadResponses OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          deprecated
        DESCRIPTION     "The number of RADIUS invalid access-response packets
                         received from this server."
        ::= { rcRadiusServerEntry 11 }

rcRadiusServerPendingRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          deprecated
        DESCRIPTION     "The number of RADIUS access-request packets destined
                         for this server that have not yet timed out or
                         received a response. This variable is incremented
                         when an access-request is sent and decremented due
                         to receipt of an access-accept, access-reject, a
                         timeout or retransmission."
        ::= { rcRadiusServerEntry 12 }

rcRadiusServerClientRetries OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          deprecated
        DESCRIPTION     "The number of authentication retransmission to
                         this server."
        ::= { rcRadiusServerEntry 13 }

rcRadiusServerRowStatus OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-write
        STATUS        deprecated
        DESCRIPTION   "Used to create/delete entries."
        ::= { rcRadiusServerEntry 14 }

rcRadiusServerAcctEnable OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        deprecated
        DESCRIPTION   "Enable or disable Radius Accounting on this server."
        DEFVAL        { true }
        ::= { rcRadiusServerEntry 15 }

rcRadiusServerAcctUdpPort OBJECT-TYPE
        SYNTAX        INTEGER (1..65536)
        MAX-ACCESS    read-write
        STATUS        deprecated
        DESCRIPTION   "The UDP port the client used to send accounting
                       requests to this server."
        DEFVAL        { 1813 }
        ::= { rcRadiusServerEntry 16 }

rcRadiusServerAcctOnRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          deprecated
        DESCRIPTION     "The number of RADIUS accounting-on packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServerEntry 17 }

rcRadiusServerAcctOffRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          deprecated
        DESCRIPTION     "The number of RADIUS accounting-off packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServerEntry 18 }

rcRadiusServerAcctStartRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          deprecated
        DESCRIPTION     "The number of RADIUS accounting-start packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServerEntry 19 }


rcRadiusServerAcctStopRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          deprecated
        DESCRIPTION     "The number of RADIUS accounting-stop packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServerEntry 20 }

rcRadiusServerAcctInterimRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          deprecated
        DESCRIPTION     "The number of RADIUS accounting-interim packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServerEntry 21 }

rcRadiusServerAcctBadResponses OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          deprecated
        DESCRIPTION     "The number of Invalid responses received from this
                         server."
        ::= { rcRadiusServerEntry 22 }

rcRadiusServerAcctPendingRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          deprecated
        DESCRIPTION     "The number of RADIUS accounting packets that are waiting
                         be sent to this server. This variable is incremented
                         whenever any accounting-request is sent to this server and
                         decremented when an acknowledgement is received or timeout
                         occurs."
        ::= { rcRadiusServerEntry 23 }

rcRadiusServerAcctClientRetries OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          deprecated
        DESCRIPTION     "The number of RADIUS accounting packets retransmitted
                         to this server."
        ::= { rcRadiusServerEntry 24 }


-- Radius Serv Table

rcRadiusServTable OBJECT-TYPE
        SYNTAX        SEQUENCE OF RcRadiusServEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "The RADIUS table (0 to 10 entries).  This
                      table lists the information of the RADIUS server."
        ::= { rcRadius 3 }

rcRadiusServEntry OBJECT-TYPE
        SYNTAX        RcRadiusServEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "A RADIUS server table entry."
        INDEX         { rcRadiusServAddress, rcRadiusServUsedBy }
        ::= { rcRadiusServTable 1 }

RcRadiusServEntry ::=
        SEQUENCE {
                rcRadiusServPriority            INTEGER,
                rcRadiusServAddress             IpAddress,
                rcRadiusServTimeOut             INTEGER,
                rcRadiusServEnable              TruthValue,
                rcRadiusServMaxRetries          INTEGER,
                rcRadiusServUdpPort             INTEGER,
                rcRadiusServSecretKey           DisplayString,
                rcRadiusServAccessRequests      Counter32,
                rcRadiusServAccessAccepts       Counter32,
                rcRadiusServAccessRejects       Counter32,
                rcRadiusServBadResponses        Counter32,
                rcRadiusServPendingRequests     Counter32,
                rcRadiusServClientRetries       Counter32,
                rcRadiusServRowStatus           RowStatus,
                rcRadiusServAcctEnable          TruthValue,
                rcRadiusServAcctUdpPort         INTEGER,
                rcRadiusServAcctOnRequests      Counter32,
                rcRadiusServAcctOffRequests     Counter32,
                rcRadiusServAcctStartRequests   Counter32,
                rcRadiusServAcctStopRequests    Counter32,
                rcRadiusServAcctInterimRequests Counter32,
                rcRadiusServAcctBadResponses    Counter32,
                rcRadiusServAcctPendingRequests Counter32,
                rcRadiusServAcctClientRetries   Counter32,
                rcRadiusServUsedBy              INTEGER,
                rcRadiusServNasIpAddress        IpAddress,
                rcRadiusServRoundTripTime       DisplayString,
                rcRadiusServAccessChallanges    Counter32,
                rcRadiusServSourceIpAddr        IpAddress
        }

rcRadiusServPriority OBJECT-TYPE
        SYNTAX        INTEGER (1..10)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Server priority, used to control which server to choose
                       first to send authentication."
	DEFVAL 	      { 10 }
        ::= { rcRadiusServEntry 1 }

rcRadiusServAddress OBJECT-TYPE
        SYNTAX        IpAddress
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Server IP address of the RADIUS authentication server
                       referred to in this table entry."
        ::= { rcRadiusServEntry 2 }

rcRadiusServTimeOut OBJECT-TYPE
        SYNTAX        INTEGER (1..10)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The time interval in seconds before the client
                       retransmit the packet."
	DEFVAL 	      { 3 }
        ::= { rcRadiusServEntry 3 }

rcRadiusServEnable  OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Enable or disable this server."
	DEFVAL 	      { true }
        ::= { rcRadiusServEntry 4 }

rcRadiusServMaxRetries OBJECT-TYPE
        SYNTAX        INTEGER (0..6)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Maximum number of retransmissions."
	DEFVAL 	      { 1 }
        ::= { rcRadiusServEntry 5 }

rcRadiusServUdpPort OBJECT-TYPE
        SYNTAX        INTEGER (1..65536)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The UDP port the client is using to send requests
                       to this server."
	DEFVAL 	      { 1812 }
        ::= { rcRadiusServEntry 6 }

rcRadiusServSecretKey OBJECT-TYPE
        SYNTAX        DisplayString (SIZE (0..20))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The identifier of the RADIUS authentication client."
        ::= { rcRadiusServEntry 7 }

rcRadiusServAccessRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS access-response packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServEntry 8 }

rcRadiusServAccessAccepts OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS access-accept packets (valid or
                         invalid) received from this server."
        ::= { rcRadiusServEntry 9 }

rcRadiusServAccessRejects OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS access-reject packets (valid or
                         invalid) received from this server."
        ::= { rcRadiusServEntry 10 }

rcRadiusServBadResponses OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS invalid access-response packets
                         received from this server."
        ::= { rcRadiusServEntry 11 }

rcRadiusServPendingRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS access-request packets destined
                         for this server that have not yet timed out or
                         received a response. This variable is incremented
                         when an access-request is sent and decremented due
                         to receipt of an access-accept, access-reject, a
                         timeout or retransmission."
        ::= { rcRadiusServEntry 12 }

rcRadiusServClientRetries OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of authentication retransmission to
                         this server."
        ::= { rcRadiusServEntry 13 }

rcRadiusServRowStatus OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Used to create/delete entries."
        ::= { rcRadiusServEntry 14 }

rcRadiusServAcctEnable OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Enable or disable Radius Accounting on this server."
        DEFVAL        { true }
        ::= { rcRadiusServEntry 15 }

rcRadiusServAcctUdpPort OBJECT-TYPE
        SYNTAX        INTEGER (1..65536)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The UDP port the client used to send accounting
                       requests to this server."
        DEFVAL        { 1813 }
        ::= { rcRadiusServEntry 16 }

rcRadiusServAcctOnRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS accounting-on packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServEntry 17 }

rcRadiusServAcctOffRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS accounting-off packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServEntry 18 }

rcRadiusServAcctStartRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS accounting-start packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServEntry 19 }


rcRadiusServAcctStopRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS accounting-stop packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServEntry 20 }

rcRadiusServAcctInterimRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS accounting-interim packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServEntry 21 }

rcRadiusServAcctBadResponses OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of Invalid responses received from this
                         server."
        ::= { rcRadiusServEntry 22 }

rcRadiusServAcctPendingRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS accounting packets that are waiting
                         be sent to this server. This variable is incremented
                         whenever any accounting-request is sent to this server and
                         decremented when an acknowledgement is received or timeout
                         occurs."
        ::= { rcRadiusServEntry 23 }

rcRadiusServAcctClientRetries OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS accounting packets retransmitted
                         to this server."
        ::= { rcRadiusServEntry 24 }

rcRadiusServUsedBy OBJECT-TYPE
        SYNTAX        INTEGER {
                         cli(1),
                         igap(2),
                         snmp(3),
                         eap(4),
                         web(5)
                      }
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "cli(1): for cli login, igap(2): for igap,snmp(3):
                       for snmp login, eap(4): for EAP PAE Authenticator,
                       web(5): for web-server(http/https) login."
        ::= { rcRadiusServEntry 25 }

rcRadiusServNasIpAddress OBJECT-TYPE
        SYNTAX          IpAddress
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "RADIUS Client NAS Identifier for this server."
        ::= { rcRadiusServEntry 26 }

rcRadiusServRoundTripTime OBJECT-TYPE
        SYNTAX          DisplayString (SIZE(0..20))
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "Time different between the instance when
                         a RADIUS request is sent and the
                         corresponding response is received."
        ::= { rcRadiusServEntry 27 }

rcRadiusServAccessChallanges OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS access-challanges packets
                         sent to this server. This does not include
                         retransmission."
        ::= { rcRadiusServEntry 28 }

rcRadiusServSourceIpAddr OBJECT-TYPE
        SYNTAX          IpAddress
        MAX-ACCESS      read-write
        STATUS          current
        DESCRIPTION     "source IP address RADIUS packets."
        ::= { rcRadiusServEntry 29 }



rcRadiusGlobalSnmp   OBJECT IDENTIFIER       ::= { rcRadius 4 }

rcRadiusGlobalSnmpEnable OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Enable/disable snmp radius authentication."
	       DEFVAL        { false }
        ::= { rcRadiusGlobalSnmp 1 }

rcRadiusGlobalSnmpAcctEnable OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Enable/disable Radius Accounting for SNMP."
	       DEFVAL        { false }
        ::= { rcRadiusGlobalSnmp 2 }

rcRadiusGlobalSnmpReAuthenticateTimer OBJECT-TYPE
        SYNTAX        INTEGER (30..65535)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Integer value representing Re-Authenticate
                       Timer in seconds. Timer to be used to Re-
                       Authenticate a SNMP Session."
        DEFVAL        { 180 }
        ::= { rcRadiusGlobalSnmp 3 }

rcRadiusGlobalSnmpAbortSessionTimer OBJECT-TYPE
        SYNTAX        INTEGER (30..65535)
        MAX-ACCESS      read-write
        STATUS          current
        DESCRIPTION   "Integer value representing the time in seconds
                       after which the snmp session is considered
                       expired and Radius Accounting Stop message
                       is sent."
        DEFVAL        { 180 }
        ::= { rcRadiusGlobalSnmp 4 }

rcRadiusGlobalSnmpUserName OBJECT-TYPE
        SYNTAX        DisplayString (SIZE(0..20))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "User name for Radius SNMP Accounting."
        ::= { rcRadiusGlobalSnmp 5 }

rcRadiusEapLastRejMac OBJECT-TYPE
        SYNTAX        MacAddress
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Used to store the Last Rejected MAC address on an
                       EAP enabled port."
        ::= { rcRadiusGlobalSnmp 6 }

rcRadiusPaePortNumber OBJECT-TYPE
        SYNTAX        InterfaceIndex
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Used to store the Port Number on which a MAC
                       intrusion occurred."
        ::= { rcRadiusGlobalSnmp 7 }

rcRadiusEapLastAuthMac OBJECT-TYPE
        SYNTAX        MacAddress
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION   "Used to store the Last Authenticated MAC address
                       on an EAP enabled port."
        ::= { rcRadiusGlobalSnmp 8 }


-- EAP properietary group
-- EAP Global Info


rcEapGlobal    OBJECT IDENTIFIER ::= { rcEap 1 }

rcEapGlobalRadAcctEnable OBJECT-TYPE
     SYNTAX       TruthValue
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "Indicates whether EAP Sessions need to be
                   Accounted with a RADIUS server. When this
                   value is TRUE, device attempts to send
                   RADIUS Accounting-Start and Accounting-Stop
                   requests upon 802.1x user login and logoff
                   respectively."
     ::= { rcEapGlobal 1 }

rcEapGlobalClearStats  OBJECT-TYPE
     SYNTAX       TruthValue
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "When the value of this variable is set to
                   TRUE, all the EAPOL (8021x) related statistics
                   will be reset."
     ::= { rcEapGlobal 2 }

rcEapGlobalGuestVlanEnable OBJECT-TYPE
     SYNTAX       TruthValue
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "When this variable is set to TRUE, EAPoL Guest Vlan
                   feature will be enabled globally"
     DEFVAL       { false }
     ::= { rcEapGlobal 3 }

rcEapGlobalGuestVlanId OBJECT-TYPE
     SYNTAX       INTEGER (1..4000)
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "A value representing the VLAN to be used as a Global Guest
                   VLAN. When corresponding value is not specified at the
                   port level, supplicants are granted access to the network
                   through this VLAN before they are authenticated."
     ::= { rcEapGlobal 4 }

rcEapGlobalRadAuthNonEapClients OBJECT-TYPE
     SYNTAX       TruthValue
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "When this variable is set to TRUE, Radius Mac
                   Centralization feature will be enabled globally"
     DEFVAL       { false }
     ::= { rcEapGlobal 5 }

     rcEapGlobalRadDiscardFilterAgeout OBJECT-TYPE
     SYNTAX       Integer32 (5..3600)
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "Age out period for pending non-eap-macs due to server timeout or unreachable"
     DEFVAL       { 10 }
     ::= { rcEapGlobal 6 }

rcEapGlobalNonEapIpAddrEnable OBJECT-TYPE
     SYNTAX       TruthValue
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "When this variable is set to TRUE, Non-Eap password ip
                   address component will be enabled globally"
     DEFVAL       { true }
     ::= { rcEapGlobal 7 }

rcEapGlobalNonEapMacAddrEnable OBJECT-TYPE
     SYNTAX       TruthValue
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "When this variable is set to TRUE, Non-Eap password mac
                   address component will be enabled globally"
     DEFVAL       { true }
     ::= { rcEapGlobal 8 }

rcEapGlobalNonEapPortNumEnable OBJECT-TYPE
     SYNTAX       TruthValue
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "When this variable is set to TRUE, Non-Eap password port
                   number component will be enabled globally"
     DEFVAL       { true }
     ::= { rcEapGlobal 9 }

rcEapGlobalNonEapRadiusPwdAttrFmt OBJECT-TYPE
     SYNTAX       BITS {
                    ipAddr(0),
                    macAddr(1),
                    portNumber(2),
                    padding(3)
                  }
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "This object controls the format of the RADIUS password
	 	   attribute that is included in requests to the RADIUS
		   server for authenticating non-EAP clients (MAC addresses).

		   If the ipAddr(0) bit is set, the password attribute will
		   contain the switch's IP address encoded as a string of
		   four 3-digit 0-padded integers. For example, the encoding
		   for the IP address 47.80.225.1 would be '047080225001'.

		   If the macAddr(1) bit is set, the password attribute will
		   contain the MAC address to be authenticated as a string of
		   six 2-digit hex numbers. For example, the MAC address
		   00:08:01:0a:33:34 would be encoded as '0008010a3334'.

		   If the portNumber(2) bit is set, the password attribute
		   will contain the port number on which the MAC address was
		   seen, encoded as a string of two 2-digit 0-padded integers.
		   The first integer is the unit/slot number, and the second
		   number is the port number on that unit/slot. For a
		   standalone unit, the unit/slot number will be 0. For
		   example, the encoding for unit/port 1/23 would be '0123',
		   and the encoding for port 7 on a standalone stackable
		   unit would be '0007'.

		   If the padding(3) bit is set, then the fields in the
		   password attribute will be separated by a . character.

		   By default, all the fields bit values will be set."
     ::= { rcEapGlobal 10 }

rcEapGlobalNonEapRadiusPwdAttrKeyString   OBJECT-TYPE
     SYNTAX        DisplayString (SIZE (0..32))
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION   "Key string used in the password format for Non-Eap RADIUS
	 	    authentication. If the key string is configured, the
		    password attribute will be <ipaddress>.<mac-address>.
		    <port>.<key-string>.
		    If No key string is configured, then the password
		    attribute will not contain key string."
     ::= { rcEapGlobal 11 }

rcEapGlobalClearNonEap   OBJECT-TYPE
     SYNTAX         TruthValue
     MAX-ACCESS	    read-write
     STATUS	    current
     DESCRIPTION    "When the value of this variable is set to
	 	     TRUE, all the Non-EAPOL Mac sessions on port
		     will be cleared."
     ::= { rcEapGlobal 12 }


rcEapGlobalAutoIsidOffset OBJECT-TYPE
    SYNTAX         INTEGER (0..15995903)
    MAX-ACCESS     read-write
    STATUS         current
    DESCRIPTION
        "Offset is a global parameter used to calculate I-SID value for a switched UNI, when no
         I-SID value is provided by RADIUS. The ISID value will be calculated like this: offset + VLAN ID"
    DEFVAL         { 15980000 }
    ::= { rcEapGlobal 13 }

rcEapGlobalAutoIsidOffsetEnable OBJECT-TYPE
    SYNTAX         TruthValue
    MAX-ACCESS     read-write
    STATUS         current
    DESCRIPTION    "Global enable/disable value for EAP auto isid offset"
    DEFVAL         { false }
    ::= { rcEapGlobal 14 }


rcEapPortTable OBJECT-TYPE
     SYNTAX        SEQUENCE OF RcEapPortEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION   "EAP properietery table for port level commands"
     ::= { rcEap 2 }

rcEapPortEntry OBJECT-TYPE
     SYNTAX        RcEapPortEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION   "Entry containing the EAP properietry configuration
                    information at the port level."
     INDEX         { rcEapPortIndex }
     ::= { rcEapPortTable 1 }

RcEapPortEntry ::= SEQUENCE {
     rcEapPortIndex               InterfaceIndex,
     rcEapPortGuestVlanEnable     TruthValue,
     rcEapPortGuestVlanId         INTEGER,
     rcEapPortMultiHostEnable     TruthValue,
     rcEapPortMultiHostMaxClients INTEGER,
     rcEapPortAllowNonEapHost     TruthValue,
     rcEapPortNonEapMaxClients    INTEGER,
     rcEapPortRadAuthNonEapClients TruthValue,
     rcEapPortShutDownOnIntrusion TruthValue,
     rcEapPortStatus              INTEGER,
     rcEapPortEapMaxClients       Integer32,
     rcEapPortMultiHostSingleAuthEnabled TruthValue,
     rcEapPortAllowDhcpPhones     TruthValue,
     rcEapPortEapPacketMode       INTEGER,
     rcEapPortProcessRadiusCOAPackets TruthValue,
     rcEapPortFailOpenVlanId      Integer32,
     rcEapPortFailOpenVlanUBP     OCTET STRING,
     rcEapPortCloneSettingsAction INTEGER,
     rcEapPortCloneSettingsDestPortList PortList,
     rcEapPortGuestIsid           Integer32,
     rcEapPortFailOpenIsid        Integer32,
     rcEapPortFlexUniStatus       TruthValue,
     rcEapPortAdminTrafficControl INTEGER,
     rcEapPortOperTrafficControl  INTEGER,
     rcEapPortLldpAuthEnabled     TruthValue,
     rcEapPortOrigin              INTEGER,
     rcEapPortDynamicMHSAEnabled  TruthValue,
     rcEapPortTrafficControlOrigin BITS
}

rcEapPortIndex OBJECT-TYPE
     SYNTAX       InterfaceIndex
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION  "An index value that uniquely identifies a port.
                   This value is similar to ifIndex in MIB2."
     ::= { rcEapPortEntry 1 }

rcEapPortGuestVlanEnable OBJECT-TYPE
     SYNTAX       TruthValue
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "When this variable is set to TRUE, EAPoL Guest Vlan
                   feature will be enabled on the port"
     DEFVAL       { false }
     ::= { rcEapPortEntry 2 }

rcEapPortGuestVlanId OBJECT-TYPE
     SYNTAX       INTEGER (0..4096)
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "A value representing the VLAN to be used as a Guest
                   VLAN. Access for unautheticated host/s connected to this port
                   is provided through this VLAN. A value of 0 indicates
                   that guest VLAN functionality is not enabled for this port."
     DEFVAL      { 0 }
     ::= { rcEapPortEntry 3 }

rcEapPortMultiHostEnable OBJECT-TYPE
     SYNTAX       TruthValue
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "When this variable is set to TRUE, the system is enabled to
                   have multiple 802.1X supplicants authenticated from the same
                   port"
     DEFVAL	  { false }
     ::= { rcEapPortEntry 4 }

rcEapPortMultiHostMaxClients  OBJECT-TYPE
     SYNTAX       INTEGER (1..8192)
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "Integer value representing the maximum number of supplicants
                   that are allowed to get authenticated on the port. This is
                   applicable in MHMV mode."
     DEFVAL	  { 1 }
     ::= { rcEapPortEntry 5 }

rcEapPortAllowNonEapHost OBJECT-TYPE
     SYNTAX       TruthValue
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "When this variable is set to TRUE, the system is enabled to
                   allow hosts that do not participate in 802.1X authentication
                   to get network access."
     DEFVAL       { false }
     ::= { rcEapPortEntry 6 }

rcEapPortNonEapMaxClients OBJECT-TYPE
     SYNTAX       INTEGER (0..8192)
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "Integer value representing the maximum number of non-802.1X
                   hosts that are allowed to connect to the port. A value of 0
                   indicates that non-802.1X authentication is disabled
                   on this port"
     DEFVAL       { 1 }
     ::= { rcEapPortEntry 7 }

rcEapPortRadAuthNonEapClients OBJECT-TYPE
     SYNTAX       TruthValue
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "When this variable is set to TRUE, the system is enabled to
                   allow Non-Eap hosts on the port to get network access through radius
                   based Mac authorization."
     DEFVAL       { false }
     ::= { rcEapPortEntry 8 }

rcEapPortShutDownOnIntrusion OBJECT-TYPE
     SYNTAX       TruthValue
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "When this variable is set to TRUE, the port is
                   shutdown on encountering [max + 1st] non-eap client
                   on the port"
     DEFVAL       { false }
     ::= { rcEapPortEntry 9 }

rcEapPortStatus OBJECT-TYPE
     SYNTAX       INTEGER {
                    forceUnauthorized(1),
                    auto(2),
                    forceAuthorized(3)
                  }
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "This object allows enabling EAPoL on the port.
         	   If status is forceUnauthorized(2), then EAPoL is
		   enabled on the port but it doesn't allow any traffic
		   on the port.
		   If status is auto(2), EAPoL is enabled and based on
		   the  802.1x authentication, traffic is allowed.
		   If status is forceAuthorized(3), EAPoL is disabled
		   on the port and the port allows all traffic irrespective
		   of 802.1x authentication."
     ::= { rcEapPortEntry 10 }

rcEapPortEapMaxClients OBJECT-TYPE
    SYNTAX        Integer32 (0..32)
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "This object specifies the maximum number of EAP-authentication
                   MAC addresses allowed on this port.  A value of 0 indicates that
                   802.1X authentication is disabled on this port."
    DEFVAL      { 1 }
     ::= { rcEapPortEntry 11 }

rcEapPortMultiHostSingleAuthEnabled OBJECT-TYPE
    SYNTAX        TruthValue
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "This object controls whether non-EAP clients (MAC addresses) may
                   be automatically authenticated on the port after one client
                   has been authenticated (known as MHSA). "
    DEFVAL      { false }
    ::= { rcEapPortEntry 12 }

rcEapPortAllowDhcpPhones OBJECT-TYPE
    SYNTAX        TruthValue
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "This object indicates whether IP phones will be allowed access
                   based on DHCP signature."
    DEFVAL      { false }
    ::= { rcEapPortEntry 13 }

rcEapPortEapPacketMode OBJECT-TYPE
    SYNTAX        INTEGER {
                    multicast(1),
                    unicast(2)
                  }
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "This object indicates whether to use unicast or multicast packets
                   for Eap-ReqId packets.  Normally, multicast packets are used."
    DEFVAL      { multicast }
    ::= { rcEapPortEntry 14 }

rcEapPortProcessRadiusCOAPackets OBJECT-TYPE
    SYNTAX        TruthValue
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "This object indicates whether to process any RADIUS requests-server
                   packets that are received on this port."
    DEFVAL      { false }
    ::= { rcEapPortEntry 15 }

rcEapPortFailOpenVlanId OBJECT-TYPE
    SYNTAX        Integer32 (0..4096)
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "This object specifies the ID of the Fail-Open VLAN for this port.
                   Authenticated devices are moved into the configured Fail Open VLAN
                   when the switch declares the RADIUS servers unreachable.
                   A value of 0 indicates Fail Open VLAN functionality
                   is not enabled for this port."
    DEFVAL      { 0 }
    ::= { rcEapPortEntry 16 }

rcEapPortFailOpenVlanUBP OBJECT-TYPE
    SYNTAX        OCTET STRING (SIZE(0..16))
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "This object represents the UBP filter name of the fail-open policy"
    ::= { rcEapPortEntry 17 }

rcEapPortCloneSettingsAction OBJECT-TYPE
    SYNTAX        INTEGER {
                    none(1),
                    start(2)
                  }
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "This object starts the action of copying eap settings from current
                   ifIndex to the list of ports specified in rcEapPortCloneSettingsDestPortList.
                   The default value will be returned by all read opperations.
                   The write operation must contain both rcEapPortCloneSettingsAction
                   and rcEapPortCloneSettingsDestPortList."
    DEFVAL       { none }
    ::= { rcEapPortEntry 18 }

rcEapPortCloneSettingsDestPortList OBJECT-TYPE
    SYNTAX        PortList
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "This object represents the destination port list on which the
                   EAP port configuration will be copied.
                   The default value will be returned by all read opperations.
                   The write operation must contain both rcEapPortCloneSettingsAction
                   and rcEapPortCloneSettingsDestPortList."
    DEFVAL       { ''H }
    ::= { rcEapPortEntry 19 }

rcEapPortGuestIsid OBJECT-TYPE
    SYNTAX        Integer32(0..16777215)
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "A value representing the I-SID to be used as a Guest
                  I-SID. Access for untagged unauthenticated hosts connected to this port
                  is provided through this I-SID. A value of 0 indicates
                  that Guest I-SID functionality is not enabled for this port."
    DEFVAL      { 0 }
    ::= { rcEapPortEntry 20 }

rcEapPortFailOpenIsid OBJECT-TYPE
    SYNTAX        Integer32(0..16777215)
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "This object specifies the Fail Open I-SID for this port.
                   Untagged unauthenticated devices are assigned to this I-SID
                   when the RADIUS Servers are unreachable.
                   A value of 0 indicates that Fail Open I-SID functionality
                   is not enabled for this port."
    DEFVAL      { 0 }
    ::= { rcEapPortEntry 21 }

rcEapPortFlexUniStatus OBJECT-TYPE
    SYNTAX        TruthValue
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION   "This object specifies if flex-uni is enabled on this port.
                   If enabled, EAP will operate in flex-uni mode.
                   If disabled, EAP will operate in legacy VLAN mode."
    ::= { rcEapPortEntry 22 }

rcEapPortAdminTrafficControl OBJECT-TYPE
    SYNTAX        INTEGER {
                      inOut(1),
                      in(2)
                  }
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "This option controls the configured traffic blocking
                   directions for a port when there are no authenticated
                   clients for that port. Filtering only ingress packets will
                   permit egress traffic to reach sleeping or hibernating
                   devices. Main purpose is for WoL packets to reach to this
                   kind of devices, but it might be applicable to other
                   management packets as well."
    DEFVAL          { inOut }
    ::= { rcEapPortEntry 23 }

rcEapPortOperTrafficControl OBJECT-TYPE
    SYNTAX        INTEGER {
                      inOut(1),
                      in(2)
                  }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION   "This option specifies the operational traffic blocking
                   directions for a port when there are no authenticated
                   clients for that port. Filtering only ingress packets will
                   permit egress traffic to reach sleeping or hibernating
                   devices. Main purpose is for WoL packets to reach to this
                   kind of devices, but it might be applicable to other
                   management packets as well."
    ::= { rcEapPortEntry 24 }

rcEapPortLldpAuthEnabled OBJECT-TYPE
    SYNTAX        TruthValue
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "This object specifies if lldp-authentication of IP phones is allowed."
    DEFVAL      { false }
    ::= { rcEapPortEntry 25 }

rcEapPortOrigin OBJECT-TYPE
    SYNTAX      INTEGER {
                      config(1),
                      autoSense(2)
                  }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION
        "Describes how EAPOL was configured on port: manual (CLI/SNMP) or 
         ZTF(Auto-Sense)."
    ::= { rcEapPortEntry 26 }

rcEapPortDynamicMHSAEnabled OBJECT-TYPE
    SYNTAX        TruthValue
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION   "This object specifies if the port was dynamically added in the MHSA mode."
    DEFVAL      { false }
    ::= { rcEapPortEntry 27 }


rcEapPortTrafficControlOrigin  OBJECT-TYPE
    SYNTAX BITS {
          config(0),
          radius(1)
    }
    MAX-ACCESS    read-only
    STATUS        current
    DESCRIPTION   "Indicates how the traffic control field was enabled.
                   Supported values:
                   config - traffic control was enabled by user.
                   radius - traffic control enabled by EAP via Radius response."
    ::= { rcEapPortEntry 28 }



rcEapPortAllowedMacTable OBJECT-TYPE
     SYNTAX        SEQUENCE OF RcEapPortAllowedMacEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION   "EAP properietery table for allowed mac addresses of non
                    EAP clients"
     ::= { rcEap 3 }

rcEapPortAllowedMacEntry OBJECT-TYPE
     SYNTAX        RcEapPortAllowedMacEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION   "Entry containing MAC addresses for Non EAP hosts allowed
                    on the port"
     INDEX         { rcEapPortAllowedMacPort, rcEapPortAllowedMacAddr }
     ::= { rcEapPortAllowedMacTable 1 }

RcEapPortAllowedMacEntry ::= SEQUENCE {
     rcEapPortAllowedMacPort      InterfaceIndex,
     rcEapPortAllowedMacAddr      MacAddress,
     rcEapPortAllowedMacRowStatus RowStatus
}

rcEapPortAllowedMacPort OBJECT-TYPE
     SYNTAX       InterfaceIndex
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION  "An index value that uniquely identifies a port.
                   This value is similar to ifIndex in MIB2."
     ::= { rcEapPortAllowedMacEntry 1 }

rcEapPortAllowedMacAddr OBJECT-TYPE
     SYNTAX       MacAddress
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION  "MAC address of a non EAP host that is granted access
                   on the port."
     ::= { rcEapPortAllowedMacEntry 2 }

rcEapPortAllowedMacRowStatus OBJECT-TYPE
     SYNTAX       RowStatus
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION  "Used to create/delete entries in rcEapPortAllowedMacTable."
     ::= { rcEapPortAllowedMacEntry 3 }

rcEapMultiHostStatusTable OBJECT-TYPE
     SYNTAX 	  SEQUENCE OF RcEapMultiHostStatusEntry
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION  "This table is used to control the EAP multihost configuration
                   for each port in the system."
     ::= { rcEap 4 }

rcEapMultiHostStatusEntry OBJECT-TYPE
     SYNTAX 	  RcEapMultiHostStatusEntry
     MAX-ACCESS   not-accessible
     STATUS 	  current
     DESCRIPTION  "The EAP multihost configuration for a port."
     INDEX 	  { rcEapMultiHostStatusPortNumber,
                    rcEapMultiHostStatusClientMACAddr }
     ::= { rcEapMultiHostStatusTable 1 }

RcEapMultiHostStatusEntry ::= SEQUENCE {
          rcEapMultiHostStatusPortNumber InterfaceIndex,
          rcEapMultiHostStatusClientMACAddr MacAddress,
          rcEapMultiHostStatusPaeState INTEGER,
          rcEapMultiHostStatusBackendAuthState INTEGER,
          rcEapMultiHostStatusVlanId   Integer32,
	  rcEapMultihostStatusPriority Integer32,
          rcEapMultihostStatusSwUniBindings OCTET STRING, 
          rcEapMultiHostStatusIsidSource  INTEGER     
     }

rcEapMultiHostStatusPortNumber OBJECT-TYPE
     SYNTAX       InterfaceIndex
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION  "The Port number associated with this client."
     ::= { rcEapMultiHostStatusEntry 1 }

rcEapMultiHostStatusClientMACAddr OBJECT-TYPE
     SYNTAX       MacAddress
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION  "The MAC address of the client."
     ::= { rcEapMultiHostStatusEntry 2 }

rcEapMultiHostStatusPaeState OBJECT-TYPE
     SYNTAX       INTEGER {
                     initialize(1),
                     disconnected(2),
                     connecting(3),
                     authenticating(4),
                     authenticated(5),
                     aborting(6),
                     held(7),
                     forceAuth(8),
                     forceUnauth(9),
                     unauthenticated(10)
                  }
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION  "The current value of the Authenticator PAE state machine."
     ::= { rcEapMultiHostStatusEntry 3 }

rcEapMultiHostStatusBackendAuthState OBJECT-TYPE
     SYNTAX       INTEGER {
                     request(1),
                     response(2),
                     success(3),
                     fail(4),
                     timeout(5),
                     idle(6),
                     initialize(7)
                  }
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION  "The current state of the Backend Authentication state
                   machine."
     ::= { rcEapMultiHostStatusEntry 4 }

rcEapMultiHostStatusVlanId OBJECT-TYPE
     SYNTAX       Integer32
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION  "The Vlan-Id associated with this client MAC. This Vlan
	           could be port-based Vlan or Radius assigned Vlan."
     ::= { rcEapMultiHostStatusEntry 5 }

rcEapMultihostStatusPriority OBJECT-TYPE
     SYNTAX       Integer32
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION  "The priority associated with this client MAC. This
	 	   priority could be the Radius assigned Priority or
		   the Port QOS level."
     ::= { rcEapMultiHostStatusEntry 6 }

rcEapMultihostStatusSwUniBindings OBJECT-TYPE
     SYNTAX       OCTET STRING (SIZE(0..564))
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION  "The EAP vlan:isid bindings. Vlan is represented on
                   2 bytes. Isid is represented on 4 bytes. The output
                   OctetString would be a continuous hexadecimal 
                   representation of VLAN followed by corresponding ISID. 
                    Example:
                     Length(bytes): |--2--|--4--|--2--|--4--|--2--|--4--|---2--|---4--|
                     OctetString:    VLAN0 ISID0 VLAN1 ISID1  ...   ...  VLAN94 ISID94 .
                   There are no spaces between VLANx and ISIDx."
     ::= { rcEapMultiHostStatusEntry 7 }

rcEapMultiHostSessionStatsTable OBJECT-TYPE
     SYNTAX       SEQUENCE OF RcEapMultiHostSessionStatsEntry
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION  "A table that contains the session statistics objects for the
                   Authenticator PAE associated with each EAP client on each
                   Port.An entry appears in this table for each client MAC address
		   on each port that may authenticate access to itself."
     ::= { rcEap 5 }

rcEapMultiHostSessionStatsEntry OBJECT-TYPE
     SYNTAX       RcEapMultiHostSessionStatsEntry
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION  "The session statistics information for an Authenticator
                   PAE. This shows the current values being collected for
                   each session that is still in progress, or the final
                   values for the last valid session for each client where
                   there is no session currently active."
     INDEX        { rcEapMultiHostSessionStatsPortNumber,
                    rcEapMultiHostSessionStatsClientMACAddr }
     ::= { rcEapMultiHostSessionStatsTable 1 }

RcEapMultiHostSessionStatsEntry ::= SEQUENCE {
          rcEapMultiHostSessionStatsPortNumber InterfaceIndex,
          rcEapMultiHostSessionStatsClientMACAddr MacAddress,
          rcEapMultiHostSessionId SnmpAdminString,
          rcEapMultiHostSessionAuthenticMethod INTEGER,
          rcEapMultiHostSessionTime TimeTicks,
          rcEapMultiHostSessionTerminateCause INTEGER,
          rcEapMultiHostSessionUserName SnmpAdminString,
          rcEapMultiHostStatusAclId         Integer32,
          rcEapMultiHostStatusAceIdList     OCTET STRING
     }

rcEapMultiHostSessionStatsPortNumber OBJECT-TYPE
     SYNTAX       InterfaceIndex
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION  "The Port number associated with this client."
     ::= { rcEapMultiHostSessionStatsEntry 1 }

rcEapMultiHostSessionStatsClientMACAddr OBJECT-TYPE
     SYNTAX       MacAddress
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION  "The MAC address of this client."
     ::= { rcEapMultiHostSessionStatsEntry 2 }

rcEapMultiHostSessionId OBJECT-TYPE
     SYNTAX       SnmpAdminString
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION  "A unique identifier for the session, in the
                   form of a printable ASCII string of at least
                   three characters."
     ::= { rcEapMultiHostSessionStatsEntry 3 }

rcEapMultiHostSessionAuthenticMethod OBJECT-TYPE
     SYNTAX       INTEGER {
                     remoteAuthServer(1),
                     localAuthServer(2)
                  }
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION  "The authentication method used to establish the session."
     ::= { rcEapMultiHostSessionStatsEntry 4 }

rcEapMultiHostSessionTime OBJECT-TYPE
     SYNTAX       TimeTicks
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION  "The duration of the session in seconds."
     ::= { rcEapMultiHostSessionStatsEntry 5 }

rcEapMultiHostSessionTerminateCause OBJECT-TYPE
     SYNTAX       INTEGER {
                     supplicantLogoff(1),
                     portFailure(2),
                     supplicantRestart(3),
                     reauthFailed(4),
                     authControlForceUnauth(5),
                     portReInit(6),
                     portAdminDisabled(7),
                     notTerminatedYet(999)
                  }
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION  "The reason for the session termination."
     ::= { rcEapMultiHostSessionStatsEntry 6 }

rcEapMultiHostSessionUserName OBJECT-TYPE
     SYNTAX       SnmpAdminString
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION  "The User-Name representing the identity of the Supplicant
                   PAE."
     ::= { rcEapMultiHostSessionStatsEntry 7 }

rcEapMultiHostStatusIsidSource OBJECT-TYPE
    SYNTAX         INTEGER {
                       radius(1),
                       autoconfig(2),
                       config(3),
                       notAvailable(4)
                   }
    MAX-ACCESS     read-only
    STATUS         current
    DESCRIPTION    "It indicates how the I-SID value is generated:
                    radius(1) means I-SID is learned from the radius server;
                    autoconfig(2) means I-SID is calculated using the auto-isid-offset configured by the user;
                    config(3) means I-SID is statically configured;
                    notAvaliable(4) is for the case where EAP with FlexUNI is not used, hence there is no I-SID to use."
    ::= { rcEapMultiHostStatusEntry 8 }


rcEapMultiHostStatusAclId OBJECT-TYPE
    SYNTAX         Integer32
    MAX-ACCESS     read-only
    STATUS         current
    DESCRIPTION    "It indicates the dynamic ACL on this port"
    ::= { rcEapMultiHostSessionStatsEntry 9 }

 

rcEapMultiHostStatusAceIdList OBJECT-TYPE
    SYNTAX         OCTET STRING (SIZE(0..8192))
    MAX-ACCESS     read-only
    STATUS         current
    DESCRIPTION    "It indicates the list of dynamic ACEs on this port"

    ::= { rcEapMultiHostSessionStatsEntry 10 }

rcEapPortRadiusMacTable OBJECT-TYPE
     SYNTAX        SEQUENCE OF RcEapPortRadiusMacEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION   "EAP proprietary table for non-EAP hosts
                    authenticated using radius server."
     ::= { rcEap 6 }

rcEapPortRadiusMacEntry OBJECT-TYPE
     SYNTAX        RcEapPortRadiusMacEntry
     MAX-ACCESS    not-accessible
     STATUS        current
     DESCRIPTION   "Entry containing MAC addresses for Non EAP hosts
                    authenticated using radius server."
     INDEX         { rcEapPortRadiusMacPort, rcEapPortRadiusMacAddr }
     ::= { rcEapPortRadiusMacTable 1 }

RcEapPortRadiusMacEntry ::= SEQUENCE {
     rcEapPortRadiusMacPort      InterfaceIndex,
     rcEapPortRadiusMacAddr      MacAddress,
     rcEapPortRadiusMacStatus    INTEGER,
     rcEapPortRadiusVlanId       Integer32,
     rcEapPortRadiusMacClear     TruthValue,
     rcEapPortRadiusMacPriority  Integer32,
     rcEapPortRadiusSwUniBindings OCTET STRING, 
     rcEapPortRadiusIsidSource   INTEGER,
     rcEapPortRadiusNonEapAuthType   INTEGER,
     rcEapPortRadiusAclId           Integer32,
     rcEapPortRadiusAceIdList       OCTET STRING
}

rcEapPortRadiusMacPort OBJECT-TYPE
     SYNTAX       InterfaceIndex
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION  "An index value that uniquely identifies a port."
     ::= { rcEapPortRadiusMacEntry 1 }

rcEapPortRadiusMacAddr OBJECT-TYPE
     SYNTAX       MacAddress
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION  "MAC address of a non EAP host that is authenticated
                   using radius server."
     ::= { rcEapPortRadiusMacEntry 2 }

rcEapPortRadiusMacStatus OBJECT-TYPE
     SYNTAX       INTEGER {
                                    authenticated(1),
                                    rejected(2),
                                    pending(3),
                                    radius-request-dropped(4),
                                    radius-server-not-reachable(5),
				    held(6),
				    authenticating(7)
                            }
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION  "Authentication status of the non EAP host that is
                   authenticated using radius server."
     ::= {rcEapPortRadiusMacEntry 3 }

rcEapPortRadiusVlanId OBJECT-TYPE
     SYNTAX       Integer32
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION  "The Vlan-Id associated with this Non-EAP client MAC.
	 	   This Vlan could be port-based Vlan or Radius assigned vlan."
     ::= { rcEapPortRadiusMacEntry 4 }

rcEapPortRadiusMacClear OBJECT-TYPE
    SYNTAX         TruthValue
    MAX-ACCESS     read-write
    STATUS         current
    DESCRIPTION    "Clears the Non-EAP MAC entry associated with this Index.
	            The value should be set to true to clear the Non-EAP MAC entry.
		    This MIB always return false."
    DEFVAL          { false }
    ::= { rcEapPortRadiusMacEntry 5 }

rcEapPortRadiusMacPriority OBJECT-TYPE
    SYNTAX         Integer32
    MAX-ACCESS     read-only
    STATUS         current
    DESCRIPTION    "The Priority associated with this Non-EAP client MAC.
		    This Priority could be the Radius assigned Priority
		    or the Port QOS level."
    ::= { rcEapPortRadiusMacEntry 6 }

rcEapPortRadiusSwUniBindings OBJECT-TYPE
    SYNTAX         OCTET STRING (SIZE(0..564))
    MAX-ACCESS     read-only
    STATUS         current
    DESCRIPTION    "The NEAP vlan:isid bindings. Vlan is represented on 2 
                    bytes. Isid is represented on 4 bytes. The output 
                    OctetString would be a continuous hexadecimal representation 
                    of VLAN followed by corresponding ISID. 
                    Example:
                     Length(bytes): |--2--|--4--|--2--|--4--|--2--|--4--|---2--|---4--|
                     OctetString:    VLAN0 ISID0 VLAN1 ISID1  ...   ...  VLAN94 ISID94 .
                    There are no spaces between VLANx and ISIDx."
    ::= { rcEapPortRadiusMacEntry 7 }


rcEapPortRadiusIsidSource OBJECT-TYPE
    SYNTAX         INTEGER {
                       radius(1),
                       autoconfig(2),
                       config(3),
                       notAvailable(4)
                   }
    MAX-ACCESS     read-only
    STATUS         current
    DESCRIPTION    "It indicates how the I-SID value is generated:
                    radius(1) means I-SID is learned from the radius server;
                    autoconfig(2) means I-SID is calculated using the auto-isid-offset configured by the user;
                   config(3) means I-SID is statically configured;
                    notAvaliable(4) is for the case where EAP with FlexUNI is not used, hence there is no I-SID to use."
    ::= { rcEapPortRadiusMacEntry 8 }

rcEapPortRadiusNonEapAuthType OBJECT-TYPE
    SYNTAX         INTEGER {
                       radius(1),
                       lldp(2)
                   }
    MAX-ACCESS     read-only
    STATUS         current
    DESCRIPTION    "It indicates the client neap authentication type:
                    radius(1) means it's via radius server;
                    lldp(2) means it's via LLDP"
    ::= { rcEapPortRadiusMacEntry 9 }


rcEapPortRadiusAclId OBJECT-TYPE
    SYNTAX         Integer32
    MAX-ACCESS     read-only
    STATUS         current
    DESCRIPTION    "It indicates the dynamic ACL on this port"
    ::= { rcEapPortRadiusMacEntry 10 }

 

rcEapPortRadiusAceIdList OBJECT-TYPE
    SYNTAX         OCTET STRING (SIZE(0..8192))
    MAX-ACCESS     read-only
    STATUS         current
    DESCRIPTION    "It indicates the list of dynamic ACEs on this port"
    ::= { rcEapPortRadiusMacEntry 11 }


-- Radius Serv Host Table

rcRadiusServHostTable OBJECT-TYPE
        SYNTAX        SEQUENCE OF RcRadiusServHostEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "The RADIUS Server Host table (0 to 10 entries).  This
                      table lists the information of the RADIUS server."
        ::= { rcRadius 5 }

rcRadiusServHostEntry OBJECT-TYPE
        SYNTAX        RcRadiusServHostEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "A RADIUS server table entry."
        INDEX         { rcRadiusServHostAddressType, rcRadiusServHostAddress, rcRadiusServHostUsedBy }
        ::= { rcRadiusServHostTable 1 }

RcRadiusServHostEntry ::=
        SEQUENCE {
	 	rcRadiusServHostAddressType         InetAddressType,
                rcRadiusServHostAddress             InetAddress,
                rcRadiusServHostUsedBy              INTEGER,
                rcRadiusServHostPriority            Integer32,
                rcRadiusServHostTimeOut             Integer32,
                rcRadiusServHostEnable              TruthValue,
                rcRadiusServHostMaxRetries          Integer32,
                rcRadiusServHostUdpPort             Integer32,
                rcRadiusServHostSecretKey           DisplayString,
                rcRadiusServHostAccessRequests      Counter32,
                rcRadiusServHostAccessAccepts       Counter32,
                rcRadiusServHostAccessRejects       Counter32,
                rcRadiusServHostBadResponses        Counter32,
                rcRadiusServHostPendingRequests     Counter32,
                rcRadiusServHostClientRetries       Counter32,
                rcRadiusServHostRowStatus           RowStatus,
                rcRadiusServHostAcctEnable          TruthValue,
                rcRadiusServHostAcctUdpPort         Integer32,
                rcRadiusServHostAcctOnRequests      Counter32,
                rcRadiusServHostAcctOffRequests     Counter32,
                rcRadiusServHostAcctStartRequests   Counter32,
                rcRadiusServHostAcctStopRequests    Counter32,
                rcRadiusServHostAcctInterimRequests Counter32,
                rcRadiusServHostAcctBadResponses    Counter32,
                rcRadiusServHostAcctPendingRequests Counter32,
                rcRadiusServHostAcctClientRetries   Counter32,
                rcRadiusServHostNasIpAddress        InetAddress,
                rcRadiusServHostRoundTripTime       DisplayString,
                rcRadiusServHostAccessChallanges    Counter32,
                rcRadiusServHostSourceIpAddr        InetAddress,
                rcRadiusServHostSecureEnable        TruthValue,
                rcRadiusServHostSecureMode          INTEGER,
                rcRadiusServHostSecureProfile       DisplayString,
		rcRadiusServHostSecureLogLevel      INTEGER
        }

rcRadiusServHostAddressType OBJECT-TYPE
        SYNTAX        InetAddressType
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "Inet Address Type of radius server host address."
        ::= { rcRadiusServHostEntry 1 }

rcRadiusServHostAddress OBJECT-TYPE
        SYNTAX        InetAddress
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "Server IP address of the RADIUS authentication server
                       referred to in this table entry."
        ::= { rcRadiusServHostEntry 2 }

rcRadiusServHostUsedBy OBJECT-TYPE
        SYNTAX        INTEGER {
                         cli(1),
                         igap(2),
                         snmp(3),
                         eap(4),
                         web(5),
			 endpointTracking(6) 
                      }
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "cli(1): for cli login, igap(2): for igap,snmp(3):
                       for snmp login, eap(4) for EAP PAE Authenticator
                       web(5) for web-server(http/https) login,
			endpointTracking(6) for Endpoint Tracking feature."
        ::= { rcRadiusServHostEntry 3 }

rcRadiusServHostPriority OBJECT-TYPE
        SYNTAX        Integer32 (1..10)
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "Server priority, used to control which server to choose
                       first to send authentication."
	DEFVAL 	      { 10 }
        ::= { rcRadiusServHostEntry 4 }

rcRadiusServHostTimeOut OBJECT-TYPE
        SYNTAX        Integer32 (1..180)
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "The time interval in seconds before the client
                       retransmit the packet."
	DEFVAL 	      { 3 }
        ::= { rcRadiusServHostEntry 5 }

rcRadiusServHostEnable  OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "Enable or disable this server."
	DEFVAL 	      { true }
        ::= { rcRadiusServHostEntry 6 }

rcRadiusServHostMaxRetries OBJECT-TYPE
        SYNTAX        Integer32 (0..6)
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "Maximum number of retransmissions."
	DEFVAL 	      { 1 }
        ::= { rcRadiusServHostEntry 7 }

rcRadiusServHostUdpPort OBJECT-TYPE
        SYNTAX        Integer32 (1..65536)
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "The UDP port the client is using to send requests
                       to this server."
	DEFVAL 	      { 1812 }
        ::= { rcRadiusServHostEntry 8 }

rcRadiusServHostSecretKey OBJECT-TYPE
        SYNTAX        DisplayString (SIZE (0..32))
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "The identifier of the RADIUS authentication client."
        ::= { rcRadiusServHostEntry 9 }

rcRadiusServHostAccessRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS access-response packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServHostEntry 10 }

rcRadiusServHostAccessAccepts OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS access-accept packets (valid or
                         invalid) received from this server."
        ::= { rcRadiusServHostEntry 11 }

rcRadiusServHostAccessRejects OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS access-reject packets (valid or
                         invalid) received from this server."
        ::= { rcRadiusServHostEntry 12 }

rcRadiusServHostBadResponses OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS invalid access-response packets
                         received from this server."
        ::= { rcRadiusServHostEntry 13 }

rcRadiusServHostPendingRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS access-request packets destined
                         for this server that have not yet timed out or
                         received a response. This variable is incremented
                         when an access-request is sent and decremented due
                         to receipt of an access-accept, access-reject, a
                         timeout or retransmission."
        ::= { rcRadiusServHostEntry 14 }

rcRadiusServHostClientRetries OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of authentication retransmission to
                         this server."
        ::= { rcRadiusServHostEntry 15 }

rcRadiusServHostRowStatus OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "Used to create/delete entries."
        ::= { rcRadiusServHostEntry 16 }

rcRadiusServHostAcctEnable OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "Enable or disable Radius Accounting on this server."
        DEFVAL        { true }
        ::= { rcRadiusServHostEntry 17 }

rcRadiusServHostAcctUdpPort OBJECT-TYPE
        SYNTAX        Integer32 (1..65536)
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "The UDP port the client used to send accounting
                       requests to this server."
        DEFVAL        { 1813 }
        ::= { rcRadiusServHostEntry 18 }

rcRadiusServHostAcctOnRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS accounting-on packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServHostEntry 19 }

rcRadiusServHostAcctOffRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS accounting-off packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServHostEntry 20 }

rcRadiusServHostAcctStartRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS accounting-start packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServHostEntry 21 }


rcRadiusServHostAcctStopRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS accounting-stop packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServHostEntry 22 }

rcRadiusServHostAcctInterimRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS accounting-interim packets sent to
                         this server. This does not include retransmissions."
        ::= { rcRadiusServHostEntry 23 }

rcRadiusServHostAcctBadResponses OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of Invalid responses received from this
                         server."
        ::= { rcRadiusServHostEntry 24 }

rcRadiusServHostAcctPendingRequests OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS accounting packets that are waiting
                         be sent to this server. This variable is incremented
                         whenever any accounting-request is sent to this server and
                         decremented when an acknowledgement is received or timeout
                         occurs."
        ::= { rcRadiusServHostEntry 25 }

rcRadiusServHostAcctClientRetries OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS accounting packets retransmitted
                         to this server."
        ::= { rcRadiusServHostEntry 26 }

rcRadiusServHostNasIpAddress OBJECT-TYPE
        SYNTAX          InetAddress
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "RADIUS Client NAS Identifier for this server."
        ::= { rcRadiusServHostEntry 27 }

rcRadiusServHostRoundTripTime OBJECT-TYPE
        SYNTAX          DisplayString (SIZE(0..20))
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "Time different between the instance when
                         a RADIUS request is sent and the
                         corresponding response is received."
        ::= { rcRadiusServHostEntry 28 }

rcRadiusServHostAccessChallanges OBJECT-TYPE
        SYNTAX          Counter32
        MAX-ACCESS      read-only
        STATUS          current
        DESCRIPTION     "The number of RADIUS access-challanges packets
                         sent to this server. This does not include
                         retransmission."
        ::= { rcRadiusServHostEntry 29 }

rcRadiusServHostSourceIpAddr OBJECT-TYPE
        SYNTAX          InetAddress
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION     "source IP address RADIUS packets."
        ::= { rcRadiusServHostEntry 30 }

rcRadiusServHostSecureEnable  OBJECT-TYPE
        SYNTAX        TruthValue
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "Enable or disable Radius Secure for this server."
        DEFVAL        { false }
        ::= { rcRadiusServHostEntry 31 }

rcRadiusServHostSecureMode OBJECT-TYPE
        SYNTAX        INTEGER {
                         tls(1),
                         dtls(2)
                      }
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION   "tls(1) : secure TLS  connection with RADIUS server,
                       dtls(2): secure DTLS connection with RADIUS server"
        DEFVAL        { tls }
        ::= { rcRadiusServHostEntry 32 }

rcRadiusServHostSecureProfile OBJECT-TYPE
        SYNTAX         DisplayString (SIZE(1..16))
        MAX-ACCESS     read-create
        STATUS         current
        DESCRIPTION    "Profile name."
        DEFVAL         { "default" }
        ::= { rcRadiusServHostEntry 33 }

rcRadiusServHostSecureLogLevel OBJECT-TYPE
        SYNTAX         INTEGER {
				critical(1),
                                error(2),
                                warning(3),
                                info(4),
                                debug(5)
		       }
        MAX-ACCESS     read-create
        STATUS         current
        DESCRIPTION    "Specifies the debug level on RADIUS secure server.
                        It must be set to 1, 2, 3, 4 or 5, where critical(1)
                        logs only serious errors and debug(5) logs everything."
        DEFVAL         { error }
        ::= { rcRadiusServHostEntry 34 }

-- RADIUS COA Clients configuration table

rcRadiusDynAuthClientTable   OBJECT-TYPE
    SYNTAX SEQUENCE OF RcRadiusDynAuthClientEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "This table is used to configure RADIUS Dynamic Authorization
        Clients. RADIUS Dynamic Authorization Clients are entities
        which can send Disconnect and Change Of Authorization
        requests to a RADIUS Dynamic Authorization Server."
    ::= { rcRadius 6 }

rcRadiusDynAuthClientEntry OBJECT-TYPE
    SYNTAX       RcRadiusDynAuthClientEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "An entry containing objects defining RADIUS Dynamic Authorization
        Clients which can connect to this RADIUS Dynamic Authorization
        Server."
    INDEX { rcRadiusDynAuthClientAddressType,
            rcRadiusDynAuthClientAddress }
    ::= { rcRadiusDynAuthClientTable 1 }

RcRadiusDynAuthClientEntry ::=
    SEQUENCE {
        rcRadiusDynAuthClientAddressType                InetAddressType,
        rcRadiusDynAuthClientAddress                    InetAddress,
        rcRadiusDynAuthClientUdpPort                    InetPortNumber,
        rcRadiusDynAuthClientSecret                     OCTET STRING,
        rcRadiusDynAuthClientEnabled                    TruthValue,
        rcRadiusDynAuthClientRowStatus                  RowStatus,
        rcRadiusDynAuthClientReplayProtection           TruthValue
    }

rcRadiusDynAuthClientAddressType OBJECT-TYPE
    SYNTAX       InetAddressType
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "The type of address contained in the corresponding instance
        of rcRadiusDynAuthClientAddress."
    ::= { rcRadiusDynAuthClientEntry 1 }

rcRadiusDynAuthClientAddress OBJECT-TYPE
    SYNTAX       InetAddress (SIZE(0..113))
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "The internet address of a RADIUS Dynamic Authorization
        Client configured in this entry."
    ::= { rcRadiusDynAuthClientEntry 2 }

rcRadiusDynAuthClientUdpPort OBJECT-TYPE
    SYNTAX       InetPortNumber
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "The UDP port number the server/NAS listens on for requests from the
        RADIUS Dynamic Authorization Client configured in this entry."
    DEFVAL { 3799 }
    ::= { rcRadiusDynAuthClientEntry 3 }

rcRadiusDynAuthClientSecret OBJECT-TYPE
    SYNTAX       OCTET STRING (SIZE(0..16))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "The secret shared between RADIUS Dynamic Authorization
        Client and Server. Note that when this object is retrieved, its
        value will always by a zero-length octet string."
    DEFVAL { ''H }
    ::= { rcRadiusDynAuthClientEntry 4 }

rcRadiusDynAuthClientEnabled OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION
        "Enable or disable packet receive from this RADIUS Dynamic
         Authorization Client. The NAS will not listen for requests
         from the client unless this object is true(1)."
    DEFVAL { false }
    ::= { rcRadiusDynAuthClientEntry 5 }

rcRadiusDynAuthClientRowStatus OBJECT-TYPE
    SYNTAX       RowStatus
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "Controls row creation/deletion in this table."
    ::= { rcRadiusDynAuthClientEntry 6 }

rcRadiusDynAuthClientReplayProtection OBJECT-TYPE
    SYNTAX       TruthValue
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "Enable or disable RADIUS replay protection."
    ::= { rcRadiusDynAuthClientEntry 7 }

-- RADIUS COA Clients - Stats

rcRadiusDynAuthClientStatsTable OBJECT-TYPE
    SYNTAX SEQUENCE OF RcRadiusDynAuthStatsClientEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
        "The (conceptual) table listing the RADIUS Dynamic
         Authorization Clients with which the server shares a
         secret. This is an extension of radiusDynAuthClientEntry."
    ::= { rcRadius 7 }

rcRadiusDynAuthStatsClientEntry OBJECT-TYPE
    SYNTAX     RcRadiusDynAuthStatsClientEntry
    MAX-ACCESS not-accessible
    STATUS     current
    DESCRIPTION
        "An entry (conceptual row) representing one Dynamic
         Authorization Client with which the server shares a
         secret."
    AUGMENTS   { radiusDynAuthClientEntry }
    ::= { rcRadiusDynAuthClientStatsTable 1 }

RcRadiusDynAuthStatsClientEntry ::= SEQUENCE {
    rcRadiusDynAuthServerRcRequests                  Counter32,
    rcRadiusDynAuthServerRcAuthOnlyRequests          Counter32,
    rcRadiusDynAuthServerRcDupRequests               Counter32,
    rcRadiusDynAuthServerRcAcks                      Counter32,
    rcRadiusDynAuthServerRcNacks                     Counter32,
    rcRadiusDynAuthServerRcNacksAuthOnlyRequests     Counter32,
    rcRadiusDynAuthServerRcNacksNoSess               Counter32,
    rcRadiusDynAuthServerRcSessReauthenticated       Counter32,
    rcRadiusDynAuthServerRcMalformed                 Counter32,
    rcRadiusDynAuthServerRcDropped                   Counter32,
    rcRadiusDynAuthServerRcBadAuths                  Counter32
}

rcRadiusDynAuthServerRcRequests OBJECT-TYPE
    SYNTAX     Counter32
    UNITS      "requests"
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of RADIUS Reauthentication-requests received
         from this Dynamic Authorization Client. This also includes
         the Reauthentication requests that have a Service-Type
         attribute with value 'Authorize Only'.  This counter may
         experience a discontinuity when the DAS module (re)starts,
         as indicated by the value of radiusDynAuthServerCounterDiscontinuity."
    REFERENCE
        "Reauthentication extension for RFC3576 ."
    ::= { rcRadiusDynAuthStatsClientEntry 1 }

rcRadiusDynAuthServerRcAuthOnlyRequests OBJECT-TYPE
    SYNTAX     Counter32
    UNITS      "requests"
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of RADIUS Reauthentication-requests that include a
         Service-Type attribute with value 'Authorize Only'
         received from this Dynamic Authorization Client.  This
         counter may experience a discontinuity when the DAS
         module (re)starts, as indicated by the value of
         radiusDynAuthServerCounterDiscontinuity."
    REFERENCE
        "Reauthentication extension for RFC3576 ."
    ::= { rcRadiusDynAuthStatsClientEntry 2 }

rcRadiusDynAuthServerRcDupRequests OBJECT-TYPE
    SYNTAX     Counter32
    UNITS      "requests"
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of duplicate RADIUS Reauthentication-Request packets
         received from this Dynamic Authorization Client.  This
         counter may experience a discontinuity when the DAS
         module (re)starts, as indicated by the value of
         radiusDynAuthServerCounterDiscontinuity."
    REFERENCE
        "Reauthentication extension for RFC3576 ."
    ::= { rcRadiusDynAuthStatsClientEntry 3 }

rcRadiusDynAuthServerRcAcks OBJECT-TYPE
    SYNTAX     Counter32
    UNITS      "requests"
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of incoming Reauthentication packets from this
         Dynamic Authorization Client silently discarded
         by the server application for some reason other than
         malformed, bad authenticators, or unknown types.  This
         counter may experience a discontinuity when the DAS
         module (re)starts, as indicated by the value of
         radiusDynAuthServerCounterDiscontinuity."
    REFERENCE
        "Reauthentication extension for RFC3576 ."
    ::= { rcRadiusDynAuthStatsClientEntry 4 }

rcRadiusDynAuthServerRcNacks OBJECT-TYPE
    SYNTAX     Counter32
    UNITS      "requests"
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of RADIUS Reauthentication-NAK packets sent to
         this Dynamic Authorization Client.  This includes
         the RADIUS Reauthentication-NAK packets sent with a Service-Type
         attribute with value 'Authorize Only' and the RADIUS
         Reauthentication-NAK packets sent because no session context was
         found.  This counter may experience a discontinuity
         when the DAS module (re)starts, as indicated by the
         value of radiusDynAuthServerCounterDiscontinuity."
    REFERENCE
        "Reauthentication extension for RFC3576 ."
    ::= { rcRadiusDynAuthStatsClientEntry 5 }

rcRadiusDynAuthServerRcNacksAuthOnlyRequests OBJECT-TYPE
    SYNTAX     Counter32
    UNITS      "requests"
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of RADIUS Reauthentication-NAK packets that include a
         Service-Type attribute with value 'Authorize Only'
         sent to this Dynamic Authorization Client.  This counter
         may experience a discontinuity when the DAS module
         (re)starts, as indicated by the value of
         radiusDynAuthServerCounterDiscontinuity."
    REFERENCE
        "Reauthentication extension for RFC3576 ."
    ::= { rcRadiusDynAuthStatsClientEntry 6 }

rcRadiusDynAuthServerRcNacksNoSess OBJECT-TYPE
    SYNTAX     Counter32
    UNITS      "requests"
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of RADIUS Reauthentication-NAK packets sent to this
         Dynamic Authorization Client because no session context
         was found.  This counter may experience a discontinuity
         when the DAS module (re)starts, as indicated by the
         value of radiusDynAuthServerCounterDiscontinuity."
    REFERENCE
        "Reauthentication extension for RFC3576 ."
    ::= { rcRadiusDynAuthStatsClientEntry 7 }

rcRadiusDynAuthServerRcSessReauthenticated OBJECT-TYPE
    SYNTAX     Counter32
    UNITS      "requests"
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of user sessions reauthenticated
         for the Reauthentication-Requests received from this
         Dynamic Authorization Client.  Depending on site-
         specific policies, a single Reauthentication request can change
         multiple user sessions' authorization.  In cases where
         this Dynamic Authorization Server has no knowledge of
         the number of user sessions that are affected by a
         single request, each such CoA-Request will
         count as a single affected user session only.  This
         counter may experience a discontinuity when the DAS
         module (re)starts, as indicated by the value of
         radiusDynAuthServerCounterDiscontinuity."
    REFERENCE
        "Reauthentication extension for RFC3576 ."
    ::= { rcRadiusDynAuthStatsClientEntry 8 }

rcRadiusDynAuthServerRcMalformed OBJECT-TYPE
    SYNTAX     Counter32
    UNITS      "requests"
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of malformed RADIUS Reauthentication-Request
         packets received from this Dynamic Authorization Client.
         Bad authenticators and unknown types are not included
         as malformed Reauthentication-Requests.  This counter
         may experience a discontinuity when the DAS module
         (re)starts, as indicated by the value of
         radiusDynAuthServerCounterDiscontinuity."
    REFERENCE
        "Reauthentication extension for RFC3576 ."
    ::= { rcRadiusDynAuthStatsClientEntry 9 }

rcRadiusDynAuthServerRcDropped OBJECT-TYPE
    SYNTAX     Counter32
    UNITS      "requests"
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of incoming Reauthentication packets from this
         Dynamic Authorization Client silently discarded
         by the server application for some reason other than
         malformed, bad authenticators, or unknown types.  This
         counter may experience a discontinuity when the DAS
         module (re)starts, as indicated by the value of
         radiusDynAuthServerCounterDiscontinuity."
    REFERENCE
        "Reauthentication extension for RFC3576 ."
    ::= { rcRadiusDynAuthStatsClientEntry 10 }

rcRadiusDynAuthServerRcBadAuths OBJECT-TYPE
    SYNTAX     Counter32
    UNITS      "requests"
    MAX-ACCESS read-only
    STATUS     current
    DESCRIPTION
        "The number of RADIUS Reauthentication-Request packets that
         contained an invalid Authenticator field received
         from this Dynamic Authorization Client.  This counter
         may experience a discontinuity when the DAS module
         (re)starts, as indicated by the value of
         radiusDynAuthServerCounterDiscontinuity."
    REFERENCE
        "Reauthentication extension for RFC3576 ."
    ::= { rcRadiusDynAuthStatsClientEntry 11 }

-- Notifications objects

rcRadiusNotifications       OBJECT IDENTIFIER ::= { rcRadius 8 }
rcRadiusNotificationObjects OBJECT IDENTIFIER ::= { rcRadiusNotifications 1 }

rcRadiusEapRAVErrorMacAddress OBJECT-TYPE
    SYNTAX      MacAddress
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "The MAC address that was authorized on a port which could not be
         moved to the Radius-Assigned VLAN."
    ::= { rcRadiusNotificationObjects 1 }

rcRadiusEapRAVErrorPort OBJECT-TYPE
    SYNTAX      InterfaceIndex
    MAX-ACCESS  accessible-for-notify
    STATUS      current
    DESCRIPTION
        "The ifIndex of the port that could not be moved to the Radius-Assigned
         VLAN."
    ::= { rcRadiusNotificationObjects 2 }

rcRadiusEapServAddressType OBJECT-TYPE
    SYNTAX        InetAddressType
    MAX-ACCESS    accessible-for-notify
    STATUS        current
    DESCRIPTION   "Address type of a EAP Radius server. To be used with rcRadiusEapServAddress."
    ::= { rcRadiusNotificationObjects 3 }

rcRadiusEapServAddress OBJECT-TYPE
    SYNTAX        InetAddress
    MAX-ACCESS    accessible-for-notify
    STATUS        current
    DESCRIPTION   "Address of a EAP Radius server. To be used with rcRadiusEapServAddressType."
    ::= { rcRadiusNotificationObjects 4 }


-- ------------------------------------------------------
-- Secure RADIUS Certificate Profile configuration table
-- ------------------------------------------------------
rcRadiusSecureProfileTable   OBJECT-TYPE
    SYNTAX SEQUENCE OF RcRadiusSecureProfileEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION
        "This table is used to configure certificate profiles
        for Secure RADIUS use."
    ::= { rcRadius 9 }

rcRadiusSecureProfileEntry OBJECT-TYPE
    SYNTAX       RcRadiusSecureProfileEntry
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "Entry defining a Secure RADIUS certificate profile."
    INDEX { rcRadiusSecureProfileName }
    ::= { rcRadiusSecureProfileTable 1 }
   
RcRadiusSecureProfileEntry ::=
    SEQUENCE {
        rcRadiusSecureProfileName                       DisplayString,
        rcRadiusSecureProfileRootCert                   DisplayString,
        rcRadiusSecureProfileCert                       DisplayString,
        rcRadiusSecureProfileKey                        DisplayString,
        rcRadiusSecureProfilePassword                   DisplayString,
        rcRadiusSecureProfileRowStatus                  RowStatus,
        rcRadiusSecureProfileRootCertDestFile           DisplayString,
        rcRadiusSecureProfileCertDestFile               DisplayString,
        rcRadiusSecureProfileKeyDestFile                DisplayString
    }
   
rcRadiusSecureProfileName OBJECT-TYPE
    SYNTAX       DisplayString (SIZE(1..16))
    MAX-ACCESS   not-accessible
    STATUS       current
    DESCRIPTION
        "Profile name."
    ::= { rcRadiusSecureProfileEntry 1 }

rcRadiusSecureProfileRootCert OBJECT-TYPE
    SYNTAX       DisplayString (SIZE(1..255))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "Full path for profile root certificate."
    DEFVAL { "n/a" }
    ::= { rcRadiusSecureProfileEntry 2 }

rcRadiusSecureProfileCert OBJECT-TYPE
    SYNTAX       DisplayString (SIZE(1..255))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "Full path for profile certificate."
    DEFVAL { "n/a" }
    ::= { rcRadiusSecureProfileEntry 3 }

rcRadiusSecureProfileKey OBJECT-TYPE
    SYNTAX       DisplayString (SIZE(1..255))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "Full path for profile private key."
    DEFVAL { "n/a" }
    ::= { rcRadiusSecureProfileEntry 4 }

rcRadiusSecureProfilePassword OBJECT-TYPE
    SYNTAX       DisplayString (SIZE(0..255))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION
        "Password to decrypt profile private key."
    DEFVAL { "" }
    ::= { rcRadiusSecureProfileEntry 5 }

rcRadiusSecureProfileRowStatus OBJECT-TYPE
    SYNTAX        RowStatus
    MAX-ACCESS    read-create
    STATUS        current
    DESCRIPTION   "Used to create/delete entries."
    ::= { rcRadiusSecureProfileEntry 6 }

rcRadiusSecureProfileRootCertDestFile OBJECT-TYPE
    SYNTAX       DisplayString (SIZE(0..128))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION  "File name to use when installing root certificate."
    DEFVAL { "" }
    ::= { rcRadiusSecureProfileEntry 7 }

rcRadiusSecureProfileCertDestFile OBJECT-TYPE
    SYNTAX       DisplayString (SIZE(0..128))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION  "File name to use when installing certificate."
    DEFVAL { "" }
    ::= { rcRadiusSecureProfileEntry 8 }

rcRadiusSecureProfileKeyDestFile OBJECT-TYPE
    SYNTAX       DisplayString (SIZE(0..128))
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION  "File name to use when installing key."
    DEFVAL { "" }
    ::= { rcRadiusSecureProfileEntry 9 }

END
