
RC-TACACS-MIB DEFINITIONS ::= BEGIN

IMPORTS
    MODULE-IDENTITY, OBJECT-TYPE, Integer32
        FROM SNMPv2-SMI
    TEXTUAL-CONVENTION, RowStatus, TruthValue
        FROM SNMPv2-TC
    InetAddressType, InetAddress, InetPortNumber
        FROM INET-ADDRESS-MIB
    rcTacacs
        FROM RAPID-CITY;

rcTacacsMib MODULE-IDENTITY
       LAST-UPDATED "201512240000Z"
       ORGANIZATION         "Bay Networks, Rapid-City Group"
       CONTACT-INFO         "Yu-Ten Lee
                         Postal:           Nortel Networks, Inc. 
                                                  4655 Great America Parkway 
                                                  Santa Clara, CA 95052-8185 

                            Tel:              408-495-2560
                            Fax:             408-495-6680
                         E-mail:           ylee@nortelnetworks.com"

       DESCRIPTION         "Enterprise MIB for TACACS"

       REVISION "201512240000Z" -- 24 December 2015
       DESCRIPTION "Version 13: Increased the range of rcTacacsGlobalLastUserName
	   			from 1..128 to 0..128. (prempa)"

       REVISION "200804070000Z" -- 7 Apr 2008
       DESCRIPTION "Version 12: Added rcTacacsNncliCommandAuthorizationEnabled
                                and rcTacacsNncliCommandAuthorizationLevels."

       REVISION "200804020000Z" -- 02 Apr 2008
       DESCRIPTION "Version 11: Change syntax of rcTacacsAccounting and
                                rcTacacsAuthentication to BITS."
       
       REVISION "200712260000Z" -- 26 Dec 2007
       DESCRIPTION "Version 10: Added rcTacacsAccounting and rcTacacsAuthentication nodes"

       REVISION "200608220000Z" -- 22 Aug 2006
       DESCRIPTION "Version 9: Changed the description for rcTacacsServerPortNumber"

       REVISION "200511180000Z" -- 18 Nov 2005
       DESCRIPTION "Version 8: Changed the description for rcTacacsServerPortNumber"

       REVISION "200509070000Z" -- 07 Sep 2005
       DESCRIPTION "Version 7: Updated the desc for rcTacacsServerKey"

       REVISION "200506090000Z" -- 09 June 2005
       DESCRIPTION "Version 6: Changed the default value for sourceIpInterfaceEnable"

       REVISION "200505240000Z" -- 24 May 2005
       DESCRIPTION "Version 5: Updated rcTacacs numbering"

       REVISION "200505100000Z" -- 10 May 2005
       DESCRIPTION "Version 4: Updated the range on rcTacacsServerTimeout"

       REVISION "200504200000Z" -- 20 April 2005
       DESCRIPTION "Version 3: Updated rcTacacsGlobalLastUserName.
                                        Reversed rcTacacs and rcTacacsMib."

       REVISION "200504060000Z" -- 06 April 2005
       DESCRIPTION "Version 2: Added IPv6 support.  Eliminated textual-conventions.
                                       General cleanup."

       REVISION "200502160000Z" -- 16 February 2005
       DESCRIPTION "Version 1: Initial version"

        ::= { rcTacacs 0 }

-- --------------------------------------------------
-- rcTacacsGlobal Group
-- --------------------------------------------------

rcTacacsGlobal OBJECT IDENTIFIER ::= { rcTacacs 1 }

rcTacacsGlobalEnable OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-write
    STATUS      current
    DESCRIPTION "Enable/disable this feature."
    DEFVAL      { false }
    ::= { rcTacacsGlobal 1 }

rcTacacsGlobalLastUserName OBJECT-TYPE
    SYNTAX      OCTET STRING (SIZE(0..128))
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "The last user for which authentication was attempted using TACACS+."
    ::= { rcTacacsGlobal 2 }

rcTacacsGlobalLastAddressType OBJECT-TYPE
    SYNTAX      InetAddressType
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "The type of address for the TACACS+ server that was most recently accessed"
    ::= { rcTacacsGlobal 3 }

rcTacacsGlobalLastAddress OBJECT-TYPE
    SYNTAX      InetAddress
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION "The address of the TACACS+ server that was most recently accessed"
    ::= { rcTacacsGlobal 4 }

rcTacacsAccounting OBJECT-TYPE
    SYNTAX        BITS {
                      cli(0),
                      ppp(1)
                  }
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "Determines which application will be accounted by tacacs+." 
    DEFVAL        { { } }   
    ::= { rcTacacsGlobal 5 }

rcTacacsAuthentication OBJECT-TYPE
    SYNTAX        BITS {
                      cli(0),
                      ppp(1),
                      web(2)
                  }
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "Determines which application will be authenticated by tacacs+."
    DEFVAL        { { cli } }   
    ::= { rcTacacsGlobal 6 }

rcTacacsNncliCommandAuthorizationEnabled OBJECT-TYPE
    SYNTAX        TruthValue
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "This object controls whether TACACS+ will be used for
                   authorization of individual NNCLI commands."
    DEFVAL        { false }   
    ::= { rcTacacsGlobal 7 }

rcTacacsNncliCommandAuthorizationLevels OBJECT-TYPE
    SYNTAX        BITS {
                      level0(0),
                      level1(1),
                      level2(2),
                      level3(3),
                      level4(4),
                      level5(5),
                      level6(6),
                      level7(7),
                      level8(8),
                      level9(9),
                      level10(10),
                      level11(11),
                      level12(12),
                      level13(13),
                      level14(14),
                      level15(15)
                  }
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION   "This object controls which NNCLI command privilege levels
                   will be authorized by TACACS+."
    DEFVAL        { { } }   
    ::= { rcTacacsGlobal 8 }


-- --------------------------------------------------
-- rcTacacsServerTable
-- --------------------------------------------------

rcTacacsServerTable OBJECT-TYPE
    SYNTAX      SEQUENCE OF RcTacacsServerEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION "The (conceptual) table listing the TACACS+ servers with
                 which the client shares a secret."
    ::= { rcTacacs 2 }

rcTacacsServerEntry OBJECT-TYPE
    SYNTAX      RcTacacsServerEntry
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION "An entry (conceptual row) representing a TACACS+ server
                 with which the client shares a secret."
    INDEX       { rcTacacsServerAddressType, rcTacacsServerAddress }
    ::= { rcTacacsServerTable 1 }

RcTacacsServerEntry ::= SEQUENCE {
    rcTacacsServerAddressType               InetAddressType,
    rcTacacsServerAddress                          InetAddress,
    rcTacacsServerPortNumber                   InetPortNumber,
    rcTacacsServerConnectionType          INTEGER,
    rcTacacsServerConnectionStatus        INTEGER,
    rcTacacsServerTimeout                          Integer32,
    rcTacacsServerKey                                   OCTET STRING,
    rcTacacsServerSourceIpInterfaceEnabled  TruthValue, 
    rcTacacsServerSourceIpInterfaceType        InetAddressType, 
    rcTacacsServerSourceIpInterface        InetAddress,
    rcTacacsServerPriority                             Integer32,
    rcTacacsServerRowStatus                     RowStatus
}

rcTacacsServerAddressType  OBJECT-TYPE
    SYNTAX      InetAddressType
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION  "Specifies the type of IP address used on the Tacacs+ server."
    ::= { rcTacacsServerEntry 1 }

rcTacacsServerAddress OBJECT-TYPE
    SYNTAX      InetAddress
    MAX-ACCESS  not-accessible
    STATUS      current
    DESCRIPTION  "The IP address of the TACACS+ server referred to in this table entry."
    ::= { rcTacacsServerEntry 2 }

rcTacacsServerPortNumber  OBJECT-TYPE
    SYNTAX      InetPortNumber
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION  "The TCP port on which the client establishes a connection to the server.
	                 A value of 0 indicates that the system specified default value is used."
    DEFVAL      { 49 }
    ::= { rcTacacsServerEntry 3 }

rcTacacsServerConnectionType  OBJECT-TYPE
    SYNTAX       INTEGER {
                     singleConnection(1),
                     perSessionConnection(2)
                 }
    MAX-ACCESS   read-create
    STATUS       current
    DESCRIPTION  "Specifies TCP connection type between device and TACACS+ server.
         Either a single open connection between a device and server
         (SingleConnection), or open/close connection per communication
         session (PerSessionConnection)."
    DEFVAL       { perSessionConnection }
    ::= { rcTacacsServerEntry 4 }

rcTacacsServerConnectionStatus  OBJECT-TYPE
    SYNTAX      INTEGER {
                    connected(1),
                    notConnected(2)
                }
    MAX-ACCESS  read-only
    STATUS      current
    DESCRIPTION  "Specifies status TCP connection type between device and TACACS+
         server."
    ::= { rcTacacsServerEntry 5 }

rcTacacsServerTimeout  OBJECT-TYPE
    SYNTAX      Integer32 (10..30)
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION  "The maximum time (in seconds) to wait for this TACACS+ server to reply."
    DEFVAL      { 10 }
    ::= { rcTacacsServerEntry 6 }

rcTacacsServerKey  OBJECT-TYPE
    SYNTAX      OCTET STRING (SIZE(0..128))
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION "Secret key to be shared with this TACACS+ server.
	                If the key length is zero that indicates no encryption is being used."
    DEFVAL      { ''H }
    ::= { rcTacacsServerEntry 7 }

rcTacacsServerSourceIpInterfaceEnabled  OBJECT-TYPE
    SYNTAX      TruthValue
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION  "Specifies whether source address specification is enabled."
    DEFVAL { false }
    ::= { rcTacacsServerEntry 8 }

rcTacacsServerSourceIpInterfaceType  OBJECT-TYPE
    SYNTAX      InetAddressType
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION  "Specifies the type of IP address used on the interface that
         connects to the Tacacs+ server.  If this value is unknown(0),
         then a system-wide default value will be used."
    DEFVAL { unknown }
    ::= { rcTacacsServerEntry 9 }

rcTacacsServerSourceIpInterface OBJECT-TYPE
    SYNTAX      InetAddress
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION  "IP address of the interface to use with this server."
    DEFVAL      { ''H }
    ::= { rcTacacsServerEntry 10 }

rcTacacsServerPriority OBJECT-TYPE
    SYNTAX      Integer32 (1..65535)
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION  "Determines the order in which the TACACS+ servers will be used,
         when 1 is the highest priority. If more than one server share
         the same priority - they will be used in  lexicographic order
         (the order of entries in this table)."
    DEFVAL      { 1 }
    ::= { rcTacacsServerEntry 11 }

rcTacacsServerRowStatus OBJECT-TYPE
    SYNTAX      RowStatus
    MAX-ACCESS  read-create
    STATUS      current
    DESCRIPTION "The row status variable, can be set to destroy or createAndGo."
    ::= { rcTacacsServerEntry 12 }

END
