-- This file was included in WWP MIB release 04-16-00-0047
 --
 -- CIENA-CES-TCE-RADIUS-CLIENT-MIB.my
 --
 --

 CIENA-CES-RADIUS-CLIENT-MIB DEFINITIONS ::= BEGIN

 IMPORTS       
   Counter32, Gauge32, IpAddress, Unsigned32, Integer32, TimeTicks, OBJECT-TYPE, MODULE-IDENTITY       
       FROM SNMPv2-SMI        
   DisplayString, RowStatus, TruthValue, TEXTUAL-CONVENTION
       FROM SNMPv2-TC                  
   cienaCesStatistics
       FROM CIENA-SMI
   CienaGlobalState
   	 FROM CIENA-TC
   InetAddressType, InetAddress
       FROM INET-ADDRESS-MIB;
   
 cienaCesRadiusClientMIB MODULE-IDENTITY
        LAST-UPDATED "201602170000Z"
            ORGANIZATION "Ciena Corp."
            CONTACT-INFO
        	"  Mib Meister
               115 North Sullivan Road
               Spokane Valley, WA 99037
               USA            
               Phone:  +1 509 242 9000
               Email:  support@ciena.com"
            DESCRIPTION
               "This module defines the objects used by the RADIUS client."

            REVISION "201602170000Z"
            DESCRIPTION
               "Updated DESCRIPTION of cienaCesRadiusUserLoginStatus, 
               cienaCesRadiusUserLoginAcctStatus, cienaCesRadiusDot1xAuthStatus,
               and cienaCesRadiusDot1xAcctStatus."

            REVISION "201507220000Z"
            DESCRIPTION
               "Changed the RADIUS authentication string range to accept a zero length string."

            REVISION "201506220000Z"
            DESCRIPTION
               "Added cienaCesRadiusUserLoginAuthSecret, cienaCesRadiusUserLoginAcctAuthSecret,
	        cienaCesRadiusDot1xAuthAuthSecret, cienaCesRadiusDot1xAcctAuthSecret"

            REVISION "201406120000Z"
            DESCRIPTION
               "Added cienaCesRadiusUserLoginAcct"

            REVISION "201401020000Z"
            DESCRIPTION
               "Added independent Inet addressing and Unsigned32 imports.
                Deprecated cienaCesRadiusClientTimeout, cienaCesRadiusClientRetries, cienaCesRadiusClientAuthKey, 
                cienaCesRadiusClientAuthKeyUnset, cienaCesRadiusClientSearchType, and cienaCesRadiusClientServerTable.  
                Added cienaCesRadiusUserLoginTable, cienaCesRadiusDot1XAuthTable, cienaCesRadiusDot1XAcctTable"

            REVISION "201204170000Z"
            DESCRIPTION
               "Corrected the maximum RADIUS authentication string length from 127 to 64 characters."

            REVISION "201005180000Z"
            DESCRIPTION
                    "Initial creation."
            ::= { cienaCesStatistics 3 }
 


 RadiusString ::= TEXTUAL-CONVENTION
    DISPLAY-HINT "255a"
    STATUS       current
    DESCRIPTION
            "Used to represent the RADIUS authentication string."
    SYNTAX       OCTET STRING (SIZE (0 | 8..64))

 --
 -- Node definitions
 --
 
 cienaCesRadiusClientMIBObjects OBJECT IDENTIFIER ::= { cienaCesRadiusClientMIB 1 }
 
 cienaCesRadiusClient OBJECT IDENTIFIER ::= {cienaCesRadiusClientMIBObjects 1 } 
 cienaCesRadiusClientGlobal OBJECT IDENTIFIER ::= {cienaCesRadiusClient 1 }
 cienaCesRadiusClientServer OBJECT IDENTIFIER ::= {cienaCesRadiusClient 2 }

 cienaCesRadiusUserLogin OBJECT IDENTIFIER ::= {cienaCesRadiusClient 3 }
 cienaCesRadiusUserLoginGlobal OBJECT IDENTIFIER ::= {cienaCesRadiusUserLogin 1 }

 cienaCesRadiusDot1xAuth OBJECT IDENTIFIER ::= {cienaCesRadiusClient 4 }
 cienaCesRadiusDot1xAuthGlobal OBJECT IDENTIFIER ::= {cienaCesRadiusDot1xAuth 1 }

 cienaCesRadiusDot1xAcct OBJECT IDENTIFIER ::= {cienaCesRadiusClient 5 }
 cienaCesRadiusDot1xAcctGlobal OBJECT IDENTIFIER ::= {cienaCesRadiusDot1xAcct 1 }

 cienaCesRadiusUserLoginAcct OBJECT IDENTIFIER ::= {cienaCesRadiusClient 6 }
 cienaCesRadiusUserLoginAcctGlobal OBJECT IDENTIFIER ::= {cienaCesRadiusUserLoginAcct 1 }

 -- Notifications 
  
 cienaCesRadiusClientMIBNotificationPrefix  OBJECT IDENTIFIER ::= { cienaCesRadiusClientMIB 2 } 
 cienaCesRadiusClientMIBNotifications       OBJECT IDENTIFIER ::=  
                       { cienaCesRadiusClientMIBNotificationPrefix 0 }

 -- Conformance information 
 
 cienaCesRadiusClientMIBConformance OBJECT IDENTIFIER ::= { cienaCesRadiusClientMIB 3 } 
 cienaCesRadiusClientMIBCompliances OBJECT IDENTIFIER ::= { cienaCesRadiusClientMIBConformance 1 }      
 cienaCesRadiusClientMIBGroups      OBJECT IDENTIFIER ::= { cienaCesRadiusClientMIBConformance 2 }
         
 
 cienaCesRadiusAdminState OBJECT-TYPE     
     SYNTAX       CienaGlobalState
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
        "Setting this object administratively enables or disables the RADIUS client."
     ::= { cienaCesRadiusClientGlobal 1 }

 cienaCesRadiusOperState OBJECT-TYPE     
     SYNTAX        CienaGlobalState
     MAX-ACCESS    read-only
     STATUS        current
     DESCRIPTION
        "This object returns the operational state of the RADIUS client."
     ::= { cienaCesRadiusClientGlobal 2 }

 cienaCesRadiusClientTimeout OBJECT-TYPE
     SYNTAX       Integer32 (1..30)
     UNITS        "seconds"
     MAX-ACCESS   read-write
     STATUS       deprecated
     DESCRIPTION
        "This is the time in seconds between re-transmissions
         to the RADIUS server."
     DEFVAL { 1 }
     ::= { cienaCesRadiusClientGlobal 3 }
      
 cienaCesRadiusClientRetries   OBJECT-TYPE
     SYNTAX         Integer32 (0..3)
     MAX-ACCESS     read-write
     STATUS         deprecated
     DESCRIPTION
        "Indicates the number of times the RADIUS server should be
         tried before giving up on the server."
     DEFVAL { 3 }
     ::= { cienaCesRadiusClientGlobal 4 } 
 
 cienaCesRadiusClientAuthKey OBJECT-TYPE
     SYNTAX        RadiusString
     MAX-ACCESS    read-write
     STATUS        deprecated
     DESCRIPTION
        "The authenticaion key to be used for RADIUS servers.
        Retrieving the value of this object via SNMP returns 
        an empty string for security reasons."
     ::= { cienaCesRadiusClientGlobal 5 }
  
  cienaCesRadiusClientAuthKeyUnset OBJECT-TYPE
     SYNTAX        TruthValue
     MAX-ACCESS    read-write
     STATUS        deprecated
     DESCRIPTION
        "Setting this object to true clears the value of 
         cienaCesRadiusClientAuthKey.
         Reading this object always returns a value of false."
     ::= { cienaCesRadiusClientGlobal 6 }

  cienaCesRadiusClientSearchType OBJECT-TYPE     
     SYNTAX        INTEGER {
                        cached(1),
                        priority(2)
                   }
     MAX-ACCESS    read-write
     STATUS        deprecated
     DESCRIPTION
             "This object sets the search type of the RADIUS client."
     ::= { cienaCesRadiusClientGlobal 7 }

--
-- Radius Client Server Table
--     

 cienaCesRadiusClientServerTable OBJECT-TYPE
     SYNTAX         SEQUENCE OF CienaCesRadiusClientServerEntry
     MAX-ACCESS     not-accessible
     STATUS         deprecated
     DESCRIPTION
        "Lists the possible RADIUS servers. 
         While creating an entry, cienaCesRadiusRadiusClientServerStatus and 
         cienaCesRadiusClientServerAddr must be specified. The SNMP multiple 
         set operation must be used to create an entry."
     ::= { cienaCesRadiusClientServer 1 }
      
  
 cienaCesRadiusClientServerEntry OBJECT-TYPE
     SYNTAX       CienaCesRadiusClientServerEntry
     MAX-ACCESS   not-accessible
     STATUS       deprecated
     DESCRIPTION
        "RADIUS server entry."
     INDEX { cienaCesRadiusClientServerIndex}
     ::= { cienaCesRadiusClientServerTable 1 }
      
 CienaCesRadiusClientServerEntry ::= SEQUENCE {
     cienaCesRadiusClientServerIndex             				   Integer32,     
     cienaCesRadiusClientServerAddr                            DisplayString,     
     cienaCesRadiusClientServerResolvedAddr                    IpAddress,
     cienaCesRadiusClientServerPriority             			   Integer32,
     cienaCesRadiusClientServerAuthPort                        Integer32,     
     cienaCesRadiusClientServerRoundTripTime                   TimeTicks,
     cienaCesRadiusClientServerAccessRequests                  Counter32,
     cienaCesRadiusClientServerAccessRetransmissions           Counter32,
     cienaCesRadiusClientServerAccessAccepts                   Counter32,
     cienaCesRadiusClientServerAccessRejects                   Counter32,
     cienaCesRadiusClientServerAccessChallenges                Counter32,
     cienaCesRadiusClientServerMalformedAccessResponses        Counter32,
     cienaCesRadiusClientServerBadAuthenticators               Counter32,
     cienaCesRadiusClientServerPendingRequests                 Gauge32,
     cienaCesRadiusClientServerTimeouts                        Counter32,
     cienaCesRadiusClientServerUnknownTypes                    Counter32,
     cienaCesRadiusClientServerPacketsDropped                  Counter32,
     cienaCesRadiusClientServerApplication                   	INTEGER,
     cienaCesRadiusClientServerStatus                          RowStatus     
	}

 cienaCesRadiusClientServerIndex OBJECT-TYPE
     SYNTAX       Integer32 (1..8)
     MAX-ACCESS   not-accessible
     STATUS       deprecated
     DESCRIPTION
        "Specifies the index of this table."
     ::= { cienaCesRadiusClientServerEntry 1 }
   
 cienaCesRadiusClientServerAddr OBJECT-TYPE
     SYNTAX       DisplayString
     MAX-ACCESS   read-create
     STATUS       deprecated
     DESCRIPTION
        "Host name or IP address of the RADIUS server."
     ::= { cienaCesRadiusClientServerEntry 2 }

 cienaCesRadiusClientServerResolvedAddr OBJECT-TYPE
     SYNTAX       IpAddress
     MAX-ACCESS   read-only
     STATUS       deprecated
     DESCRIPTION
        "Specifies the resolved IP address if cienaCesRadiusClientServerAddr is set to
         host name. If cienaCesRadiusClientServerAddr is set to IP address, 
         then cienaCesRadiusClientServerResolvedAddr contains the same 
         information as cienaCesRadiusClientServerAddr."
     ::= { cienaCesRadiusClientServerEntry 3 }
 
  cienaCesRadiusClientServerPriority OBJECT-TYPE
     SYNTAX       Integer32
     MAX-ACCESS   read-create
     STATUS       deprecated
     DESCRIPTION
        "Specifies the priority of RADIUS servers configured on the device."
     ::= { cienaCesRadiusClientServerEntry 4 } 

 cienaCesRadiusClientServerAuthPort OBJECT-TYPE
      SYNTAX      Integer32 (1..65535)
      MAX-ACCESS  read-create
      STATUS      deprecated
      DESCRIPTION
         "The destination UDP port number to which RADIUS
         messages should be sent. The RADIUS server is not 
         used for authentication if this port number is 0."
      DEFVAL { 1812 }
      ::= { cienaCesRadiusClientServerEntry 5 }

 cienaCesRadiusClientServerRoundTripTime  OBJECT-TYPE
      SYNTAX TimeTicks
      MAX-ACCESS read-only
      STATUS deprecated
      DESCRIPTION
            "The time interval (in hundredths of a second) between
             the most recent Access-Reply/Access-Challenge and the
             Access-Request that matched it from this RADIUS
             authentication server."
      ::= { cienaCesRadiusClientServerEntry 6 }

 cienaCesRadiusClientServerAccessRequests OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS deprecated
      DESCRIPTION
            "The number of RADIUS Access-Request packets sent
             to this server. This does not include retransmissions."
      ::= { cienaCesRadiusClientServerEntry 7 }

 cienaCesRadiusClientServerAccessRetransmissions OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS deprecated
      DESCRIPTION
            "The number of RADIUS Access-Request packets
             retransmitted to this RADIUS authentication server."
      ::= { cienaCesRadiusClientServerEntry 8 }

 cienaCesRadiusClientServerAccessAccepts OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS deprecated
      DESCRIPTION
            "The number of RADIUS Access-Accept packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusClientServerEntry 9 }

 cienaCesRadiusClientServerAccessRejects OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS deprecated
      DESCRIPTION
            "The number of RADIUS Access-Reject packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusClientServerEntry  10 }

 cienaCesRadiusClientServerAccessChallenges OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS deprecated
      DESCRIPTION
            "The number of RADIUS Access-Challenge packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusClientServerEntry 11 }

 cienaCesRadiusClientServerMalformedAccessResponses OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS deprecated
      DESCRIPTION
            "The number of malformed RADIUS Access-Response
             packets received from this server.
             Malformed packets include packets with
             an invalid length. Bad authenticators or
             signature attributes or unknown types are not
             included as malformed access responses."
      ::= { cienaCesRadiusClientServerEntry 12 }

 cienaCesRadiusClientServerBadAuthenticators OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS deprecated
      DESCRIPTION
            "The number of RADIUS Access-Response packets
             containing invalid authenticators or signature
             attributes received from this server."
      ::= { cienaCesRadiusClientServerEntry 13 }

 cienaCesRadiusClientServerPendingRequests OBJECT-TYPE
      SYNTAX Gauge32
      MAX-ACCESS read-only
      STATUS deprecated
      DESCRIPTION
            "The number of RADIUS Access-Request packets
             destined for this server that have not yet timed out
             or received a response. This variable is incremented
             when an Access-Request is sent and decremented due to
             receipt of an Access-Accept, Access-Reject, 
             Access-Challenge, a timeout, or retransmission."
      ::= { cienaCesRadiusClientServerEntry 14 }

 cienaCesRadiusClientServerTimeouts OBJECT-TYPE
     SYNTAX Counter32
     MAX-ACCESS read-only
     STATUS deprecated
     DESCRIPTION
            "The number of authentication timeouts to this server.
             After a timeout the client may retry sending to the same
             server, send to a different server, or
             give up. A retry to the same server is counted as a
             retransmit as well as a timeout. A send to a different
             server is counted as a request as well as a timeout."
      ::= { cienaCesRadiusClientServerEntry  15 }

 cienaCesRadiusClientServerUnknownTypes OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS deprecated
      DESCRIPTION
            "The number of RADIUS packets of unknown type which
             were received from this server on the authentication port."
      ::= { cienaCesRadiusClientServerEntry  16 }

 cienaCesRadiusClientServerPacketsDropped OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS deprecated
      DESCRIPTION
            "The number of RADIUS packets which were
             received from this server on the authentication port
             and dropped for some other reason."
      ::= { cienaCesRadiusClientServerEntry  17}
 
  cienaCesRadiusClientServerApplication OBJECT-TYPE
      SYNTAX      INTEGER {
                     userLogin(1),
                     all(2)
               }
      MAX-ACCESS  read-create
      STATUS      deprecated
      DESCRIPTION
            "This object specifies how the RADIUS server should be used for authentication."
      DEFVAL   {all}
      ::= { cienaCesRadiusClientServerEntry  18}
      
     
 cienaCesRadiusClientServerStatus OBJECT-TYPE
      SYNTAX        RowStatus
      MAX-ACCESS    read-create
      STATUS        deprecated
      DESCRIPTION
            "To create a row in this table, a manager must
            set this object to createAndGo(4).

            To create an entry, cienaCesRadiusClientServerStatus and 
            cienaCesRadiusClientServerAddr must be specified. The SNMP 
            multiple set operation must be used to create the entry.

            To disable a RADIUS server, set the 
            cienaCesRadiusClientServerStatus object to 'notInService' state."
      ::= { cienaCesRadiusClientServerEntry 19 } 


--
-- Radius User Login Global
--

 cienaCesRadiusUserLoginTimeout OBJECT-TYPE
     SYNTAX       Integer32 (1..30)
     UNITS        "seconds"
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION
        "This is the time in seconds between re-transmissions
         to the RADIUS server."
     DEFVAL { 1 }
     ::= { cienaCesRadiusUserLoginGlobal 1 }
      
 cienaCesRadiusUserLoginRetries   OBJECT-TYPE
     SYNTAX         Integer32 (0..3)
     MAX-ACCESS     read-write
     STATUS         current
     DESCRIPTION
        "Indicates the number of times the RADIUS server should be
         tried before giving up on the server."
     DEFVAL { 3 }
     ::= { cienaCesRadiusUserLoginGlobal 2 } 
 
 cienaCesRadiusUserLoginAuthKey OBJECT-TYPE
     SYNTAX        RadiusString
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
        "The authenticaion key to be used for RADIUS servers.
        Retrieving the value of this object via SNMP returns 
        an empty string for security reasons."
     ::= { cienaCesRadiusUserLoginGlobal 3 }
  
  cienaCesRadiusUserLoginSearchType OBJECT-TYPE     
     SYNTAX        INTEGER {
                        cached(1),
                        priority(2)
                   }
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
             "This object sets the search type of the RADIUS client."
     ::= { cienaCesRadiusUserLoginGlobal 4 }

   cienaCesRadiusUserLoginAuthSecret OBJECT-TYPE
     SYNTAX       OCTET STRING(SIZE(0..259))
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION
        "Used to set the pre-encrypted secret for user-login auth.
         When read, this object returns the encrypted secret."
     ::= { cienaCesRadiusUserLoginGlobal 5 }
--
-- Radius User Login Table
--

 cienaCesRadiusUserLoginTable OBJECT-TYPE
     SYNTAX         SEQUENCE OF CienaCesRadiusUserLoginEntry
     MAX-ACCESS     not-accessible
     STATUS         current
     DESCRIPTION
        "Lists the possible RADIUS user login servers. 
         While creating an entry, cienaCesRadiusUserLoginStatus and 
         cienaCesRadiusUserLoginAddr must be specified. The SNMP multiple 
         set operation must be used to create an entry."
     ::= { cienaCesRadiusUserLogin 2 }
      
  
 cienaCesRadiusUserLoginEntry OBJECT-TYPE
     SYNTAX       CienaCesRadiusUserLoginEntry
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION
        "RADIUS user login entry."
     INDEX { cienaCesRadiusUserLoginIndex }
     ::= { cienaCesRadiusUserLoginTable 1 }
      
 CienaCesRadiusUserLoginEntry ::= SEQUENCE {
     cienaCesRadiusUserLoginIndex                  			Integer32,
     cienaCesRadiusUserLoginResolvedInetAddrType            InetAddressType,
     cienaCesRadiusUserLoginResolvedInetAddress             InetAddress,
     cienaCesRadiusUserLoginAddr                            DisplayString,
     cienaCesRadiusUserLoginPriority             			   Integer32,
     cienaCesRadiusUserLoginAuthPort                        Integer32,
     cienaCesRadiusUserLoginClearStatistics                 TruthValue,
     cienaCesRadiusUserLoginRoundTripTime                   TimeTicks,
     cienaCesRadiusUserLoginRequests                        Counter32,
     cienaCesRadiusUserLoginRetransmissions                 Counter32,
     cienaCesRadiusUserLoginAccessAccepts                   Counter32,
     cienaCesRadiusUserLoginAccessRejects                   Counter32,
     cienaCesRadiusUserLoginAccessChallenges                Counter32,
     cienaCesRadiusUserLoginAccountingResponses             Counter32,
     cienaCesRadiusUserLoginMalformedResponses              Counter32,
     cienaCesRadiusUserLoginBadAuthenticators               Counter32,
     cienaCesRadiusUserLoginTimeouts                        Counter32,
     cienaCesRadiusUserLoginUnknownTypes                    Counter32,
     cienaCesRadiusUserLoginPacketsDropped                  Counter32,
     cienaCesRadiusUserLoginStatus                          RowStatus     
	}

 cienaCesRadiusUserLoginIndex OBJECT-TYPE
     SYNTAX       Integer32 (1..8)
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION
        "Specifies the index of this table."
     ::= { cienaCesRadiusUserLoginEntry 1 }

 cienaCesRadiusUserLoginResolvedInetAddrType OBJECT-TYPE
     SYNTAX       InetAddressType
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION
           "Specifies the resolved IP address type.  This OID is used in conjunction 
            with cienaCesRadiusUserLoginInetAddrress.
            When set to :
            ipv4 : cienaCesRadiusUserLoginResolvedInetAddress should be compliant with InetAddressIPv4 
            ipv6 : cienaCesRadiusUserLoginResolvedInetAddress should be compliant with InetAddressIPv6 "
     ::= { cienaCesRadiusUserLoginEntry 2 }
 
 cienaCesRadiusUserLoginResolvedInetAddress OBJECT-TYPE
     SYNTAX       InetAddress
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION
	   "Specifies the resolved IP address if cienaCesRadiusUserLoginAddr is set to host name.
            If cienaCesRadiusUserLoginAddr is set to ip address then 
            cienaCesRadiusUserLoginResolvedInetAddress will contain same information as 
            cienaCesRadiusUserLoginAddr.
            This OID should be used in conjuction with cienaCesRadiusUserLoginResolvedInetAddrType."
     ::= { cienaCesRadiusUserLoginEntry 3 }

 cienaCesRadiusUserLoginAddr OBJECT-TYPE
     SYNTAX       DisplayString
     MAX-ACCESS   read-create
     STATUS       current
     DESCRIPTION
        "Host name or IP address of the RADIUS server."
     ::= { cienaCesRadiusUserLoginEntry 4 }
 
  cienaCesRadiusUserLoginPriority OBJECT-TYPE
     SYNTAX       Integer32
     MAX-ACCESS   read-create
     STATUS       current
     DESCRIPTION
        "Specifies the priority of RADIUS servers configured on the device."
     ::= { cienaCesRadiusUserLoginEntry 5 } 

 cienaCesRadiusUserLoginAuthPort OBJECT-TYPE
      SYNTAX      Integer32 (1..65535)
      MAX-ACCESS  read-create
      STATUS      current
      DESCRIPTION
         "The destination UDP port number to which RADIUS
         messages should be sent. The RADIUS server is not 
         used for authentication if this port number is 0."
      DEFVAL { 1812 }
      ::= { cienaCesRadiusUserLoginEntry 6 }

 cienaCesRadiusUserLoginClearStatistics OBJECT-TYPE
     SYNTAX         TruthValue
     MAX-ACCESS     read-write
     STATUS         current
     DESCRIPTION
           "This object clears the statistics for a server."

     ::= { cienaCesRadiusUserLoginEntry 7 }

 cienaCesRadiusUserLoginRoundTripTime  OBJECT-TYPE
      SYNTAX TimeTicks
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The time interval (in hundredths of a second) between
             the most recent Access-Reply/Access-Challenge and the
             Access-Request that matched it from this RADIUS
             authentication server."
      ::= { cienaCesRadiusUserLoginEntry 8 }

 cienaCesRadiusUserLoginRequests OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Request packets sent
             to this server. This does not include retransmissions."
      ::= { cienaCesRadiusUserLoginEntry 9 }

 cienaCesRadiusUserLoginRetransmissions OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Request packets
             retransmitted to this RADIUS authentication server."
      ::= { cienaCesRadiusUserLoginEntry 10 }

 cienaCesRadiusUserLoginAccessAccepts OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Accept packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusUserLoginEntry 11 }

 cienaCesRadiusUserLoginAccessRejects OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Reject packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusUserLoginEntry  12 }

 cienaCesRadiusUserLoginAccessChallenges OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Challenge packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusUserLoginEntry 13 }

 cienaCesRadiusUserLoginAccountingResponses OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Accounting-Response packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusUserLoginEntry 14 }

 cienaCesRadiusUserLoginMalformedResponses OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of malformed RADIUS Access-Response
             packets received from this server.
             Malformed packets include packets with
             an invalid length. Bad authenticators or
             signature attributes or unknown types are not
             included as malformed access responses."
      ::= { cienaCesRadiusUserLoginEntry 15 }

 cienaCesRadiusUserLoginBadAuthenticators OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Response packets
             containing invalid authenticators or signature
             attributes received from this server."
      ::= { cienaCesRadiusUserLoginEntry 16 }

 cienaCesRadiusUserLoginTimeouts OBJECT-TYPE
     SYNTAX Counter32
     MAX-ACCESS read-only
     STATUS current
     DESCRIPTION
            "The number of authentication timeouts to this server.
             After a timeout the client may retry sending to the same
             server, send to a different server, or
             give up. A retry to the same server is counted as a
             retransmit as well as a timeout. A send to a different
             server is counted as a request as well as a timeout."
      ::= { cienaCesRadiusUserLoginEntry  17 }

 cienaCesRadiusUserLoginUnknownTypes OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS packets of unknown type which
             were received from this server on the authentication port."
      ::= { cienaCesRadiusUserLoginEntry  18 }

 cienaCesRadiusUserLoginPacketsDropped OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS packets which were
             received from this server on the authentication port
             and dropped for some other reason."
      ::= { cienaCesRadiusUserLoginEntry  19 }
      
 cienaCesRadiusUserLoginStatus OBJECT-TYPE
      SYNTAX        RowStatus
      MAX-ACCESS    read-create
      STATUS        current
      DESCRIPTION
           "To create a row in this table, a manager must specify
            cienaCesRadiusUserLoginAddr and set this object to createAndGo(4).
            The RADIUS server will initially be administratively disabled.

            To administratively enable the RADIUS server, set this object to
            active(1). To administratively disable the RADIUS server set this
            object to notInService(2)."
      ::= { cienaCesRadiusUserLoginEntry 20 } 

--
-- Radius User Login Acct Global
--

 cienaCesRadiusUserLoginAcctAdminState OBJECT-TYPE     
     SYNTAX        INTEGER {
			disabled(1),
			enabled(2)
                   }
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
	     "Setting this object administratively enables/disables the RADIUS user login accounting client on the device."
     ::= { cienaCesRadiusUserLoginAcctGlobal 1 }

 cienaCesRadiusUserLoginAcctTimeout OBJECT-TYPE
     SYNTAX       Integer32 (1..30)
     UNITS        "seconds"
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION
        "This is the time in seconds between re-transmissions
         to the RADIUS server."
     DEFVAL { 1 }
     ::= { cienaCesRadiusUserLoginAcctGlobal 2 }
      
 cienaCesRadiusUserLoginAcctRetries   OBJECT-TYPE
     SYNTAX         Integer32 (0..3)
     MAX-ACCESS     read-write
     STATUS         current
     DESCRIPTION
        "Indicates the number of times the RADIUS server should be
         tried before giving up on the server."
     DEFVAL { 3 }
     ::= { cienaCesRadiusUserLoginAcctGlobal 3 } 
 
 cienaCesRadiusUserLoginAcctAuthKey OBJECT-TYPE
     SYNTAX        RadiusString
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
        "The authenticaion key to be used for RADIUS servers.
        Retrieving the value of this object via SNMP returns 
        an empty string for security reasons."
     ::= { cienaCesRadiusUserLoginAcctGlobal 4 }
  
  cienaCesRadiusUserLoginAcctSearchType OBJECT-TYPE     
     SYNTAX        INTEGER {
                        cached(1),
                        priority(2)
                   }
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
             "This object sets the search type of the RADIUS client."
     ::= { cienaCesRadiusUserLoginAcctGlobal 5 }

   cienaCesRadiusUserLoginAcctAuthSecret OBJECT-TYPE
     SYNTAX       OCTET STRING(SIZE(0..259))
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION
        "Used to set the pre-encrypted secret for user-login accounting
         auth. When read, this object returns the encrypted secret."
     ::= { cienaCesRadiusUserLoginAcctGlobal 6 }

--
-- Radius User Login Acct Table
--

 cienaCesRadiusUserLoginAcctTable OBJECT-TYPE
     SYNTAX         SEQUENCE OF CienaCesRadiusUserLoginAcctEntry
     MAX-ACCESS     not-accessible
     STATUS         current
     DESCRIPTION
        "Lists the possible RADIUS user login servers. 
         While creating an entry, cienaCesRadiusUserLoginAcctStatus and 
         cienaCesRadiusUserLoginAcctAddr must be specified. The SNMP multiple 
         set operation must be used to create an entry."
     ::= { cienaCesRadiusUserLoginAcct 2 }
      
  
 cienaCesRadiusUserLoginAcctEntry OBJECT-TYPE
     SYNTAX       CienaCesRadiusUserLoginAcctEntry
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION
        "RADIUS user login entry."
     INDEX { cienaCesRadiusUserLoginAcctIndex }
     ::= { cienaCesRadiusUserLoginAcctTable 1 }
      
 CienaCesRadiusUserLoginAcctEntry ::= SEQUENCE {
     cienaCesRadiusUserLoginAcctIndex                  			Integer32,
     cienaCesRadiusUserLoginAcctResolvedInetAddrType            InetAddressType,
     cienaCesRadiusUserLoginAcctResolvedInetAddress             InetAddress,
     cienaCesRadiusUserLoginAcctAddr                            DisplayString,
     cienaCesRadiusUserLoginAcctPriority             			   Integer32,
     cienaCesRadiusUserLoginAcctAuthPort                        Integer32,
     cienaCesRadiusUserLoginAcctClearStatistics                 TruthValue,
     cienaCesRadiusUserLoginAcctRoundTripTime                   TimeTicks,
     cienaCesRadiusUserLoginAcctRequests                        Counter32,
     cienaCesRadiusUserLoginAcctRetransmissions                 Counter32,
     cienaCesRadiusUserLoginAcctAccessAccepts                   Counter32,
     cienaCesRadiusUserLoginAcctAccessRejects                   Counter32,
     cienaCesRadiusUserLoginAcctAccessChallenges                Counter32,
     cienaCesRadiusUserLoginAcctAccountingResponses             Counter32,
     cienaCesRadiusUserLoginAcctMalformedResponses              Counter32,
     cienaCesRadiusUserLoginAcctBadAuthenticators               Counter32,
     cienaCesRadiusUserLoginAcctTimeouts                        Counter32,
     cienaCesRadiusUserLoginAcctUnknownTypes                    Counter32,
     cienaCesRadiusUserLoginAcctPacketsDropped                  Counter32,
     cienaCesRadiusUserLoginAcctStatus                          RowStatus     
	}

 cienaCesRadiusUserLoginAcctIndex OBJECT-TYPE
     SYNTAX       Integer32 (1..8)
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION
        "Specifies the index of this table."
     ::= { cienaCesRadiusUserLoginAcctEntry 1 }

 cienaCesRadiusUserLoginAcctResolvedInetAddrType OBJECT-TYPE
     SYNTAX       InetAddressType
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION
           "Specifies the resolved IP address type.  This OID is used in conjunction 
            with cienaCesRadiusUserLoginAcctInetAddrress.
            When set to :
            ipv4 : cienaCesRadiusUserLoginAcctResolvedInetAddress should be compliant with InetAddressIPv4 
            ipv6 : cienaCesRadiusUserLoginAcctResolvedInetAddress should be compliant with InetAddressIPv6 "
     ::= { cienaCesRadiusUserLoginAcctEntry 2 }
 
 cienaCesRadiusUserLoginAcctResolvedInetAddress OBJECT-TYPE
     SYNTAX       InetAddress
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION
	   "Specifies the resolved IP address if cienaCesRadiusUserLoginAcctAddr is set to host name.
            If cienaCesRadiusUserLoginAcctAddr is set to ip address then 
            cienaCesRadiusUserLoginAcctResolvedInetAddress will contain same information as 
            cienaCesRadiusUserLoginAcctAddr.
            This OID should be used in conjuction with cienaCesRadiusUserLoginAcctResolvedInetAddrType."
     ::= { cienaCesRadiusUserLoginAcctEntry 3 }

 cienaCesRadiusUserLoginAcctAddr OBJECT-TYPE
     SYNTAX       DisplayString
     MAX-ACCESS   read-create
     STATUS       current
     DESCRIPTION
        "Host name or IP address of the RADIUS server."
     ::= { cienaCesRadiusUserLoginAcctEntry 4 }
 
  cienaCesRadiusUserLoginAcctPriority OBJECT-TYPE
     SYNTAX       Integer32
     MAX-ACCESS   read-create
     STATUS       current
     DESCRIPTION
        "Specifies the priority of RADIUS servers configured on the device."
     ::= { cienaCesRadiusUserLoginAcctEntry 5 } 

 cienaCesRadiusUserLoginAcctAuthPort OBJECT-TYPE
      SYNTAX      Integer32 (1..65535)
      MAX-ACCESS  read-create
      STATUS      current
      DESCRIPTION
         "The destination UDP port number to which RADIUS
         messages should be sent. The RADIUS server is not 
         used for authentication if this port number is 0."
      DEFVAL { 1812 }
      ::= { cienaCesRadiusUserLoginAcctEntry 6 }

 cienaCesRadiusUserLoginAcctClearStatistics OBJECT-TYPE
     SYNTAX         TruthValue
     MAX-ACCESS     read-write
     STATUS         current
     DESCRIPTION
           "This object clears the statistics for a server."

     ::= { cienaCesRadiusUserLoginAcctEntry 7 }

 cienaCesRadiusUserLoginAcctRoundTripTime  OBJECT-TYPE
      SYNTAX TimeTicks
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The time interval (in hundredths of a second) between
             the most recent Access-Reply/Access-Challenge and the
             Access-Request that matched it from this RADIUS
             authentication server."
      ::= { cienaCesRadiusUserLoginAcctEntry 8 }

 cienaCesRadiusUserLoginAcctRequests OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Request packets sent
             to this server. This does not include retransmissions."
      ::= { cienaCesRadiusUserLoginAcctEntry 9 }

 cienaCesRadiusUserLoginAcctRetransmissions OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Request packets
             retransmitted to this RADIUS authentication server."
      ::= { cienaCesRadiusUserLoginAcctEntry 10 }

 cienaCesRadiusUserLoginAcctAccessAccepts OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Accept packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusUserLoginAcctEntry 11 }

 cienaCesRadiusUserLoginAcctAccessRejects OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Reject packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusUserLoginAcctEntry  12 }

 cienaCesRadiusUserLoginAcctAccessChallenges OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Challenge packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusUserLoginAcctEntry 13 }

 cienaCesRadiusUserLoginAcctAccountingResponses OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Accounting-Response packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusUserLoginAcctEntry 14 }

 cienaCesRadiusUserLoginAcctMalformedResponses OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of malformed RADIUS Access-Response
             packets received from this server.
             Malformed packets include packets with
             an invalid length. Bad authenticators or
             signature attributes or unknown types are not
             included as malformed access responses."
      ::= { cienaCesRadiusUserLoginAcctEntry 15 }

 cienaCesRadiusUserLoginAcctBadAuthenticators OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Response packets
             containing invalid authenticators or signature
             attributes received from this server."
      ::= { cienaCesRadiusUserLoginAcctEntry 16 }

 cienaCesRadiusUserLoginAcctTimeouts OBJECT-TYPE
     SYNTAX Counter32
     MAX-ACCESS read-only
     STATUS current
     DESCRIPTION
            "The number of authentication timeouts to this server.
             After a timeout the client may retry sending to the same
             server, send to a different server, or
             give up. A retry to the same server is counted as a
             retransmit as well as a timeout. A send to a different
             server is counted as a request as well as a timeout."
      ::= { cienaCesRadiusUserLoginAcctEntry  17 }

 cienaCesRadiusUserLoginAcctUnknownTypes OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS packets of unknown type which
             were received from this server on the authentication port."
      ::= { cienaCesRadiusUserLoginAcctEntry  18 }

 cienaCesRadiusUserLoginAcctPacketsDropped OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS packets which were
             received from this server on the authentication port
             and dropped for some other reason."
      ::= { cienaCesRadiusUserLoginAcctEntry  19 }
      
 cienaCesRadiusUserLoginAcctStatus OBJECT-TYPE
      SYNTAX        RowStatus
      MAX-ACCESS    read-create
      STATUS        current
      DESCRIPTION
           "To create a row in this table, a manager must specify
            cienaCesRadiusUserLoginAcctAddr and set this object to createAndGo(4).
            The RADIUS server will initially be administratively disabled.

            To administratively enable the RADIUS server, set this object to
            active(1). To administratively disable the RADIUS server set this
            object to notInService(2)."
      ::= { cienaCesRadiusUserLoginAcctEntry 20 } 

--
-- Radius Dot1x Auth Global
--

 cienaCesRadiusDot1xAuthTimeout OBJECT-TYPE
     SYNTAX       Integer32 (1..30)
     UNITS        "seconds"
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION
        "This is the time in seconds between re-transmissions
         to the RADIUS server."
     DEFVAL { 1 }
     ::= { cienaCesRadiusDot1xAuthGlobal 1 }
      
 cienaCesRadiusDot1xAuthRetries   OBJECT-TYPE
     SYNTAX         Integer32 (0..3)
     MAX-ACCESS     read-write
     STATUS         current
     DESCRIPTION
        "Indicates the number of times the RADIUS server should be
         tried before giving up on the server."
     DEFVAL { 3 }
     ::= { cienaCesRadiusDot1xAuthGlobal 2 } 
 
 cienaCesRadiusDot1xAuthAuthKey OBJECT-TYPE
     SYNTAX        RadiusString
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
        "The authenticaion key to be used for RADIUS servers.
        Retrieving the value of this object via SNMP returns 
        an empty string for security reasons."
     ::= { cienaCesRadiusDot1xAuthGlobal 3 }
  
  cienaCesRadiusDot1xAuthSearchType OBJECT-TYPE     
     SYNTAX        INTEGER {
                        priority(1),
                        loadBalance(2)
                   }
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
             "This object sets the search type of the RADIUS client."
     ::= { cienaCesRadiusDot1xAuthGlobal 4 }

 cienaCesRadiusDot1xAuthGreylistTimeout   OBJECT-TYPE
     SYNTAX         Unsigned32 (60..14400)
     UNITS          "seconds"
     MAX-ACCESS     read-write
     STATUS         current
     DESCRIPTION
        "The max greylist timeout for a RADIUS Dot1x Auth server between
         1 minute and 4 hours."
     DEFVAL { 600 }
     ::= { cienaCesRadiusDot1xAuthGlobal 5 } 

   cienaCesRadiusDot1xAuthAuthSecret OBJECT-TYPE
     SYNTAX       OCTET STRING(SIZE(0..259))
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION
        "Used to set the pre-encrypted secret for dot1x auth.
         When read, this object returns the encrypted secret."
     ::= { cienaCesRadiusDot1xAuthGlobal 6 }
 
--
-- Radius Dot1x Auth Table
--

 cienaCesRadiusDot1xAuthTable OBJECT-TYPE
     SYNTAX         SEQUENCE OF CienaCesRadiusDot1xAuthEntry
     MAX-ACCESS     not-accessible
     STATUS         current
     DESCRIPTION
        "Lists the possible RADIUS Dot1x auth servers. 
         While creating an entry, cienaCesRadiusDot1xAuthStatus and 
         cienaCesRadiusDot1xAuthAddr must be specified. The SNMP multiple 
         set operation must be used to create an entry."
     ::= { cienaCesRadiusDot1xAuth 2 }
      
  
 cienaCesRadiusDot1xAuthEntry OBJECT-TYPE
     SYNTAX       CienaCesRadiusDot1xAuthEntry
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION
        "RADIUS user login entry."
     INDEX { cienaCesRadiusDot1xAuthIndex }
     ::= { cienaCesRadiusDot1xAuthTable 1 }
      
 CienaCesRadiusDot1xAuthEntry ::= SEQUENCE {
     cienaCesRadiusDot1xAuthIndex                  			Integer32,
     cienaCesRadiusDot1xAuthResolvedInetAddrType            InetAddressType,
     cienaCesRadiusDot1xAuthResolvedInetAddress             InetAddress,
     cienaCesRadiusDot1xAuthAddr                            DisplayString,
     cienaCesRadiusDot1xAuthPriority             			   Integer32,
     cienaCesRadiusDot1xAuthAuthPort                        Integer32,
     cienaCesRadiusDot1xAuthClearStatistics                 TruthValue,
     cienaCesRadiusDot1xAuthGreylistTimeRemaining           Unsigned32,
     cienaCesRadiusDot1xAuthRoundTripTime                   TimeTicks,
     cienaCesRadiusDot1xAuthRequests                        Counter32,
     cienaCesRadiusDot1xAuthRetransmissions                 Counter32,
     cienaCesRadiusDot1xAuthAccessAccepts                   Counter32,
     cienaCesRadiusDot1xAuthAccessRejects                   Counter32,
     cienaCesRadiusDot1xAuthAccessChallenges                Counter32,
     cienaCesRadiusDot1xAuthAccountingResponses             Counter32,
     cienaCesRadiusDot1xAuthMalformedResponses              Counter32,
     cienaCesRadiusDot1xAuthBadAuthenticators               Counter32,
     cienaCesRadiusDot1xAuthTimeouts                        Counter32,
     cienaCesRadiusDot1xAuthUnknownTypes                    Counter32,
     cienaCesRadiusDot1xAuthPacketsDropped                  Counter32,
     cienaCesRadiusDot1xAuthStatus                          RowStatus
	}

 cienaCesRadiusDot1xAuthIndex OBJECT-TYPE
     SYNTAX       Integer32 (1..8)
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION
        "Specifies the index of this table."
     ::= { cienaCesRadiusDot1xAuthEntry 1 }

 cienaCesRadiusDot1xAuthResolvedInetAddrType OBJECT-TYPE
     SYNTAX       InetAddressType
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION
           "Specifies the resolved IP address type.  This OID is used in conjunction 
            with cienaCesRadiusDot1xAuthInetAddrress.
            When set to :
            ipv4 : cienaCesRadiusDot1xAuthResolvedInetAddress should be compliant with InetAddressIPv4 
            ipv6 : cienaCesRadiusDot1xAuthResolvedInetAddress should be compliant with InetAddressIPv6 "
     ::= { cienaCesRadiusDot1xAuthEntry 2 }
 
 cienaCesRadiusDot1xAuthResolvedInetAddress OBJECT-TYPE
     SYNTAX       InetAddress
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION
	   "Specifies the resolved IP address if cienaCesRadiusDot1xAuthAddr is set to host name.
            If cienaCesRadiusDot1xAuthAddr is set to ip address then 
            cienaCesRadiusDot1xAuthResolvedInetAddress will contain same information as 
            cienaCesRadiusDot1xAuthAddr.
            This OID should be used in conjuction with cienaCesRadiusDot1xAuthResolvedInetAddrType."
     ::= { cienaCesRadiusDot1xAuthEntry 3 }

 cienaCesRadiusDot1xAuthAddr OBJECT-TYPE
     SYNTAX       DisplayString
     MAX-ACCESS   read-create
     STATUS       current
     DESCRIPTION
        "Host name or IP address of the RADIUS server."
     ::= { cienaCesRadiusDot1xAuthEntry 4 }
 
 cienaCesRadiusDot1xAuthPriority  OBJECT-TYPE
     SYNTAX       Integer32
     MAX-ACCESS   read-create
     STATUS       current
     DESCRIPTION
        "Specifies the priority of RADIUS servers configured on the device."
     ::= { cienaCesRadiusDot1xAuthEntry 5 } 

 cienaCesRadiusDot1xAuthAuthPort OBJECT-TYPE
      SYNTAX      Integer32 (1..65535)
      MAX-ACCESS  read-create
      STATUS      current
      DESCRIPTION
         "The destination UDP port number to which RADIUS
         messages should be sent. The RADIUS server is not 
         used for authentication if this port number is 0."
      DEFVAL { 1812 }
      ::= { cienaCesRadiusDot1xAuthEntry 6 }

 cienaCesRadiusDot1xAuthClearStatistics OBJECT-TYPE
     SYNTAX         TruthValue
     MAX-ACCESS     read-write
     STATUS         current
     DESCRIPTION
           "This object clears the statistics for a server."
     ::= { cienaCesRadiusDot1xAuthEntry 7 }

 cienaCesRadiusDot1xAuthGreylistTimeRemaining OBJECT-TYPE
     SYNTAX         Unsigned32 (0..14400)
     UNITS          "seconds"
     MAX-ACCESS     read-only
     STATUS         current
     DESCRIPTION
           "Reflects the remaining time before the server removed from the greylist. 
            A value of '0' (zero) indicates the current server is not greylisted"
     ::= { cienaCesRadiusDot1xAuthEntry 8 }

 cienaCesRadiusDot1xAuthRoundTripTime  OBJECT-TYPE
      SYNTAX TimeTicks
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The time interval (in hundredths of a second) between
             the most recent Access-Reply/Access-Challenge and the
             Access-Request that matched it from this RADIUS
             authentication server."
      ::= { cienaCesRadiusDot1xAuthEntry 9 }

 cienaCesRadiusDot1xAuthRequests OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Request packets sent
             to this server. This does not include retransmissions."
      ::= { cienaCesRadiusDot1xAuthEntry 10 }

 cienaCesRadiusDot1xAuthRetransmissions OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Request packets
             retransmitted to this RADIUS authentication server."
      ::= { cienaCesRadiusDot1xAuthEntry 11 }

 cienaCesRadiusDot1xAuthAccessAccepts OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Accept packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusDot1xAuthEntry 12 }

 cienaCesRadiusDot1xAuthAccessRejects OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Reject packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusDot1xAuthEntry  13 }

 cienaCesRadiusDot1xAuthAccessChallenges OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Challenge packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusDot1xAuthEntry 14 }

 cienaCesRadiusDot1xAuthAccountingResponses OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Accounting-Response packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusDot1xAuthEntry 15 }

 cienaCesRadiusDot1xAuthMalformedResponses OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of malformed RADIUS Access-Response
             packets received from this server.
             Malformed packets include packets with
             an invalid length. Bad authenticators or
             signature attributes or unknown types are not
             included as malformed access responses."
      ::= { cienaCesRadiusDot1xAuthEntry 16 }

 cienaCesRadiusDot1xAuthBadAuthenticators OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Response packets
             containing invalid authenticators or signature
             attributes received from this server."
      ::= { cienaCesRadiusDot1xAuthEntry 17 }

 cienaCesRadiusDot1xAuthTimeouts OBJECT-TYPE
     SYNTAX Counter32
     MAX-ACCESS read-only
     STATUS current
     DESCRIPTION
            "The number of authentication timeouts to this server.
             After a timeout the client may retry sending to the same
             server, send to a different server, or
             give up. A retry to the same server is counted as a
             retransmit as well as a timeout. A send to a different
             server is counted as a request as well as a timeout."
      ::= { cienaCesRadiusDot1xAuthEntry  18 }

 cienaCesRadiusDot1xAuthUnknownTypes OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS packets of unknown type which
             were received from this server on the authentication port."
      ::= { cienaCesRadiusDot1xAuthEntry  19 }

 cienaCesRadiusDot1xAuthPacketsDropped OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS packets which were
             received from this server on the authentication port
             and dropped for some other reason."
      ::= { cienaCesRadiusDot1xAuthEntry  20 }
      
 cienaCesRadiusDot1xAuthStatus OBJECT-TYPE
      SYNTAX        RowStatus
      MAX-ACCESS    read-create
      STATUS        current
      DESCRIPTION
           "To create a row in this table, a manager must specify
            cienaCesRadiusDot1xAuthAddr and set this object to createAndGo(4).
            The RADIUS server will initially be administratively disabled.

            To administratively enable the RADIUS server, set this object to
            active(1). To administratively disable the RADIUS server set this
            object to notInService(2)."
      ::= { cienaCesRadiusDot1xAuthEntry 21 } 

--
-- Radius Dot1x Acct Global
--

 cienaCesRadiusDot1xAcctAdminState OBJECT-TYPE     
     SYNTAX        INTEGER {
			disabled(1),
			enabled(2)
                   }
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
	     "Setting this object administratively enables/disables the RADIUS Dot1x accounting client on the device."
     ::= { cienaCesRadiusDot1xAcctGlobal 1 }

 cienaCesRadiusDot1xAcctTimeout OBJECT-TYPE
     SYNTAX       Integer32 (1..30)
     UNITS        "seconds"
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION
        "This is the time in seconds between re-transmissions
         to the RADIUS server."
     DEFVAL { 1 }
     ::= { cienaCesRadiusDot1xAcctGlobal 2 }
      
 cienaCesRadiusDot1xAcctRetries   OBJECT-TYPE
     SYNTAX         Integer32 (0..3)
     MAX-ACCESS     read-write
     STATUS         current
     DESCRIPTION
        "Indicates the number of times the RADIUS server should be
         tried before giving up on the server."
     DEFVAL { 3 }
     ::= { cienaCesRadiusDot1xAcctGlobal 3 } 
 
 cienaCesRadiusDot1xAcctAuthKey OBJECT-TYPE
     SYNTAX        RadiusString
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
        "The authenticaion key to be used for RADIUS servers.
        Retrieving the value of this object via SNMP returns 
        an empty string for security reasons."
     ::= { cienaCesRadiusDot1xAcctGlobal 4 }
  
 cienaCesRadiusDot1xAcctSearchType OBJECT-TYPE     
     SYNTAX        INTEGER {
                        priority(1),
                        loadBalance(2)
                   }
     MAX-ACCESS    read-write
     STATUS        current
     DESCRIPTION
             "This object sets the search type of the RADIUS client."
     ::= { cienaCesRadiusDot1xAcctGlobal 5 }

 cienaCesRadiusDot1xAcctGreylistTimeout   OBJECT-TYPE
     SYNTAX         Unsigned32 (60..14400)
     UNITS          "seconds"
     MAX-ACCESS     read-write
     STATUS         current
     DESCRIPTION
        "The max greylist timeout for a RADIUS Dot1x Acct server between
         1 minute and 4 hours."
     DEFVAL { 600 }
     ::= { cienaCesRadiusDot1xAcctGlobal 6 } 

 cienaCesRadiusDot1xAcctAuthSecret OBJECT-TYPE
     SYNTAX       OCTET STRING(SIZE(0..259))
     MAX-ACCESS   read-write
     STATUS       current
     DESCRIPTION
        "Used to set the pre-encrypted secret for dot1x auth acct.
         When read, this object returns the encrypted secret."
     ::= { cienaCesRadiusDot1xAcctGlobal 7 }
 
--
-- Dadius Dot1x Acct Table
--

 cienaCesRadiusDot1xAcctTable OBJECT-TYPE
     SYNTAX         SEQUENCE OF CienaCesRadiusDot1xAcctEntry
     MAX-ACCESS     not-accessible
     STATUS         current
     DESCRIPTION
        "Lists the possible RADIUS Dot1x Acct servers. 
         While creating an entry, cienaCesRadiusDot1xAcctStatus and 
         cienaCesRadiusDot1xAcctAddr must be specified. The SNMP multiple 
         set operation must be used to create an entry."
     ::= { cienaCesRadiusDot1xAcct 2 }
      
  
 cienaCesRadiusDot1xAcctEntry OBJECT-TYPE
     SYNTAX       CienaCesRadiusDot1xAcctEntry
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION
        "RADIUS user login entry."
     INDEX { cienaCesRadiusDot1xAcctIndex }
     ::= { cienaCesRadiusDot1xAcctTable 1 }
      
 CienaCesRadiusDot1xAcctEntry ::= SEQUENCE {
     cienaCesRadiusDot1xAcctIndex                  			Integer32,
     cienaCesRadiusDot1xAcctResolvedInetAddrType            InetAddressType,
     cienaCesRadiusDot1xAcctResolvedInetAddress             InetAddress,
     cienaCesRadiusDot1xAcctAddr                            DisplayString,
     cienaCesRadiusDot1xAcctPriority             			   Integer32,
     cienaCesRadiusDot1xAcctAuthPort                        Integer32,
     cienaCesRadiusDot1xAcctClearStatistics                 TruthValue,
     cienaCesRadiusDot1xAcctGreylistTimeRemaining           Unsigned32,   
     cienaCesRadiusDot1xAcctRoundTripTime                   TimeTicks,
     cienaCesRadiusDot1xAcctRequests                        Counter32,
     cienaCesRadiusDot1xAcctRetransmissions                 Counter32,
     cienaCesRadiusDot1xAcctAccessAccepts                   Counter32,
     cienaCesRadiusDot1xAcctAccessRejects                   Counter32,
     cienaCesRadiusDot1xAcctAccessChallenges                Counter32,
     cienaCesRadiusDot1xAcctAccountingResponses             Counter32,
     cienaCesRadiusDot1xAcctMalformedResponses              Counter32,
     cienaCesRadiusDot1xAcctBadAuthenticators               Counter32,
     cienaCesRadiusDot1xAcctTimeouts                        Counter32,
     cienaCesRadiusDot1xAcctUnknownTypes                    Counter32,
     cienaCesRadiusDot1xAcctPacketsDropped                  Counter32,
     cienaCesRadiusDot1xAcctStatus                          RowStatus
	}

 cienaCesRadiusDot1xAcctIndex OBJECT-TYPE
     SYNTAX       Integer32 (1..8)
     MAX-ACCESS   not-accessible
     STATUS       current
     DESCRIPTION
        "Specifies the index of this table."
     ::= { cienaCesRadiusDot1xAcctEntry 1 }

 cienaCesRadiusDot1xAcctResolvedInetAddrType OBJECT-TYPE
     SYNTAX       InetAddressType
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION
           "Specifies the resolved IP address type.  This OID is used in conjunction 
            with cienaCesRadiusDot1xAcctInetAddrress.
            When set to :
            ipv4 : cienaCesRadiusDot1xAcctResolvedInetAddress should be compliant with InetAddressIPv4 
            ipv6 : cienaCesRadiusDot1xAcctResolvedInetAddress should be compliant with InetAddressIPv6 "
     ::= { cienaCesRadiusDot1xAcctEntry 2 }
 
 cienaCesRadiusDot1xAcctResolvedInetAddress OBJECT-TYPE
     SYNTAX       InetAddress
     MAX-ACCESS   read-only
     STATUS       current
     DESCRIPTION
	   "Specifies the resolved IP address if cienaCesRadiusDot1xAcctAddr is set to host name.
            If cienaCesRadiusDot1xAcctAddr is set to ip address then 
            cienaCesRadiusDot1xAcctResolvedInetAddress will contain same information as 
            cienaCesRadiusDot1xAcctAddr.
            This OID should be used in conjuction with cienaCesRadiusDot1xAcctResolvedInetAddrType."
     ::= { cienaCesRadiusDot1xAcctEntry 3 }

 cienaCesRadiusDot1xAcctAddr OBJECT-TYPE
     SYNTAX       DisplayString
     MAX-ACCESS   read-create
     STATUS       current
     DESCRIPTION
        "Host name or IP address of the RADIUS server."
     ::= { cienaCesRadiusDot1xAcctEntry 4 }
 
 cienaCesRadiusDot1xAcctPriority OBJECT-TYPE
     SYNTAX       Integer32
     MAX-ACCESS   read-create
     STATUS       current
     DESCRIPTION
        "Specifies the priority of RADIUS servers configured on the device."
     ::= { cienaCesRadiusDot1xAcctEntry 5 } 

 cienaCesRadiusDot1xAcctAuthPort OBJECT-TYPE
      SYNTAX      Integer32 (1..65535)
      MAX-ACCESS  read-create
      STATUS      current
      DESCRIPTION
         "The destination UDP port number to which RADIUS
         messages should be sent. The RADIUS server is not 
         used for authentication if this port number is 0."
      DEFVAL { 1812 }
      ::= { cienaCesRadiusDot1xAcctEntry 6 }

 cienaCesRadiusDot1xAcctClearStatistics OBJECT-TYPE
     SYNTAX         TruthValue
     MAX-ACCESS     read-write
     STATUS         current
     DESCRIPTION
           "This object clears the statistics for a server."
     ::= { cienaCesRadiusDot1xAcctEntry 7 }

 cienaCesRadiusDot1xAcctGreylistTimeRemaining OBJECT-TYPE
     SYNTAX         Unsigned32 (0..14400)
     UNITS          "seconds"
     MAX-ACCESS     read-only
     STATUS         current
     DESCRIPTION
           "Reflects the remaining time before the server removed from the greylist. 
            A value of '0' (zero) indicates the current server is not greylisted"
     ::= { cienaCesRadiusDot1xAcctEntry 8 }

 cienaCesRadiusDot1xAcctRoundTripTime  OBJECT-TYPE
      SYNTAX TimeTicks
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The time interval (in hundredths of a second) between
             the most recent Access-Reply/Access-Challenge and the
             Access-Request that matched it from this RADIUS
             authentication server."
      ::= { cienaCesRadiusDot1xAcctEntry 9 }

 cienaCesRadiusDot1xAcctRequests OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Request packets sent
             to this server. This does not include retransmissions."
      ::= { cienaCesRadiusDot1xAcctEntry 10 }

 cienaCesRadiusDot1xAcctRetransmissions OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Request packets
             retransmitted to this RADIUS authentication server."
      ::= { cienaCesRadiusDot1xAcctEntry 11 }

 cienaCesRadiusDot1xAcctAccessAccepts OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Accept packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusDot1xAcctEntry 12 }

 cienaCesRadiusDot1xAcctAccessRejects OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Reject packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusDot1xAcctEntry  13 }

 cienaCesRadiusDot1xAcctAccessChallenges OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Challenge packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusDot1xAcctEntry 14 }

 cienaCesRadiusDot1xAcctAccountingResponses OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Accounting-Response packets
             (valid or invalid) received from this server."
      ::= { cienaCesRadiusDot1xAcctEntry 15 }

 cienaCesRadiusDot1xAcctMalformedResponses OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of malformed RADIUS Access-Response
             packets received from this server.
             Malformed packets include packets with
             an invalid length. Bad authenticators or
             signature attributes or unknown types are not
             included as malformed access responses."
      ::= { cienaCesRadiusDot1xAcctEntry 16 }

 cienaCesRadiusDot1xAcctBadAuthenticators OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS Access-Response packets
             containing invalid authenticators or signature
             attributes received from this server."
      ::= { cienaCesRadiusDot1xAcctEntry 17 }

 cienaCesRadiusDot1xAcctTimeouts OBJECT-TYPE
     SYNTAX Counter32
     MAX-ACCESS read-only
     STATUS current
     DESCRIPTION
            "The number of authentication timeouts to this server.
             After a timeout the client may retry sending to the same
             server, send to a different server, or
             give up. A retry to the same server is counted as a
             retransmit as well as a timeout. A send to a different
             server is counted as a request as well as a timeout."
      ::= { cienaCesRadiusDot1xAcctEntry  18 }

 cienaCesRadiusDot1xAcctUnknownTypes OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS packets of unknown type which
             were received from this server on the authentication port."
      ::= { cienaCesRadiusDot1xAcctEntry  19 }

 cienaCesRadiusDot1xAcctPacketsDropped OBJECT-TYPE
      SYNTAX Counter32
      MAX-ACCESS read-only
      STATUS current
      DESCRIPTION
            "The number of RADIUS packets which were
             received from this server on the authentication port
             and dropped for some other reason."
      ::= { cienaCesRadiusDot1xAcctEntry  20 }
       
 cienaCesRadiusDot1xAcctStatus OBJECT-TYPE
      SYNTAX        RowStatus
      MAX-ACCESS    read-create
      STATUS        current
      DESCRIPTION
           "To create a row in this table, a manager must specify
            cienaCesRadiusDot1xAcctAddr and set this object to createAndGo(4).
            The RADIUS server will initially be administratively disabled.

            To administratively enable the RADIUS server, set this object to
            active(1). To administratively disable the RADIUS server set this
            object to notInService(2)."
      ::= { cienaCesRadiusDot1xAcctEntry 21 } 

 END
