ALCATEL-IND1-AAA-MIB DEFINITIONS ::= BEGIN

    IMPORTS
        MODULE-IDENTITY, OBJECT-IDENTITY, OBJECT-TYPE, IpAddress,
        Integer32, Unsigned32, Counter64, NOTIFICATION-TYPE
            FROM SNMPv2-SMI
        MacAddress, RowStatus
            FROM SNMPv2-TC
        MODULE-COMPLIANCE, OBJECT-GROUP, NOTIFICATION-GROUP
            FROM SNMPv2-CONF
        SnmpAdminString        FROM SNMP-FRAMEWORK-MIB
        InetAddressType, InetAddress, InetAddressPrefixLength
            FROM INET-ADDRESS-MIB
        Ipv6Address
            FROM IPV6-TC 
        softentIND1AAA
            FROM ALCATEL-IND1-BASE
        InterfaceIndexOrZero
            FROM IF-MIB;


    alcatelIND1AAAMIB MODULE-IDENTITY
        LAST-UPDATED "201911270000Z"
        ORGANIZATION "ALE USA Inc."
        CONTACT-INFO
        "Please consult with Customer Service to ensure the most appropriate
         version of this document is used with the products in question:

                         Alcatel-Lucent Enterprise
                            26801 West Agoura Road
                         Agoura Hills, CA  91301-5122
                           United States Of America

         Telephone:          +1 800 995 2696

         Electronic Mail:    ebg_global_supportcenter@al-enterprise.com
         World Wide Web:     https://www.al-enterprise.com"

        DESCRIPTION
            "This module describes an authoritative enterprise-specific Simple
             Network Management Protocol (SNMP) Management Information Base (MIB):

                 For the OmniSwitch Product Line
                 Authentication, Authorization, and Accounting (AAA) Subsystem.

             The right to make changes in specification and other information
             contained in this document without prior notice is reserved.

             No liability shall be assumed for any incidental, indirect, special, or
             consequential damages whatsoever arising from or related to this
             document or the information contained herein.

             Vendors, end-users, and other interested parties are granted
             non-exclusive license to use this specification in connection with
             management of the products for which it is intended to be used.

                       Copyright (C) ALE USA Inc. 2014-2019
                       Copyright (C) 1995-2013 Alcatel-Lucent
                           ALL RIGHTS RESERVED WORLDWIDE"

        REVISION      "201911270000Z"
        DESCRIPTION
            "Updated the latest contact and Copyright information for ALE USA Inc."

        REVISION      "201610030000Z"
        DESCRIPTION
            "Added aaaAsaAccessConsoleAdminOnly object to aaaAsaConfig ."

        REVISION      "201005130000Z"
        DESCRIPTION
            "Fixed the Notifications to use MIB Module OID.0 as Notifications root."

        REVISION      "200704030000Z"
        DESCRIPTION
            "The latest version of this MIB Module."
        ::= { softentIND1AAA 1 }




    alcatelIND1AAAMIBNotifications OBJECT-IDENTITY
        STATUS current
        DESCRIPTION
            "Branch For Authentication, Authorization, and Accounting (AAA)
            Subsystem Notifications."
        ::= { alcatelIND1AAAMIB 0 }


    alcatelIND1AAAMIBObjects OBJECT-IDENTITY
        STATUS current
        DESCRIPTION
            "Branch For Authentication, Authorization, and Accounting (AAA)
            Subsystem Managed Objects."
        ::= { alcatelIND1AAAMIB 1 }


    alcatelIND1AAAMIBConformance OBJECT-IDENTITY
        STATUS current
        DESCRIPTION
            "Branch For Authentication, Authorization, and Accounting (AAA)
            Subsystem Conformance Information."
        ::= { alcatelIND1AAAMIB 2 }


    alcatelIND1AAAMIBGroups OBJECT-IDENTITY
        STATUS current
        DESCRIPTION
            "Branch For Authentication, Authorization, and Accounting (AAA)
            Subsystem Units Of Conformance."
        ::= { alcatelIND1AAAMIBConformance 1 }


    alcatelIND1AAAMIBCompliances OBJECT-IDENTITY
        STATUS current
        DESCRIPTION
            "Branch For Authentication, Authorization, and Accounting (AAA)
            Subsystem Compliance Statements."
        ::= { alcatelIND1AAAMIBConformance 2 }



--    Overview of the AAA MIB
--
--    this MIB provides configuration of the AAA services including the
--    servers and the local user database
--

--    AAA server MIB

    aaaServerMIB    OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 1 }

--
--    Server configuration table
--

    aaaServerTable OBJECT-TYPE
        SYNTAX        SEQUENCE OF AaaServerEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "This table shows current configuration for each AAA server."
        ::= { aaaServerMIB 1 }

    aaaServerEntry OBJECT-TYPE
        SYNTAX        AaaServerEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "An AAA server configuration identified by its protocol
             and its index. An entry is created/removed when a server
             is defined or undefined with IOS configuration commands
             via CLI or by issuing appropriate sets to this table
             using snmp."
        INDEX     { aaasName }
        ::= { aaaServerTable 1 }

    AaaServerEntry ::= SEQUENCE
        {
            aaasName            SnmpAdminString,
            aaasProtocol        INTEGER,
            aaasHostName        SnmpAdminString,
            aaasIpAddress       IpAddress,
            aaasHostName2       SnmpAdminString,
            aaasIpAddress2      IpAddress,
            aaasRetries         Integer32,
            aaasTimout          Integer32,
            aaasRadKey          SnmpAdminString,
            aaasRadAuthPort     Integer32,
            aaasRadAcctPort     Integer32,
            aaasLdapPort        Integer32,
            aaasLdapDn          SnmpAdminString,
            aaasLdapPasswd      SnmpAdminString,
            aaasLdapSearchBase  SnmpAdminString,
            aaasLdapServType    INTEGER,
            aaasLdapEnableSsl   INTEGER,
            aaasRowStatus       RowStatus,
            aaasTacacsKey       SnmpAdminString,
            aaasTacacsPort      Integer32,
            aaasVrfName         SnmpAdminString,
            aaasRadKeyHash      SnmpAdminString,
            aaasLdapPasswdHash  SnmpAdminString,
            aaasTacacsKeyHash   SnmpAdminString,
            aaasIpv6Address     Ipv6Address,
            aaasIpv6Address2    Ipv6Address,
            aaasRadEnableSsl    INTEGER,
            aaasClearStats      INTEGER,
            aaasRadHealthCheck      INTEGER,
            aaasRadPollingInterval  Integer32,
            aaasRadUsername         SnmpAdminString,
            aaasRadPassword         SnmpAdminString,
            aaasRadFailover         INTEGER,
            aaasRadHealthKeyHash    SnmpAdminString,
            aaasTacacsSalt          SnmpAdminString,
            aaasTacacsSaltHash      SnmpAdminString,
            aaasRadSalt             SnmpAdminString,
            aaasRadSaltHash         SnmpAdminString,
            aaasLdapSalt            SnmpAdminString,
            aaasLdapSaltHash        SnmpAdminString
        }

    aaasName OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "Name of the server.
            This name is given by the operator to refer the server."
        ::= { aaaServerEntry 1}

    aaasProtocol OBJECT-TYPE
        SYNTAX        INTEGER
                      {
                          radius(1),
                            ldap(2),
                             ace(3),
                          tacacs(4)
                      }
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Protocol used with the server:
                 radius(1) - RADIUS
                   ldap(2) - LDAP
                    ace(3) - ACE
                 tacacs(4) - TACACS+"
        ::= { aaaServerEntry 2}

    aaasHostName OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 64 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "DNS name of the server host."
        ::= { aaaServerEntry 3}

    aaasIpAddress OBJECT-TYPE
        SYNTAX        IpAddress
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
                "IP address of the server host."
        ::= { aaaServerEntry 4}

    aaasHostName2 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 64 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "DNS name of the backup server host."
        ::= { aaaServerEntry 5}

    aaasIpAddress2 OBJECT-TYPE
        SYNTAX        IpAddress
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "IP address of the backup server host."
        ::= { aaaServerEntry 6}

    aaasRetries OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 32 )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            " Number of retries the switch makes to the server to
            authenticate a user before trying the next backup server.
            The default value is 3."
        DEFVAL        { 3 }
        ::= { aaaServerEntry 7}

    aaasTimout OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 30 )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Time-out for server replies to authentication requests.
            The default value is 2."
        DEFVAL        { 2 }
        ::= { aaaServerEntry 8}

    aaasRadKey OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 64 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The shared secret is a string of characters known to the switch
            and to the RADIUS server, but it is not sent out over the network.
            The secret can be any text string and must be configured here as
            well as on the server. The secret is stored encrypted using a two
            way algorithm."
        ::= { aaaServerEntry 9}


    aaasRadAuthPort OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 65535 )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "For RADIUS server only.
            Port number for authentication request;
            the host is not used for authentication if set to 0.
            The default value is 1645."
        DEFVAL        { 1645 }
        ::= { aaaServerEntry 10}

    aaasRadAcctPort OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 65535 )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "For RADIUS server only.
            Port number for accounting request;
            the host is not used for authentication if set to 0.
            The default value is 1646."
        DEFVAL        { 1646 }
        ::= { aaaServerEntry 11}

    aaasLdapPort OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 65535 )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "For LDAP server only.
            Port number for LDAP server host."
        DEFVAL        { 0 }
        ::= { aaaServerEntry 12}

    aaasLdapDn OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 255 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "For LDAP server only.
            the super user dn, i.e., the administrative distinguished name
            recognized by the LDAP-enabled directory servers
            (e.g., cn=manager)"
        ::= { aaaServerEntry 13}

    aaasLdapPasswd OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "For LDAP server only.
            the super user password, i.e., the administrative password
            recognized by LDAP-enabled directory servers (e.g., secret).
            The secret is stored encrypted using a two way algorithm."
        ::= { aaaServerEntry 14}

    aaasLdapSearchBase OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 64 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "For LDAP server only.
             Search base recognized by LDAP-enabled
             directory servers (e.g.,o=company, c=US)."
        ::= { aaaServerEntry 15}

    aaasLdapServType OBJECT-TYPE
        SYNTAX        INTEGER
                      {
                                 ns(0),
                            generic(1),
                           netscape(2),
                             novell(3),
                                sun(4),
                          microsoft(5)
                      }
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "For LDAP server only.
             Directory server type used in LDAP Authentication:
                        ns(0) - non significant value
                   generic(1) - Generic Schema
                  netscape(2) - Netscape Directory Server
                    novell(3) - Novell NDS
                       sun(4) - Sun Directory Services
                 microsoft(5) - Microsoft Active Directory"
        DEFVAL        { netscape }
        ::= { aaaServerEntry 16}

    aaasLdapEnableSsl OBJECT-TYPE
        SYNTAX        INTEGER
                      {
                             ns(0),
                           true(1),
                          false(2)
                      }
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Only for LDAP server.
            Specify if the connection between the swtich and the LDAP server
            use a SSL session."
        DEFVAL        { false }
        ::= { aaaServerEntry 17}


    aaasRowStatus OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The status of this table entry."
        DEFVAL        { notInService }
        ::= { aaaServerEntry 18}

   aaasTacacsKey OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 64 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The shared secret is a string of characters known to the switch
            and to the TACACS+ server, but it is not sent out over the network.
            The secret can be any text string and must be configured here as
            well as on the server. The secret is stored encrypted using a two
            way algorithm."
        ::= { aaaServerEntry 19}


    aaasTacacsPort OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 65535 )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "For TACACS+ server only.
            Port number for LDAP server host."
        DEFVAL        { 49 }
        ::= { aaaServerEntry 20}

    aaasVrfName OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of the VRF that the server is on.
            This VRF name is valid only when the server type is RADIUS.
            (aaasProtocol = 1 (Radius)."
        ::= { aaaServerEntry 21}

    aaasRadKeyHash OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 256 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The encrypted version of the aaasRadKey attribute."
        ::= { aaaServerEntry 22}

    aaasLdapPasswdHash OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 256 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The encrypted version of the aaasLdapPasswd attribute."
        ::= { aaaServerEntry 23}

   aaasTacacsKeyHash OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 256 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The encrypted version of the aaasTacacsKey attribute."
        ::= { aaaServerEntry 24}

   aaasIpv6Address OBJECT-TYPE
    	SYNTAX  Ipv6Address
    	MAX-ACCESS  read-create
    	STATUS  current
    	DESCRIPTION
            "Local IPv6 address of this connection."
    	::= { aaaServerEntry  25 }
        
   aaasIpv6Address2 OBJECT-TYPE
    	SYNTAX  Ipv6Address
    	MAX-ACCESS  read-create
    	STATUS  current
    	DESCRIPTION
            "Local IPv6 address of this connection."
    	::= { aaaServerEntry  26 }

   aaasRadEnableSsl OBJECT-TYPE
    	SYNTAX        INTEGER 
    	   { 
    	       ns(0),
    	       true(1), 
    	       false(2) 
    	   }
    	MAX-ACCESS    read-create
    	STATUS        current
    	DESCRIPTION
    	    "Only for Radius server.
    	    Specify if the connection between the swtich and the Radius server 
    	    use a SSL session."
    	DEFVAL        { false }
    	::= { aaaServerEntry  27 }

    aaasClearStats OBJECT-TYPE
        SYNTAX      INTEGER
            {
              clear(1)
            }
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
            "Defines per server-name clear statistics control for AAA.
            The value reset (1) indicates that AAA should clear all
            statistics related to a server-name in the system."
        ::= { aaaServerEntry 28 }

    aaasRadHealthCheck  OBJECT-TYPE
        SYNTAX      INTEGER
            {
                    enable(1),           
                    disable(2)
            }
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
            "Enables Health check for the specified RADIUS server."
        ::= { aaaServerEntry 29 }        
        
    aaasRadPollingInterval    OBJECT-TYPE
        SYNTAX      Integer32
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
            "Polling interval is number of seconds after which health check request is sent to RADIUS server."
        ::= { aaaServerEntry 30 }

    aaasRadUsername       OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Username is used to configure username used in health check"
        ::= { aaaServerEntry 31}        

    aaasRadPassword       OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 64 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Password is used to configure password used in health check"
        ::= { aaaServerEntry 32}
  
    aaasRadFailover     OBJECT-TYPE
        SYNTAX      INTEGER
            {
                    enable(1),           
                    disable(2)
            }
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
            "Enabling failover will send message to AGCMM to trigger authentication of user stuck in auth server down."
        ::= { aaaServerEntry 33 }

    aaasRadHealthKeyHash OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 256 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The encrypted version of the aaasRadKey attribute."
        ::= { aaaServerEntry 34}

    aaasTacacsSalt OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 15 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The salt value is used to hash for Tacacs server."
        ::= { aaaServerEntry 35}

    aaasTacacsSaltHash OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 128 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The encrypted version of the aaasTacacsSalt attribute."
        ::= { aaaServerEntry 36}

    aaasRadSalt OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 15 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The salt value is used to hash for Radius server."
        ::= { aaaServerEntry 37}

    aaasRadSaltHash OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 128 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The encrypted version of the aaasRadSalt attribute."
        ::= { aaaServerEntry 38}

    aaasLdapSalt OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 15 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The salt value is used to hash for LDAP server."
        ::= { aaaServerEntry 39}

    aaasLdapSaltHash OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 128 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The encrypted version of the aaasLdapSalt attribute."
        ::= { aaaServerEntry 40}

--
--  Authentication Server Statistics Table
--

    aaaAuthServerStatsTable OBJECT-TYPE
        SYNTAX SEQUENCE OF AaaAuthServerStatsEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Rows in this table represents counter statistics of the authentication server."
        ::= { aaaServerMIB 2 }

    aaaAuthServerStatsEntry OBJECT-TYPE
        SYNTAX AaaAuthServerStatsEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "AAA server statistics."
        INDEX { aaasName }
        ::= { aaaAuthServerStatsTable 1 }

    AaaAuthServerStatsEntry ::= SEQUENCE
    {
        aaaAuthStatsAccessReq           Counter64,
        aaaAuthStatsAccessRes           Counter64,
        aaaAuthStatsAccessAccept        Counter64,
        aaaAuthStatsAccessReject        Counter64,
        aaaAuthStatsAccessChal          Counter64,
        aaaAuthStatsTimedOutReq         Counter64,
        aaaAuthStatsCountRtt            Counter64,
        aaaAuthStatsSumRtt              Counter64,
        aaaAuthStatsMinRtt              Counter64,
        aaaAuthStatsMaxRtt              Counter64,
        aaaAuthStatsAvgRtt              Counter64,
        aaaAuthStatsLastRtt             Counter64
    }

    aaaAuthStatsAccessReq OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of authentication server statistics access requests."
        ::= { aaaAuthServerStatsEntry 1 }

    aaaAuthStatsAccessRes OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of authentication server statistics access responses."
        ::= { aaaAuthServerStatsEntry 2 }

    aaaAuthStatsAccessAccept OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of authentication server statistics access accepts."
        ::= { aaaAuthServerStatsEntry 3 }

    aaaAuthStatsAccessReject OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of authentication server statistics access rejects."
        ::= { aaaAuthServerStatsEntry 4 }

    aaaAuthStatsAccessChal OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of authentication server statistics access challenges."
        ::= { aaaAuthServerStatsEntry 5 }

    aaaAuthStatsTimedOutReq OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of authentication server statistics timed out requests."
        ::= { aaaAuthServerStatsEntry 6 }

    aaaAuthStatsCountRtt OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "RTT count."
        ::= { aaaAuthServerStatsEntry 7 }

    aaaAuthStatsSumRtt OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Sum of RTT."
        ::= { aaaAuthServerStatsEntry 8 }

    aaaAuthStatsMinRtt OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Min RTT."
        ::= { aaaAuthServerStatsEntry 9 }

    aaaAuthStatsMaxRtt OBJECT-TYPE 
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Max RTT."
        ::= { aaaAuthServerStatsEntry 10 }

    aaaAuthStatsAvgRtt OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Average RTT."
        ::= { aaaAuthServerStatsEntry 11 }

    aaaAuthStatsLastRtt OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Last RTT."
        ::= { aaaAuthServerStatsEntry 12 }

--
--  Authorization Server Statistics Table
--

    aaaAuthorServerStatsTable OBJECT-TYPE
        SYNTAX SEQUENCE OF AaaAuthorServerStatsEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Rows in this table represents counter statistics of the authorization server."
        ::= { aaaServerMIB 3 }

    aaaAuthorServerStatsEntry OBJECT-TYPE
        SYNTAX AaaAuthorServerStatsEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "AAA server statistics."
        INDEX { aaasName }
        ::= { aaaAuthorServerStatsTable 1 }

    AaaAuthorServerStatsEntry ::= SEQUENCE
    {
        aaaAuthorStatsAccessReq           Counter64,
        aaaAuthorStatsAccessRes           Counter64,
        aaaAuthorStatsTimedOutReq         Counter64,
        aaaAuthorStatsCountRtt            Counter64,
        aaaAuthorStatsSumRtt              Counter64,
        aaaAuthorStatsMinRtt              Counter64,
        aaaAuthorStatsMaxRtt              Counter64,
        aaaAuthorStatsAvgRtt              Counter64,
        aaaAuthorStatsLastRtt             Counter64
    }

    aaaAuthorStatsAccessReq OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of authorization server statistics access requests."
        ::= { aaaAuthorServerStatsEntry 1 }

    aaaAuthorStatsAccessRes OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of authorization server statistics access responses."
        ::= { aaaAuthorServerStatsEntry 2 }

    aaaAuthorStatsTimedOutReq OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of authorization server statistics timed out requests."
        ::= { aaaAuthorServerStatsEntry 3 }

    aaaAuthorStatsCountRtt OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "RTT count."
        ::= { aaaAuthorServerStatsEntry 4 }

    aaaAuthorStatsSumRtt OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Sum of RTT."
        ::= { aaaAuthorServerStatsEntry 5 }

    aaaAuthorStatsMinRtt OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Min RTT."
        ::= { aaaAuthorServerStatsEntry 6 }

    aaaAuthorStatsMaxRtt OBJECT-TYPE 
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Max RTT."
        ::= { aaaAuthorServerStatsEntry 7 }

    aaaAuthorStatsAvgRtt OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Average RTT."
        ::= { aaaAuthorServerStatsEntry 8 }

    aaaAuthorStatsLastRtt OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Last RTT."
        ::= { aaaAuthorServerStatsEntry 9 }

--
--  Accounting Server Statistics Table
--

    aaaAcctServerStatsTable OBJECT-TYPE
        SYNTAX SEQUENCE OF AaaAcctServerStatsEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Rows in this table represents counter statistics of the accounting server."
        ::= { aaaServerMIB 4 }

    aaaAcctServerStatsEntry OBJECT-TYPE
        SYNTAX AaaAcctServerStatsEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "AAA server statistics."
        INDEX { aaasName }
        ::= { aaaAcctServerStatsTable 1 }

    AaaAcctServerStatsEntry ::= SEQUENCE
    {
        aaaAcctStatsAccessReq           Counter64,
        aaaAcctStatsAccessRes           Counter64,
        aaaAcctStatsTimedOutReq         Counter64,
        aaaAcctStatsCountRtt            Counter64,
        aaaAcctStatsSumRtt              Counter64,
        aaaAcctStatsMinRtt              Counter64,
        aaaAcctStatsMaxRtt              Counter64,
        aaaAcctStatsAvgRtt              Counter64,
        aaaAcctStatsLastRtt             Counter64
    }

    aaaAcctStatsAccessReq OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of accounting server statistics access requests."
        ::= { aaaAcctServerStatsEntry 1 }

    aaaAcctStatsAccessRes OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of accounting server statistics access responses."
        ::= { aaaAcctServerStatsEntry 2 }

    aaaAcctStatsTimedOutReq OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of accounting server statistics timed out requests."
        ::= { aaaAcctServerStatsEntry 3 }

    aaaAcctStatsCountRtt OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "RTT count."
        ::= { aaaAcctServerStatsEntry 4 }

    aaaAcctStatsSumRtt OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Sum of RTT."
        ::= { aaaAcctServerStatsEntry 5 }

    aaaAcctStatsMinRtt OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Min RTT."
        ::= { aaaAcctServerStatsEntry 6 }

    aaaAcctStatsMaxRtt OBJECT-TYPE 
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Max RTT."
        ::= { aaaAcctServerStatsEntry 7 }

    aaaAcctStatsAvgRtt OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Average RTT."
        ::= { aaaAcctServerStatsEntry 8 }

    aaaAcctStatsLastRtt OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Last RTT."
        ::= { aaaAcctServerStatsEntry 9 }

--
--  BYOD Server Statistics Table
--

    aaaByodServerStatsTable OBJECT-TYPE
        SYNTAX SEQUENCE OF AaaByodServerStatsEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Rows in this table represents counter statistics of the BYOD server."
        ::= { aaaServerMIB 5 }

    aaaByodServerStatsEntry OBJECT-TYPE
        SYNTAX AaaByodServerStatsEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "AAA server statistics."
        INDEX { aaasName }
        ::= { aaaByodServerStatsTable 1 }

    AaaByodServerStatsEntry ::= SEQUENCE
    {
        aaaByodStatsCoaReq           Counter64,
        aaaByodStatsCoaAck           Counter64,
        aaaByodStatsCoaNack          Counter64,
        aaaByodStatsDmReq            Counter64,
        aaaByodStatsDmAck            Counter64,
        aaaByodStatsDmNack           Counter64
    }

    aaaByodStatsCoaReq OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of BYOD server statistics change-of-authorization requests."
        ::= { aaaByodServerStatsEntry 1 }

    aaaByodStatsCoaAck OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of BYOD server statistics change-of-authorization ACKs."
        ::= { aaaByodServerStatsEntry 2 }

    aaaByodStatsCoaNack OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of BYOD server statistics change-of-authorization NACKs."
        ::= { aaaByodServerStatsEntry 3 }

    aaaByodStatsDmReq OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of BYOD server statistics disconnect requests."
        ::= { aaaByodServerStatsEntry 4 }

    aaaByodStatsDmAck OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of BYOD server statistics disconnect ACKs."
        ::= { aaaByodServerStatsEntry 5 }

    aaaByodStatsDmNack OBJECT-TYPE
        SYNTAX Counter64
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The number of BYOD server statistics disconnect NACKs."
        ::= { aaaByodServerStatsEntry 6 }

--
--  Radius Server Status Table
--

    aaaRadiusServerStatusTable OBJECT-TYPE
        SYNTAX SEQUENCE OF AaaRadiusServerStatusEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Rows in this table represents the status of the radius server."
        ::= { aaaServerMIB 6 }

    aaaRadiusServerStatusEntry OBJECT-TYPE
        SYNTAX AaaRadiusServerStatusEntry
        MAX-ACCESS not-accessible
        STATUS current
        DESCRIPTION
            "Radius server status."
        INDEX { aaasName }
        ::= { aaaRadiusServerStatusTable 1 }

    AaaRadiusServerStatusEntry ::= SEQUENCE
    {
        aaaPrimaryOperStatus       INTEGER,
        aaaPrimaryUptime           SnmpAdminString,
        aaaPrimaryDowntime         SnmpAdminString,
        aaaPrimaryDownToUpCnt      Integer32,
        aaaBackupOperStatus        INTEGER,
        aaaBackupUptime            SnmpAdminString,
        aaaBackupDowntime          SnmpAdminString,
        aaaBackupDownToUpCnt       Integer32
    }

    aaaPrimaryOperStatus OBJECT-TYPE
        SYNTAX INTEGER
        {
            up (1),
            down (2),
            na (3)
        }
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The status of the primary radius server."
        ::= { aaaRadiusServerStatusEntry 1 }

    aaaPrimaryUptime OBJECT-TYPE
        SYNTAX SnmpAdminString (SIZE(1..64))
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The up time of the primary radius server."
        ::= { aaaRadiusServerStatusEntry 2 }

    aaaPrimaryDowntime OBJECT-TYPE
        SYNTAX SnmpAdminString (SIZE(1..64))
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The down time of the primary radius server."
        ::= { aaaRadiusServerStatusEntry 3 }

    aaaPrimaryDownToUpCnt OBJECT-TYPE
        SYNTAX Integer32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The times that the primary radius server status is changed down to up."
        ::= { aaaRadiusServerStatusEntry 4 }

    aaaBackupOperStatus OBJECT-TYPE
        SYNTAX INTEGER
        {
            up (1),
            down (2),
            na (3)
        }
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The status of the backup radius server."
        ::= { aaaRadiusServerStatusEntry 5 }

    aaaBackupUptime OBJECT-TYPE
        SYNTAX SnmpAdminString (SIZE(1..64))
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The up time of the backup radius server."
        ::= { aaaRadiusServerStatusEntry 6 }

    aaaBackupDowntime OBJECT-TYPE
        SYNTAX SnmpAdminString (SIZE(1..64))
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The down time of the backup radius server."
        ::= { aaaRadiusServerStatusEntry 7 }

    aaaBackupDownToUpCnt OBJECT-TYPE
        SYNTAX Integer32
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "The times that the backup radius server status is changed down to up."
        ::= { aaaRadiusServerStatusEntry 8 }

--    AAA authorization accounting MIB

    aaaAuthAcctMIB    OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 2 }


--
--    Authenticated switch access configuration table
--

    aaaAuthSATable OBJECT-TYPE
        SYNTAX        SEQUENCE OF AaaAuthSAEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "This table allow to display and modify the configuration of the
            authentication servers for the switch accesses."
        ::= { aaaAuthAcctMIB 1 }

    aaaAuthSAEntry OBJECT-TYPE
        SYNTAX        AaaAuthSAEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "A switch access authentication entry is specified by the type
            of access."
        INDEX { aaatsInterface}
        ::= { aaaAuthSATable 1 }

    AaaAuthSAEntry ::= SEQUENCE
        {
            aaatsInterface    INTEGER,
            aaatsName1        SnmpAdminString,
            aaatsName2        SnmpAdminString,
            aaatsName3        SnmpAdminString,
            aaatsName4        SnmpAdminString,
            aaatsRowStatus    RowStatus,
            aaatsCertificate  INTEGER,
            aaatsExitOnFail   INTEGER
        }

    aaatsInterface OBJECT-TYPE
        SYNTAX        INTEGER
                      {
                          default(1),
                          console(2),
                           telnet(3),
                              ftp(4),
                             http(5),
                             snmp(6),
                              ssh(7)
                      }
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "Type of connection that must be authenticated
            default(1) -define the default authentication method for console,
            telnet, ftp, snmp , http and ssh. If the operator
            interface is not especially configured the default value
            is applied to this interface."
        ::= { aaaAuthSAEntry 1}


    aaatsName1 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of the server.
            Special value 'local' correspond to the local database.
            Other name correspond to an index value of the aaaServerTable
            snmp entry can only use ldap server and local database."
        ::= { aaaAuthSAEntry 2}

    aaatsName2 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of a server used if the precedent is not accessible.
            Special value 'local' correspond to the local database.
            Other name correspond to an index value of the aaaServerTable
            snmp entry can only use ldap server and local database."
        DEFVAL { "" }
        ::= { aaaAuthSAEntry 3}

    aaatsName3 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of a server used if the precedent is not accessible.
            Special value 'local' correspond to the local database.
            Other name correspond to an index value of the aaaServerTable
            snmp entry can only use ldap server and local database."
        DEFVAL { "" }
        ::= { aaaAuthSAEntry 4}

    aaatsName4 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of a server used if the precedent is not accessible.
            Special value 'local' correspond to the local database.
            Other name correspond to an index value of the aaaServerTable
            snmp entry can only use ldap server and local database."
        DEFVAL { "" }
        ::= { aaaAuthSAEntry 5}

    aaatsRowStatus OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The status of this table entry."
        DEFVAL        { notInService }
        ::= { aaaAuthSAEntry 7}

   aaatsCertificate OBJECT-TYPE
        SYNTAX        INTEGER
                      {
                        noCertificate(0),
                        certificateOnly(1),
                        certificateWithPassword(2)
                      }
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "use of x509 user certificate during the HTTPs session establisment.
            noCertificate(0)- no user certificate is required,
            certificateOnly(1) - the DN from the certifiicate is used to access to the authorization
            data of the user
            certificateWithPassword(2) - the user must execute a log-in procedure with user
            name and password after his certificate validation"
            DEFVAL        { noCertificate }
            ::= { aaaAuthSAEntry 8}

    aaatsExitOnFail OBJECT-TYPE
        SYNTAX        INTEGER {
                        enable(1),
                        disable(2)
                      }
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Enable/disable on each server's access type to allow the switch
            authenticate all servers in list or only the first server:
            Enable(1): the switch uses only the first available server in the list to check for user information
            Disable(2): all servers in the list must be used for user authentication"
        DEFVAL        { enable }
        ::= { aaaAuthSAEntry 9}

--
--    Accounting configuration table for switch accesses
--

    aaaAcctSATable OBJECT-TYPE
        SYNTAX        SEQUENCE OF AaaAcctSAEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "This table shows current configuration for Switch access accounting."
    ::= { aaaAuthAcctMIB 2 }

    aaaAcctSAEntry OBJECT-TYPE
        SYNTAX        AaaAcctSAEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "Accounting configuration for switch access."
        INDEX     { aaacsInterface }
        ::= { aaaAcctSATable 1 }

    AaaAcctSAEntry ::= SEQUENCE
        {
            aaacsInterface    Integer32,
            aaacsName1        SnmpAdminString,
            aaacsName2        SnmpAdminString,
            aaacsName3        SnmpAdminString,
            aaacsName4        SnmpAdminString,
            aaacsRowStatus    RowStatus
        }

    aaacsInterface OBJECT-TYPE
        SYNTAX        Integer32 ( 1 .. 1 )
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "For now, accounting for console, telnet, ftp, http, snmp, ssh are stored
            in the same set of servers, the index is always (1)."
        ::= { aaaAcctSAEntry 1}


    aaacsName1 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of the server.
            Special value 'local' correspond to the local log.
            Other name correspond to an index value of the aaaServerTable
            An Ace server can not be used for accounting."
        ::= { aaaAcctSAEntry 2}

    aaacsName2 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of a server used if the precedent is not accessible.
            Special value 'local' correspond to the local log.
            Other name correspond to an index value of the aaaServerTable
            An Ace server can not be used for accounting."
        DEFVAL { "" }
        ::= { aaaAcctSAEntry 3}

    aaacsName3 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of a server used if the precedent is not accessible.
            Special value 'local' correspond to the local log.
            Other name correspond to an index value of the aaaServerTable
            An Ace server can not be used for accounting."
        DEFVAL { "" }
    ::= { aaaAcctSAEntry 4}

    aaacsName4 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of a server used if the precedent is not accessible.
            Special value 'local' correspond to the local log.
            Other name correspond to an index value of the aaaServerTable
            An Ace server can not be used for accounting."
        DEFVAL { "" }
    ::= { aaaAcctSAEntry 5}

    aaacsRowStatus OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The status of this table entry."
        DEFVAL        { notInService }
        ::= { aaaAcctSAEntry 6}




--
--    Accounting configuration table for commands
--
    aaaAcctCmdTable OBJECT-TYPE
        SYNTAX        SEQUENCE OF AaaAcctCmdEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "This table stores the commands that will be logged during an accounting session.
                         This feature is valid only for Tacacs+ accounting"
    ::= { aaaAuthAcctMIB 3 }

    aaaAcctCmdEntry OBJECT-TYPE
        SYNTAX        AaaAcctCmdEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "Tacacs+ Accounting configuration for executed commands."
        INDEX     { aaacmdInterface }
        ::= { aaaAcctCmdTable 1 }

    AaaAcctCmdEntry ::= SEQUENCE
        {
            aaacmdInterface       Integer32,
            aaacmdSrvName1        SnmpAdminString,
            aaacmdSrvName2        SnmpAdminString,
            aaacmdSrvName3        SnmpAdminString,
            aaacmdSrvName4        SnmpAdminString,
            aaacmdRowStatus       RowStatus
        }

    aaacmdInterface OBJECT-TYPE
        SYNTAX        Integer32 ( 1 .. 1 )
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "For now, accounting for console, telnet, ftp, http, snmp, ssh are stored
            in the same set of servers, the index is always (1)."
        ::= { aaaAcctCmdEntry 1}


    aaacmdSrvName1 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of the Tacacs+ server.
            Other name correspond to an index value of the aaaServerTable"
        ::= { aaaAcctCmdEntry 2}

    aaacmdSrvName2 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of the Tacacs+  server used if the precedent is not accessible.
            Other name correspond to an index value of the aaaServerTable"
        DEFVAL { "" }
        ::= { aaaAcctCmdEntry 3}

    aaacmdSrvName3 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of the Tacacs+  server used if the precedent is not accessible.
            Other name correspond to an index value of the aaaServerTable"
        DEFVAL { "" }
    ::= { aaaAcctCmdEntry 4}

    aaacmdSrvName4 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of the Tacacs+ server used if the precedent is not accessible.
            Other name correspond to an index value of the aaaServerTable"
        DEFVAL { "" }
    ::= { aaaAcctCmdEntry 5}

    aaacmdRowStatus OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The status of this table entry."
        DEFVAL        { notInService }
        ::= { aaaAcctCmdEntry 6}

--
--    Authenticated Device configuration table
--

   aaaAuthDATable  OBJECT-TYPE
        SYNTAX        SEQUENCE OF AaaAuthDAEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "This table shows current configuration for MAC/Onex/Captive Portal authentication."
    ::= { aaaAuthAcctMIB 4 }

    aaaAuthDAEntry OBJECT-TYPE
        SYNTAX        AaaAuthDAEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "configuration for MAC/Onex/Captive Portal authentication."
        INDEX     { aaadaInterface }
        ::= { aaaAuthDATable 1 }

    AaaAuthDAEntry ::= SEQUENCE
        {
            aaadaInterface    Integer32,
            aaadaName1        SnmpAdminString,
            aaadaName2        SnmpAdminString,
            aaadaName3        SnmpAdminString,
            aaadaName4        SnmpAdminString,
            aaadaRowStatus    RowStatus
        }


    aaadaInterface OBJECT-TYPE
        SYNTAX        Integer32 ( 1 .. 3 )
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION
            "one for mac , two for 1x, three for captive portal authentication"
        ::= { aaaAuthDAEntry 1}


    aaadaName1 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of the server.
            It corresponds to an index value of the aaaServerTable
            Only RADIUS server can be used in front hand."
        ::= { aaaAuthDAEntry 2}

    aaadaName2 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of the server.
            It corresponds to an index value of the aaaServerTable
            Only RADIUS server can be used in front hand."
        DEFVAL { "" }

        ::= { aaaAuthDAEntry 3}

    aaadaName3 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of the server.
            It corresponds to an index value of the aaaServerTable
            Only RADIUS server can be used in front hand."
        DEFVAL { "" }
        ::= { aaaAuthDAEntry 4}

    aaadaName4 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of the server.
            It corresponds to an index value of the aaaServerTable
            Only RADIUS server can be used in front hand."
        DEFVAL { "" }
        ::= { aaaAuthDAEntry 5}

    aaadaRowStatus OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The status of this table entry."
        DEFVAL        { notInService }
        ::= { aaaAuthDAEntry 6}


    aaaAcctDATable OBJECT-TYPE
        SYNTAX        SEQUENCE OF AaaAcctDAEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "This table shows current configuration for device access accounting."
    ::= { aaaAuthAcctMIB 5 }

    aaaAcctDAEntry OBJECT-TYPE
        SYNTAX        AaaAcctDAEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "Accounting configuration for device access."
        INDEX     { aaacdInterface }
        ::= { aaaAcctDATable 1 }

    AaaAcctDAEntry ::= SEQUENCE
        {
            aaacdInterface          Integer32, 
            aaacdName1              SnmpAdminString,
            aaacdName2              SnmpAdminString,
            aaacdName3              SnmpAdminString,
            aaacdName4              SnmpAdminString,
            aaacdRowStatus          RowStatus,
            aaacdSyslogIPAddrType   InetAddressType,      
            aaacdSyslogIPAddr       InetAddress,      
            aaacdSyslogUdpPort      Unsigned32,
	    aaacdCallngStationId    INTEGER				      
        }

    aaacdInterface OBJECT-TYPE
        SYNTAX	      Integer32 ( 1 .. 3 )
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "accounting for mac ,onex  & captive portal " 
        ::= { aaaAcctDAEntry 1}


    aaacdName1 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of the server.
            Special value 'local' correspond to the local log.
            Other name correspond to an index value of the aaaServerTable
            for accounting."
        ::= { aaaAcctDAEntry 2}

    aaacdName2 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of a server used if the precedent is not accessible.
            Special value 'local' correspond to the local log.
            Other name correspond to an index value of the aaaServerTable
            for accounting."
        DEFVAL { "" }
        ::= { aaaAcctDAEntry 3}

    aaacdName3 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of a server used if the precedent is not accessible.
            Special value 'local' correspond to the local log.
            Other name correspond to an index value of the aaaServerTable
            for accounting."
        DEFVAL { "" }
    ::= { aaaAcctDAEntry 4}

    aaacdName4 OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Name of a server used if the precedent is not accessible.
            Special value 'local' correspond to the local log.
            Other name correspond to an index value of the aaaServerTable
            for accounting."
        DEFVAL { "" }
    ::= { aaaAcctDAEntry 5}

        aaacdRowStatus OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The status of this table entry."
        DEFVAL        { notInService }
        ::= { aaaAcctDAEntry 6 }
    
    aaacdSyslogIPAddrType OBJECT-TYPE
        SYNTAX       InetAddressType 
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Accounting Syslog IpAddress type"
        ::= { aaaAcctDAEntry 7 }

    aaacdSyslogIPAddr OBJECT-TYPE
        SYNTAX       InetAddress 
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Accounting Syslog IpAddress "
        ::= { aaaAcctDAEntry 8 }

    aaacdSyslogUdpPort OBJECT-TYPE
        SYNTAX      Unsigned32 
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Accounting Syslog Udp port "
         DEFVAL { 514 }
        ::= { aaaAcctDAEntry 9 }
	
    aaacdCallngStationId  OBJECT-TYPE
	SYNTAX      INTEGER
		     {
                         mac(1),
                         ip(2)
                      }

	MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Raduis Calling Station ID "
	::= { aaaAcctDAEntry 10 }

    alaAaaAuthConfig  OBJECT IDENTIFIER ::= { aaaAuthAcctMIB 6 } 

--
--   Global Objects for Onex/MAC/Captive Portal authentication/accounting 
---

    alaAaaOnexReAuthStatus OBJECT-TYPE
        SYNTAX       INTEGER {
                    enable(1),           
                    disable(2)
                    }
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            " Enable/Disable Reauthentication for user authenticated  using Onex "
            DEFVAL { disable }
       ::= { alaAaaAuthConfig 1 }

    alaAaaOnexReAuthIntrvl OBJECT-TYPE
        SYNTAX      Integer32  
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            " Reauthentication Interval  for user authenticated  using Onex "
            DEFVAL { 3600 }
       ::= { alaAaaAuthConfig 2 }


    alaAaaOnexReAuthTrustRadStatus OBJECT-TYPE
        SYNTAX       INTEGER {
                                enable(1),           
                                disable(2)
                             }
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            " Reauthentication Trust Radius status   for user authenticated  using Onex "
            DEFVAL { disable }
       ::= { alaAaaAuthConfig 3 }

    alaAaaOnexIntrmIntrvl OBJECT-TYPE
        SYNTAX      Integer32  
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            " Accounting Interim  Interval   "
            DEFVAL { 600 }
       ::= { alaAaaAuthConfig 4 }

    alaAaaOnexIntmIntvlTrstRadSts OBJECT-TYPE
        SYNTAX       INTEGER {
                    enable(1),           
                    disable(2)
                    }
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            " Using Onex ,Interim  Interval Trust Radius Status   "
            DEFVAL { disable }
       ::= { alaAaaAuthConfig 5 }

    alaAaaMacIntrmIntrvl OBJECT-TYPE
        SYNTAX      Integer32  
        MAX-ACCESS  read-write
        STATUS current 
        DESCRIPTION 
            " Using Mac, Accounting Interim  Interval   "
            DEFVAL { 600 }
       ::= { alaAaaAuthConfig 6 }

    alaAaaMacIntmIntvlTrstRadStatus OBJECT-TYPE
        SYNTAX       INTEGER {
                    enable(1),           
                    disable(2)
                    }
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            " Using Mac ,Interim  Interval Trust Radius Status   "
            DEFVAL { disable }
       ::= { alaAaaAuthConfig 7 }

    alaAaaMacSessTimeoutStatus OBJECT-TYPE
        SYNTAX       INTEGER {
                    enable(1),           
                    disable(2)
                    }
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            " Using Mac,Interim  Session Timeout Status   "
            DEFVAL { disable }
       ::= { alaAaaAuthConfig 8 }

    alaAaaMacSessTimeoutIntrvl OBJECT-TYPE
        SYNTAX      Integer32  
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            " Using Mac,Session Timeout Status Interval  "
            DEFVAL { 43200 }
       ::= { alaAaaAuthConfig 9 }

    alaAaaMacSesTimeoutTrstRadStatus OBJECT-TYPE
        SYNTAX       INTEGER {
                    enable(1),           
                    disable(2)
                    }
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            "Session Timeout Radius Status for Mac based authenticated user "
            DEFVAL { disable }
       ::= { alaAaaAuthConfig 10 }

    alaAaaMacInActLogoutStatus OBJECT-TYPE
        SYNTAX       INTEGER {
                    enable(1),           
                    disable(2)
                    }
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            "Session Timeout Trust Radius Status  for Captive Portal  method based authenticated user "
            DEFVAL { disable }
       ::= { alaAaaAuthConfig 11 }

    alaAaaMacInActLogoutIntrvl    OBJECT-TYPE
        SYNTAX      Integer32(0|60..1200)  
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            "InActivity logout Interval for MAC based authenticated user.
	    When MAC aging is not desired, then the Inactivity Logout Interval should be configured to 0."
          DEFVAL { 600 }
       ::= { alaAaaAuthConfig 12 }

    alaAaaCpIntrmIntrvl OBJECT-TYPE
        SYNTAX      Integer32  
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            " Using Captive Portal, Accounting Interim  Interval   "
         DEFVAL { 600 }
       ::= { alaAaaAuthConfig 13 }

    alaAaaCpIntmIntvlTrstRadStatus OBJECT-TYPE
        SYNTAX       INTEGER {
                    enable(1),           
                    disable(2)
                    }
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            " Using Captive Portal ,Interim  Interval Trust Radius Status   "
            DEFVAL { disable }
       ::= { alaAaaAuthConfig 14 }

    alaAaaCpSessTimeoutStatus OBJECT-TYPE
        SYNTAX       INTEGER {
                    enable(1),           
                    disable(2)
                    }
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            "Session Timeout Status for Captive Portal  method based authenticated user "
            DEFVAL { disable }
       ::= { alaAaaAuthConfig 15 }

    alaAaaCpSessTimeoutIntrvl OBJECT-TYPE
        SYNTAX      Integer32  
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            "Session Timeout Interval for Captive Portal  method based authenticated user "
       DEFVAL { 43200 }
       ::= { alaAaaAuthConfig 16 }

    alaAaaCpSessTmotTrstRadStatus OBJECT-TYPE
        SYNTAX       INTEGER {
                    enable(1),           
                    disable(2)
                    }
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            "Session Timeout Trust Radius Status  for Captive Portal  method based authenticated user "
            DEFVAL { disable }
       ::= { alaAaaAuthConfig 17 }

    alaAaaCpInActLogoutStatus OBJECT-TYPE
        SYNTAX       INTEGER {
                    enable(1),           
                    disable(2)
                    }
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            "InActivity logout Status for Captive Portal based authenticated user "
            DEFVAL { disable }
       ::= { alaAaaAuthConfig 18 }

    alaAaaCpInActLogoutIntrvl    OBJECT-TYPE
        SYNTAX      Integer32(0|60..1200)  
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            "InActivity logout Interval  for Captive Portal based authenticated user.
	    When MAC aging is not desired, then the Inactivity Logout Interval should be configured to 0."
 	DEFVAL { 600 }
       ::= { alaAaaAuthConfig 19 }

   alaAaaTacacsServerCmdAuthorization OBJECT-TYPE
	SYNTAX INTEGER{
	enable(1),
	disable(2)
	}
	MAX-ACCESS read-write
	STATUS current
	DESCRIPTION
	   "Getting command based authorization from TACACS+ server"
      ::= { alaAaaAuthConfig 20 }

	alaAaaUbootAuthenticationPassword  OBJECT-TYPE
	SYNTAX  SnmpAdminString (SIZE (0..30))
	MAX-ACCESS  read-write
	STATUS      current
	DESCRIPTION
		"The password entered by the user which will be used for Uboot authentication if enabled.
		This object is essentially write-only. For get response the password in encoded in a one way method.
		This makes the password readable by no one."
	DEFVAL { "" }
	::= { alaAaaAuthConfig 21 }

    alaAaaUbootAccess  OBJECT-TYPE
        SYNTAX       INTEGER {
                    enable(1),           
                    disable(2)
                    }
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            "Disable or enable Uboot access "
            DEFVAL { enable }
       ::= { alaAaaAuthConfig 22 }

    alaAaaOnieAuthenticationPassword  OBJECT-TYPE
        SYNTAX     SnmpAdminString (SIZE (0..30))
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "The password entered by the user which will be used for onie authentication if enabled.
             This object is essentially write-only. For get response the password in encoded in a one way method.
             This makes the password readable by no one."
        DEFVAL { "" }
       ::= { alaAaaAuthConfig 23 }

    alaAaaOnieAuthenticationStatus  OBJECT-TYPE
        SYNTAX     INTEGER {
                         enable(1),
                         disable(2)
                      }
        MAX-ACCESS read-only
        STATUS current
        DESCRIPTION
            "Onie authentication status."
       ::= { alaAaaAuthConfig 24 }

    alaAaaRadMsgAuthenticator  OBJECT-TYPE
        SYNTAX     INTEGER {
                         enable(1),
                         disable(2)
                      }
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Aaa radius msg authenticator."
        DEFVAL { disable }
       ::= { alaAaaAuthConfig 25 }

--
--    user local database configuration table
--
    aaaUserMIB    OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 3 }

    aaaUserTable OBJECT-TYPE
        SYNTAX        SEQUENCE OF AaaUserEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "This table shows current configuration for the local user database."
        ::= { aaaUserMIB 1 }

    aaaUserEntry OBJECT-TYPE
        SYNTAX        AaaUserEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "An user configuration identified by its user name."
        INDEX { aaauUserName }
        ::= { aaaUserTable 1 }

    AaaUserEntry ::= SEQUENCE
        {
            aaauUserName       SnmpAdminString,
            aaauPassword       SnmpAdminString,
            aaauReadRight1     Unsigned32,
            aaauReadRight2     Unsigned32,
            aaauWriteRight1    Unsigned32,
            aaauWriteRight2    Unsigned32,
            aaauSnmpLevel      INTEGER,
            aaauSnmpAuthKey    OCTET STRING,
            aaauRowStatus      RowStatus,
            aaauOldPassword    SnmpAdminString,
            aaauPasswordExpirationDate          SnmpAdminString,
            aaauPasswordExpirationInMinute      Integer32,
            aaauPasswordAllowModifyDate         SnmpAdminString,
            aaauPasswordLockoutEnable           INTEGER,
            aaauBadAtempts                      Integer32,
            aaauReadRight3     Unsigned32,
            aaauReadRight4     Unsigned32,
            aaauWriteRight3    Unsigned32,
            aaauWriteRight4    Unsigned32,
            aaauSnmpPrivPassword OCTET STRING,
            aaauAllowConfigUser INTEGER,
            aaauAllowSsh INTEGER,
            aaauPasswordRefresh INTEGER
        }

    aaauUserName OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 63 ) )
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "Name of the user."
        ::= { aaaUserEntry 1}

    aaauPassword OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 47 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Password of the user. For get response the password in encoded in a
            one way method. This makes the password readable by noone."
        ::= { aaaUserEntry 2}

    aaauReadRight1 OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Specifies the families that the user can execute with read right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, the user is allowed to run
            commands of this family.First part of the bitmask.If the value is
            not specified, the value configured for the 'default' user is taken"
        ::= { aaaUserEntry 3}

    aaauReadRight2 OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Specifies the families that the user can execute with read right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, the user is allowed to run
            commands of this family.Second part of the bitmask.If the value is
            not specified, the value configured for the 'default' user is taken"
        ::= { aaaUserEntry 4}


    aaauWriteRight1 OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Specifies the families that the user can execute with write right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, the user is allowed to run commands of
            this family. First part of the bitmask.If the value is
            not specified, the value configured for the 'default' user is taken"
        ::= { aaaUserEntry 5}

    aaauWriteRight2 OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Specifies the families that the user can execute with write right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, the user is allowed to run commands of
            this family. Second part of the bitmask.If the value is
            not specified, the value configured for the 'default' user is taken"
        ::= { aaaUserEntry 6}

    aaauSnmpLevel OBJECT-TYPE
        SYNTAX        INTEGER
                      {
                               no(1),
                           noauth(2),
                              sha(3),
                              md5(4),
                           shaDes(5),
                           md5Des(6),
                           shaAes(7),
                           sha224(8),
                           sha256(9),
                          sha384(10),
                          sha224Aes(11),
                          sha256Aes(12),
                          sha384Aes(13)
                      }
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Specifies if the user is authorized to use SNMP and if yes its security level.
                     no(1) - Not authorized to use SNMP.
                 noauth(2) - SNMPv1,SNMPv2c or SNMPv3 without authentication.
                    sha(3) - SNMPv3 with SHA authentication and no encryption.
                    md5(4) - SNMPv3 with MD5 authentication and no encryption.
                sha-des(5) - SNMPv3 with SHA authentication and DES encryption.
                md5-des(6) - SNMPv3 with MD5 authentication and DES encryption.
                sha-aes(7) - SNMPv3 with SHA authentication and AES encryption.
                 sha224(8) - SNMPv3 with SHA224 authentication and no encryption.
                 sha256(9) - SNMPv3 with SHA256 authentication and no encryption.
                 sha384(10) - SNMPv3 with SHA384 authentication and no encryption.
                 sha224-aes(11) - SNMPv3 with SHA224 authentication and AES encryption.
                 sha256-aes(12) - SNMPv3 with SHA256 authentication and AES encryption.
                 sha384-aes(13) - SNMPv3 with SHA384 authentication and AES encryption.
             If the value is not specified, the value configured for the 'default' user
             is taken"
        ::= { aaaUserEntry 7}

    aaauSnmpAuthKey OBJECT-TYPE
        SYNTAX        OCTET STRING ( SIZE( 0 .. 255 ) )
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION
            "Authentication key of the user. The key is encoded in a two way method.
            The encryption key is deducted from this key."
        ::= { aaaUserEntry 8}

    aaauRowStatus OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The status of this table entry."
        DEFVAL        { notInService }
        ::= { aaaUserEntry 9}

    aaauOldPassword OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 47 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Internal use"
        ::= { aaaUserEntry 10}

    aaauPasswordExpirationDate OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 16 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The local time of when the password would be expired.
             This date will be reset once the value of
             aaaAsaDefaultPasswordExpirationInDays is updated.

             Only the following format is valid:

             mm/dd/yyyy

             where
             mm   - month  (1-12)
             dd   - day    (1-31)
             yyyy - year   (2000-2050)

             Password will not be expired if set to empty string"
        ::= { aaaUserEntry 11}

    aaauPasswordExpirationInMinute OBJECT-TYPE
        SYNTAX        Integer32 ( -1 .. 216000 )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Number of minutes from now till the password expiration time.
             Setting this object will update aaauPasswordExpirationDate.
             If -1, password will not be expired.
             If  0, password has been expired."
        ::= { aaaUserEntry 12}

     aaauPasswordAllowModifyDate OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 16 ) )
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION
            "The local time of when the password can be start to be modified.
             This date will be reset once the value of
             aaauPasswordAllowModifyDate is updated.

             Only the following format is valid:

             mm/dd/yyyy

             where
             mm   - month  (1-12)
             dd   - day    (1-31)
             yyyy - year   (2000-2050)

             Password will not be expired if set to empty string"
        ::= { aaaUserEntry 13}

     aaauPasswordLockoutEnable OBJECT-TYPE
        SYNTAX        INTEGER {lockout(1),unlock(2),expired(3)}
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Indicate whether this account is locked out."
            DEFVAL { unlock }
        ::= { aaaUserEntry 14}

     aaauBadAtempts OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 999 )
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION
            "Number bad password attempts in the observation window."
            DEFVAL { 0 }
        ::= { aaaUserEntry 15}

    aaauReadRight3 OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Specifies the families that the user can execute with read right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, the user is allowed to run
            commands of this family.First part of the bitmask.If the value is
            not specified, the value configured for the 'default' user is taken"
        ::= { aaaUserEntry 16}

    aaauReadRight4 OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Specifies the families that the user can execute with read right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, the user is allowed to run
            commands of this family.Second part of the bitmask.If the value is
            not specified, the value configured for the 'default' user is taken"
        ::= { aaaUserEntry 17}


    aaauWriteRight3 OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Specifies the families that the user can execute with write right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, the user is allowed to run commands of
            this family. First part of the bitmask.If the value is
            not specified, the value configured for the 'default' user is taken"
        ::= { aaaUserEntry 18}

    aaauWriteRight4 OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Specifies the families that the user can execute with write right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, the user is allowed to run commands of
            this family. Second part of the bitmask.If the value is
            not specified, the value configured for the 'default' user is taken"
        ::= { aaaUserEntry 19}

    aaauSnmpPrivPassword OBJECT-TYPE
        SYNTAX        OCTET STRING ( SIZE( 8 .. 30 ) )
        MAX-ACCESS    read-only
        STATUS        current
        DESCRIPTION
            "Authentication key of the user. The key is encoded in a two way method.
            The encryption key is deducted from this key."
        ::= { aaaUserEntry 20}
        
    aaauAllowConfigUser OBJECT-TYPE
        SYNTAX        INTEGER {enable(1),disable(2)}
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION	 
             "Enable or disable access to config mode"
        DEFVAL { disable }
        ::= { aaaUserEntry 21}
        
    aaauAllowSsh OBJECT-TYPE
        SYNTAX        INTEGER {enable(1),disable(2)}
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION	 
             "Enable or Disable SSH access to the switch"
        DEFVAL { enable }
        ::= { aaaUserEntry 22}
        
    aaauPasswordRefresh OBJECT-TYPE
        SYNTAX        INTEGER {enable(1),disable(2)}
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION	 
             "When enabled, the user will be forced to reset the password in the next login"
        DEFVAL { disable }
        ::= { aaaUserEntry 23}

--    ASA specific configuration MIB

    aaaAsaConfig    OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 4 }

--
--    ASA configuration group
--

    aaaAsaPasswordSizeMin OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 31 )
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
            "Minimum number of digits of the passwords
            ( nominator aaauPassword)."
          DEFVAL     { 0 }
        ::= { aaaAsaConfig 1}

    aaaAsaDefaultPasswordExpirationInDays OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 365 )
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
            "Default password expiration time in days to be applied to all users.
             Updating this object will reset aaauPasswordExpirationDate.
             Password expiration will not be enforced if set to 0."
          DEFVAL     { 0 }
        ::= { aaaAsaConfig 2}

   aaaAsaPasswordContainUserName OBJECT-TYPE
        SYNTAX        INTEGER {enable(1),disable(2)}
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
            "Indicate whether check password contains username or not."
            DEFVAL { disable }
        ::= { aaaAsaConfig 3}

   aaaAsaPasswordMinUpperCase OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 7 )
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
            "Minimum number of English uppercase characters required for password. 0 is disable"
            DEFVAL     { 0 }
        ::= { aaaAsaConfig 4}

   aaaAsaPasswordMinLowerCase OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 7 )
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
            "Minimum number of English lowercase characters required for password 0 is disable."
            DEFVAL     { 0 }
        ::= { aaaAsaConfig 5}

    aaaAsaPasswordMinDigit OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 7 )
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
            "Minimum number of base-10 digits required for password. 0 is disable"
            DEFVAL     { 0 }
        ::= { aaaAsaConfig 6}

    aaaAsaPasswordMinNonAlphan OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 7 )
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
            "Minimum number of non-alphanumeric required for password. 0 is disable"
            DEFVAL     { 0 }
        ::= { aaaAsaConfig 7}

    aaaAsaPasswordHistory OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 24 )
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
            "Password history feature will prevent users from repeatedly using the same password. 0 is disable"
            DEFVAL     { 4 }
        ::= { aaaAsaConfig 8}

  aaaAsaPasswordMinAge OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 150 )
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
            "The password can't be modified in these days. 0 is disable"
            DEFVAL     { 0 }
        ::= { aaaAsaConfig 9}

   aaaAsaLockoutWindow OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 99999 )
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
            "The window of time in which the system increments the bad logon count.(minutes) 0 is disable"
        DEFVAL        { 0 }
        ::= { aaaAsaConfig 10}

   aaaAsaLockoutDuration OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 99999 )
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
            "The amount of time that an account is locked due to the aaauLockoutThreshold being exceeded.(minutes) 0 is disable"
        DEFVAL        { 0 }
        ::= { aaaAsaConfig 11}

   aaaAsaLockoutThreshold OBJECT-TYPE
        SYNTAX        Integer32 ( 0 .. 999 )
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
             "The number of invalid logon attempts that are permitted before the account is locked out. 0 is disable"
        DEFVAL        { 0 }
        ::= { aaaAsaConfig 12}

    aaaAsaAccessPolicyAdminConsoleOnly OBJECT-TYPE
        SYNTAX        INTEGER {enable(1),disable(2)}
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
             "Enable or disable AdminUser console only restriction"
        DEFVAL { disable }
        ::= { aaaAsaConfig 13}

     aaaAsaAccessMode OBJECT-TYPE   
        SYNTAX        INTEGER { default (1),enhanced(2) }  
        MAX-ACCESS    read-write   
        STATUS        current  
        DESCRIPTION    
             "Set access mode to enhanced or default.  0 is default 1 is enhanced"     
        DEFVAL { default }     
        ::= { aaaAsaConfig 14}     
   
     aaaAsaAccessIpLockoutThreshold   OBJECT-TYPE  
        SYNTAX INTEGER(0..999)     
        MAX-ACCESS  read-write     
        STATUS current     
        DESCRIPTION    
             "When aaaAsaAccessMode is enhanced, This object indicates the value of the threshold for failed login     
              attempts from an IP address after which the IP address will be banned from switch access.    
              when aaaAsaAccessMode, this  is set to 0, disable"   
            DEFVAL      { 6 }  
        ::= {aaaAsaConfig 15}  
   
     aaaAsaAccessManagementIpStatus   OBJECT-TYPE  
        SYNTAX       INTEGER {     
                                enable(1),     
                                disable(2)     
                             }     
        MAX-ACCESS read-write  
        STATUS current     
        DESCRIPTION    
            " When aaaAsaAccessMode is enhanced, When enabled , session allowed only for   
               pre-configured/allowed management station  defined in aaaSwitchAccessMgmtStationTable.  
              If disabled, any station can try to establish session is authenticated successfully,     
              when disabled aaaSwitchAccessMgmtStationTable will be destroyed.     
               When aaaAsaAccessMode is default, aaaAsaAccessManagementIpStatus will be disable"   
            DEFVAL { disable }     
        ::= {aaaAsaConfig 16}  

    aaaAsaAccessConsoleAdminOnly OBJECT-TYPE
        SYNTAX        INTEGER {enable(1),disable(2)}
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
             "Enable or disable the Console session only to user admin "
        DEFVAL { disable }
        ::= { aaaAsaConfig 17}

   aaaAsaPasswordContainConsecutiveCharacters OBJECT-TYPE
        SYNTAX        INTEGER {enable(1),disable(2)}
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
            "Indicate whether check password contains consecutive characters or not."
        DEFVAL { disable }
        ::= { aaaAsaConfig 18}

   aaaAsaPasswordRefresh OBJECT-TYPE
        SYNTAX        INTEGER {enable(1),disable(2)}
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
            "When enabled, forces all users (including admin user) to reset the password in the next login."
        DEFVAL { disable }
        ::= { aaaAsaConfig 19}

    alaAaaClientAttr        OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 5 } 

--
--   Even in Client Attributes ,we may have different categories (like radius , tacas)so creating one more node  
-- 
    alaAaaRadClientGlobalAttr  OBJECT IDENTIFIER ::= { alaAaaClientAttr 1 } 

    alaAaaRadNasPortId   OBJECT-TYPE
        SYNTAX          SnmpAdminString ( SIZE(0 ..31 ) )  
        MAX-ACCESS      read-write
        STATUS          current
        DESCRIPTION
            "Radius Client Attribute NAS Port Identifier"  
        ::= { alaAaaRadClientGlobalAttr 1 }    

    alaAaaRadNasIdentifier   OBJECT-TYPE
        SYNTAX          SnmpAdminString ( SIZE(0 ..31 ) )  
        MAX-ACCESS      read-write
        STATUS          current
        DESCRIPTION
            "Radius Client Attribute NAS Identifier"  
        ::= { alaAaaRadClientGlobalAttr 2 }    

    alaAaaRadUserNameDelim OBJECT-TYPE
        SYNTAX          SnmpAdminString ( SIZE(0 ..31 ) )  
        MAX-ACCESS      read-write
        STATUS          current
        DESCRIPTION
            "Radius Client Attribute user name delimiter"  
        ::= { alaAaaRadClientGlobalAttr 3 }    

    alaAaaRadPasswordDelim OBJECT-TYPE
        SYNTAX          SnmpAdminString ( SIZE(0 ..31 ) )  
        MAX-ACCESS      read-write
        STATUS          current
        DESCRIPTION
            "Radius Client Attribute user password delimiter"  
        ::= { alaAaaRadClientGlobalAttr 4 }    

    alaAaaRadCallnStnIdDelim   OBJECT-TYPE
        SYNTAX          SnmpAdminString ( SIZE(0 ..31 ) )  
        MAX-ACCESS      read-write
        STATUS          current
        DESCRIPTION
            "Radius Client attribute Calling Station delimiter"  
        ::= { alaAaaRadClientGlobalAttr 5 }    

    alaAaaRadCalldStnIdDelim   OBJECT-TYPE
        SYNTAX          SnmpAdminString ( SIZE(0 ..31 ) )  
        MAX-ACCESS      read-write
        STATUS          current
        DESCRIPTION
            "Radius Client attribute Called Station delimiter"  
        ::= { alaAaaRadClientGlobalAttr 6 }    

    alaAaaRadUserNameCase OBJECT-TYPE
        SYNTAX          INTEGER  
                    {
                        lowerCase(1),
                        upperCase(2)
                    }
        MAX-ACCESS      read-write
        STATUS          current
        DESCRIPTION
            "Radius client attribute UserName case"  
            DEFVAL { upperCase }
        ::= {  alaAaaRadClientGlobalAttr 7 }    

    alaAaaRadPasswordCase OBJECT-TYPE
        SYNTAX          INTEGER  
                    {
                        lowerCase(1),
                        upperCase(2)
                    }
        MAX-ACCESS      read-write
        STATUS          current
        DESCRIPTION
            "Radius client attribute Password case"  
            DEFVAL { upperCase }
        ::= { alaAaaRadClientGlobalAttr 8 }    

    alaAaaRadCallingStationIdCase OBJECT-TYPE
        SYNTAX          INTEGER  
                    {
                        lowerCase(1),
                        upperCase(2)
                    }
        MAX-ACCESS      read-write
        STATUS          current
        DESCRIPTION
            "Radius client attribute  CallingStationId case"  
            DEFVAL { upperCase }
        ::= { alaAaaRadClientGlobalAttr 9 }    

    alaAaaRadCalledStationIdCase OBJECT-TYPE
        SYNTAX          INTEGER  
                    {
                        lowerCase(1),
                        upperCase(2)
                    }
        MAX-ACCESS      read-write
        STATUS          current
        DESCRIPTION
            "Radius client attribute  CalledStationId case"  
            DEFVAL { upperCase }
         ::= { alaAaaRadClientGlobalAttr 10 }

    alaAaaRadNasIpAddressMode  OBJECT-TYPE
        SYNTAX        INTEGER  {
                          default (1),
                          localIp (2)
                      }
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "The mode of NAS IP address."
        DEFVAL { default }
        ::= { alaAaaRadClientGlobalAttr 11 }

    alaAaaRadNasIpAddressType  OBJECT-TYPE
        SYNTAX        InetAddressType  {
                          ipv4 (1),
                          ipv6 (2)
                      }
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "Address type of NAS IP address."
        DEFVAL { ipv4 }
        ::= { alaAaaRadClientGlobalAttr 12 }
    
    alaAaaRadNasIpAddress OBJECT-TYPE
        SYNTAX     InetAddress (SIZE (4|16))
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "NAS IP address."
        ::= { alaAaaRadClientGlobalAttr 13 }
        
    alaAaaRadUnpProfilePrecedence   OBJECT-TYPE
        SYNTAX        INTEGER  {
                          filterId  (1),
                          tunnelPrivateGroupId  (2)
                      }
        MAX-ACCESS  read-write
        STATUS      current
        DESCRIPTION
            "The mode of UNP profile precedence"
        DEFVAL { filterId }
        ::= { alaAaaRadClientGlobalAttr 14 }               
        
    alaAaaProfileObjects OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 6 } 
--
--   Even in Profiles ,we may have different categories so creating one more node  
-- 
    alaAaaProfileConfig  OBJECT IDENTIFIER ::= { alaAaaProfileObjects 1 } 

--   Profile   table 
-- AG AAA Profile will be created  with this table 

    alaAaaProfTable OBJECT-TYPE
        SYNTAX      SEQUENCE OF AlaAaaProfEntry
        MAX-ACCESS   not-accessible
        STATUS      current
        DESCRIPTION
            "Table contain AAA profiles details for Onex/MAC/Captive Portal "
        ::=  {   alaAaaProfileConfig 1 } 

    alaAaaProfEntry OBJECT-TYPE
        SYNTAX           AlaAaaProfEntry
        MAX-ACCESS       not-accessible
        STATUS           current
        DESCRIPTION
            "Each entry defines  AAA  profile for Onex/MAC"
        INDEX { alaAaaProfName }
        ::= { alaAaaProfTable 1 }

    AlaAaaProfEntry ::= SEQUENCE
        {
            alaAaaProfName                           SnmpAdminString,
            alaAaaProfOnexReAuthSts                 INTEGER,
            alaAaaProfOnexReAuthIntrvl              Integer32,
            alaAaaProfOnexReAuthTrstRadSts          INTEGER,
            alaAaaProfOnexIntrmIntrvl               Integer32,
            alaAaaProfOnexIntmItvlTstRadSts         INTEGER,
            alaAaaProfMacIntrmIntrvl                 Integer32,
            alaAaaProfMacIntmItvlTrstRadSts          INTEGER,
            alaAaaProfMacSessTimeoutSts              INTEGER,  
            alaAaaProfMacSessTimeoutIntrvl           Integer32, 
            alaAaaProfMacSessTmoutTrstRadSts         INTEGER, 
            alaAaaProfMacInActLogoutSts              INTEGER, 
            alaAaaProfMacInActLogoutIntrvl           Integer32,    
            alaAaaProfCpSessTimeoutSts               INTEGER,
            alaAaaProfCpSessTimeoutIntrvl            Integer32,
            alaAaaProfCpSessTmotTrstRadSts           INTEGER,
            alaAaaProfCpInActLogoutSts               INTEGER,
            alaAaaProfCpInActLogoutIntrvl            Integer32,
            alaAaaProfCpIntrmIntrvl                  Integer32,
            alaAaaProfCpItrmIntlTrstRadSts           INTEGER,
            alaAaaProfRadNasPortId                   SnmpAdminString,
            alaAaaProfRadNasIdentifier               SnmpAdminString, 
            alaAaaProfRadUserNameDelim               SnmpAdminString, 
            alaAaaProfRadPasswrdDelim                SnmpAdminString, 
            alaAaaProfRadCallnStnIdDelim             SnmpAdminString,   
            alaAaaProfRadCalldStnIdDelim             SnmpAdminString, 
            alaAaaProfRadUserNameCase                INTEGER,       
            alaAaaProfRadPasswordCase                INTEGER,       
            alaAaaProfRadCallnStnIdCase              INTEGER,       
            alaAaaProfRadCalldStnIdCase              INTEGER,       
            alaAaaProfRowStatus                      RowStatus,
            alaAaaProfRadNasIpAddressMode            INTEGER,
            alaAaaProfRadNasIpAddressType            InetAddressType,
            alaAaaProfRadNasIpAddress                InetAddress
    }

    alaAaaProfName  OBJECT-TYPE
        SYNTAX    SnmpAdminString ( SIZE( 1 .. 32 ) ) 
        MAX-ACCESS   not-accessible 
        STATUS        current
        DESCRIPTION
            " AAA  profile name  for Onex/MAC/Captive Portal authenticated sessions "
        ::= { alaAaaProfEntry  1 }


    alaAaaProfOnexReAuthSts OBJECT-TYPE
        SYNTAX       INTEGER {
                                enable(1),           
                                disable(2)
                             }
        MAX-ACCESS read-create
        STATUS current 
        DESCRIPTION 
            " AAA  profile Re-auth Status for  Onex authenticated sessions "
            DEFVAL { disable }
        ::= { alaAaaProfEntry 2 }

    alaAaaProfOnexReAuthIntrvl OBJECT-TYPE
        SYNTAX      Integer32  
        MAX-ACCESS read-create
        STATUS current 
        DESCRIPTION 
        " AAA  profile Re-auth Interval for  Onex authenticated sessions "
            DEFVAL { 3600 }
       ::= { alaAaaProfEntry 3 }


    alaAaaProfOnexReAuthTrstRadSts OBJECT-TYPE
        SYNTAX       INTEGER {
                                 enable(1),           
                                 disable(2)
                              }
        MAX-ACCESS read-create
        STATUS current 
        DESCRIPTION 
        " AAA  profile Re-auth Trust Radius Status for  Onex authenticated sessions "
        DEFVAL { disable }
       ::= { alaAaaProfEntry 4 }

    alaAaaProfOnexIntrmIntrvl OBJECT-TYPE
        SYNTAX      Integer32  
        MAX-ACCESS read-create
        STATUS current 
        DESCRIPTION 
        " AAA  profile Interium Interval  for  Onex authenticated sessions "
   	 DEFVAL { 600 }
       ::= { alaAaaProfEntry 5 }

    alaAaaProfOnexIntmItvlTstRadSts    OBJECT-TYPE
        SYNTAX       INTEGER {
                                enable(1),           
                                disable(2)
                             }
        MAX-ACCESS read-create
        STATUS current 
        DESCRIPTION 
        " AAA  profile Interium Interval Trust Radius Status  for  Onex authenticated sessions "
        DEFVAL { disable }
       ::= { alaAaaProfEntry 6 }

    alaAaaProfMacIntrmIntrvl OBJECT-TYPE
        SYNTAX      Integer32  
        MAX-ACCESS read-create
        STATUS current 
        DESCRIPTION 
        " AAA  profile Interium Interval  for  MAC  authenticated sessions "
   	 DEFVAL { 600 }
       ::= { alaAaaProfEntry 7 }

    alaAaaProfMacIntmItvlTrstRadSts OBJECT-TYPE
        SYNTAX       INTEGER {
                    enable(1),           
                    disable(2)
                    }
        MAX-ACCESS read-create
        STATUS current 
        DESCRIPTION 
        " AAA  profile Interium Interval Trust Radius Status for  MAC  authenticated sessions "
        DEFVAL { disable }
       ::= { alaAaaProfEntry  8 }


    alaAaaProfMacSessTimeoutSts OBJECT-TYPE
        SYNTAX       INTEGER {
                                 enable(1),           
                                 disable(2)
                             }
        MAX-ACCESS read-create
        STATUS current 
        DESCRIPTION 
        " AAA  profile Session Timeout  Status for  MAC  authenticated sessions "
        DEFVAL { disable }
       ::= { alaAaaProfEntry 9 }

    alaAaaProfMacSessTimeoutIntrvl OBJECT-TYPE
        SYNTAX      Integer32  
        MAX-ACCESS read-create
        STATUS current 
        DESCRIPTION 
        " AAA  profile Session Timeout  Interval for  MAC  authenticated sessions "
   	 DEFVAL { 43200 }
       ::= { alaAaaProfEntry 10 }

    alaAaaProfMacSessTmoutTrstRadSts OBJECT-TYPE
        SYNTAX       INTEGER {
                                enable(1),           
                                disable(2)
                              }
        MAX-ACCESS read-create
        STATUS current 
        DESCRIPTION 
        " AAA  profile Session Timeout  Trust Radius Status for  MAC  authenticated sessions "
         DEFVAL { disable }
       ::= { alaAaaProfEntry 11 }

    alaAaaProfMacInActLogoutSts OBJECT-TYPE
        SYNTAX       INTEGER {
                                enable(1),           
                                disable(2)
                             }
        MAX-ACCESS read-create
        STATUS current 
        DESCRIPTION 
        " AAA  profile InActivity Logout  Status for  MAC  authenticated sessions "
        DEFVAL { disable }
       ::= { alaAaaProfEntry 12 }

    alaAaaProfMacInActLogoutIntrvl    OBJECT-TYPE
        SYNTAX      Integer32(0|60..1200)  
        MAX-ACCESS read-create
        STATUS current 
        DESCRIPTION 
        " AAA  profile InActivity Logout  Interval for  MAC  authenticated sessions.
	  When MAC aging is not desired, then the Inactivity Logout Interval should be configured to 0."
  	DEFVAL { 600 }
       ::= { alaAaaProfEntry 13 }

    alaAaaProfCpSessTimeoutSts OBJECT-TYPE
        SYNTAX       INTEGER {
                                 enable(1),           
                                 disable(2)
                            }
        MAX-ACCESS read-create
        STATUS current 
        DESCRIPTION 
            "AAA profile Captive Portal Session Timeout Status. "
            DEFVAL { disable }
       ::= { alaAaaProfEntry 14 }


    alaAaaProfCpSessTimeoutIntrvl OBJECT-TYPE
        SYNTAX      Integer32  
        MAX-ACCESS read-create
        STATUS current 
        DESCRIPTION 
            "AAA profile Captive Portal Session Timeout Interval. "
  	  DEFVAL  { 432000 }
       ::= { alaAaaProfEntry 15 }

    alaAaaProfCpSessTmotTrstRadSts OBJECT-TYPE
        SYNTAX       INTEGER
        {
                    enable(1),     
                    disable(2)
        }
       MAX-ACCESS read-create
       STATUS current 
       DESCRIPTION
            "AAA profile Captive Portal Session Timeout Trust radius Status "
       DEFVAL { disable }
       ::= { alaAaaProfEntry 16 }

    alaAaaProfCpInActLogoutSts OBJECT-TYPE
       SYNTAX       INTEGER 
       {
            enable(1),
            disable(2)
       }
       MAX-ACCESS read-create
       STATUS current
       DESCRIPTION
            "AAA profile Captive Portal Inactivity Logout Status." 
       DEFVAL { disable }
       ::= { alaAaaProfEntry 17 }

    alaAaaProfCpInActLogoutIntrvl    OBJECT-TYPE
       SYNTAX      Integer32(0|60..1200)  
       MAX-ACCESS read-create
       STATUS current
       DESCRIPTION
            "AAA profile Captive Portal Inactivity Logout Interval. 
	    When MAC aging is not desired, then the Inactivity Logout Interval should be configured to 0."
 	DEFVAL  { 600 }
       ::= { alaAaaProfEntry 18 }

    alaAaaProfCpIntrmIntrvl OBJECT-TYPE
        SYNTAX      Integer32  
        MAX-ACCESS read-create
        STATUS current 
        DESCRIPTION 
            "AAA profile Captive Portal Interim Interval." 
 	DEFVAL  { 43200 }
       ::= { alaAaaProfEntry 19 }

    alaAaaProfCpItrmIntlTrstRadSts OBJECT-TYPE
        SYNTAX       INTEGER 
                     {
                         enable(1),           
                         disable(2)
                     }
        MAX-ACCESS  read-create
        STATUS      current 
        DESCRIPTION 
            "AAA profile Captive Portal Interim Interval Trust Radius Status." 
            DEFVAL { disable }
       ::= { alaAaaProfEntry 20 }


    alaAaaProfRadNasPortId   OBJECT-TYPE
       SYNTAX          SnmpAdminString ( SIZE(0 ..31 ) )  
       MAX-ACCESS      read-create
       STATUS          current
       DESCRIPTION
        "Radius Client Attribute NAS Port Identifier"  
       ::= { alaAaaProfEntry 21 }    
  
    alaAaaProfRadNasIdentifier   OBJECT-TYPE
        SYNTAX          SnmpAdminString ( SIZE(0 ..31 ) )  
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION
            "Radius Client Attribute  NAS  Identifier"  
        ::= { alaAaaProfEntry 22 }    


    alaAaaProfRadUserNameDelim     OBJECT-TYPE
        SYNTAX          SnmpAdminString ( SIZE(0 ..31 ) )  
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION
            "Radius Client Attribute  user name delimiter"  
        ::= { alaAaaProfEntry 23 }    

    alaAaaProfRadPasswrdDelim    OBJECT-TYPE
        SYNTAX          SnmpAdminString ( SIZE(0 ..31 ) )  
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION
            "Radius Client Attribute Password delimiter"  
        ::= { alaAaaProfEntry  24 }    

    alaAaaProfRadCallnStnIdDelim   OBJECT-TYPE
        SYNTAX          SnmpAdminString ( SIZE(0 ..31 ) )  
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION
            "Radius Client attribute Calling Station delimiter"  
        ::= { alaAaaProfEntry 25 }    

    alaAaaProfRadCalldStnIdDelim OBJECT-TYPE
        SYNTAX          SnmpAdminString ( SIZE(0 ..31 ) )  
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION
            "Radius Client attribute Called Station delimiter"  
        ::= { alaAaaProfEntry 26 }    


    alaAaaProfRadUserNameCase OBJECT-TYPE
        SYNTAX          INTEGER  
                        {
                             lowerCase(1),
                             upperCase(2)
                        }
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION
             "Radius client Attribute UserName case"  
        DEFVAL { upperCase }
        ::= { alaAaaProfEntry 27 }    

    alaAaaProfRadPasswordCase OBJECT-TYPE
         SYNTAX          INTEGER  
                        {
                           lowerCase(1),
                           upperCase(2)
                        }
         MAX-ACCESS     read-create
         STATUS          current
         DESCRIPTION
            "Radius client  attribute Password case"  
        	DEFVAL { upperCase }
         ::= { alaAaaProfEntry 28 }    

    alaAaaProfRadCallnStnIdCase  OBJECT-TYPE
        SYNTAX          INTEGER  
                        {
                            lowerCase(1),
                            upperCase(2)
                        }
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION
            "Radius client attribute  CallingStationId case"  
       		DEFVAL { upperCase }
        ::= { alaAaaProfEntry 29 }    

    alaAaaProfRadCalldStnIdCase OBJECT-TYPE
        SYNTAX          INTEGER  
                       {
                           lowerCase(1),
                           upperCase(2)
                       }
        MAX-ACCESS      read-create
        STATUS          current
        DESCRIPTION
           "Radius client attribute  CalledStationId case"  
       		DEFVAL { upperCase }
        ::= { alaAaaProfEntry 30 }    

    alaAaaProfRowStatus OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Row  status of table ."
        DEFVAL        { notInService }
        ::= { alaAaaProfEntry 31 }

    alaAaaProfRadNasIpAddressMode  OBJECT-TYPE
        SYNTAX        INTEGER  {
                          default (1),
                          localIp (2)
                      }
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
            "The mode of NAS IP address."
        DEFVAL { default }
        ::= { alaAaaProfEntry 32 }

    alaAaaProfRadNasIpAddressType  OBJECT-TYPE
        SYNTAX        InetAddressType  {
                          ipv4 (1),
                          ipv6 (2)
                      }
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
            "Address type of NAS IP address."
        DEFVAL { ipv4 }
        ::= { alaAaaProfEntry 33 }
    
    alaAaaProfRadNasIpAddress OBJECT-TYPE
        SYNTAX     InetAddress (SIZE (4|16))
        MAX-ACCESS  read-create
        STATUS      current
        DESCRIPTION
            "NAS IP address."
        ::= { alaAaaProfEntry 34 }

--
--   Profile based Authorization table 
--
    alaAaaProfAuthTable  OBJECT-TYPE
        SYNTAX        SEQUENCE OF  AlaAaaProfAuthEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "This table shows aaa profiles for configuring authentication server for MAC/Onex/Captive Portal"
        ::= { alaAaaProfileConfig 2 }

    alaAaaProfAuthEntry OBJECT-TYPE
        SYNTAX       AlaAaaProfAuthEntry 
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "configuration for MAC/Onex authentication."
        INDEX     { alaAaaProfName, alaAaaProfAuthInterface}
        ::= { alaAaaProfAuthTable 1 }

    AlaAaaProfAuthEntry ::= SEQUENCE
        {
            alaAaaProfAuthInterface      INTEGER, 
            alaAaaProfAuthSrvName1       SnmpAdminString,
            alaAaaProfAuthSrvName2       SnmpAdminString,
            alaAaaProfAuthSrvName3       SnmpAdminString,
            alaAaaProfAuthSrvName4       SnmpAdminString,
            alaAaaProfAuthRowStatus       RowStatus
        }

    alaAaaProfAuthInterface  OBJECT-TYPE
        SYNTAX        INTEGER
                      {
                         mac(1),
                         dot1x(2),
 			 captivePortal(3)
                       }  
        MAX-ACCESS    not-accessible 
        STATUS        current
        DESCRIPTION
            "one for mac, two for 1x,threee for Captive Portal"
        ::= { alaAaaProfAuthEntry 1}

    alaAaaProfAuthSrvName1   OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 31 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            " Radius authenticated server"
        ::= { alaAaaProfAuthEntry 2}

    alaAaaProfAuthSrvName2   OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 31 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            " Radius authenticated server"
        ::= { alaAaaProfAuthEntry 3}

    alaAaaProfAuthSrvName3   OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 31 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            " Radius authenticated server"
        ::= { alaAaaProfAuthEntry 4}

    alaAaaProfAuthSrvName4    OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 31 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            " Radius authenticated server"
        ::= { alaAaaProfAuthEntry 5}

    alaAaaProfAuthRowStatus   OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The status of this table entry."
        DEFVAL        { notInService }
        ::= { alaAaaProfAuthEntry 6 }


--
--   Profile based Accounting  table 
--
    alaAaaProfAcctTable  OBJECT-TYPE
        SYNTAX        SEQUENCE OF  AlaAaaProfAcctEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            " Profile Table for configuring radius accounting server for MAC/Onex authentication."
        ::= { alaAaaProfileConfig 3 }

    alaAaaProfAcctEntry OBJECT-TYPE
        SYNTAX       AlaAaaProfAcctEntry 
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "configuration for MAC/Onex/Captive Portal accounting."
        INDEX     { alaAaaProfName, alaAaaProfAcctInterface}
        ::= { alaAaaProfAcctTable 1 }

    AlaAaaProfAcctEntry ::= SEQUENCE
        {
            alaAaaProfAcctInterface          INTEGER,
            alaAaaProfAcctSrvName1           SnmpAdminString,
            alaAaaProfAcctSrvName2           SnmpAdminString,
            alaAaaProfAcctSrvName3           SnmpAdminString,
            alaAaaProfAcctSrvName4           SnmpAdminString,
            alaAaaProfAcctSyslogIPAddrType   InetAddressType,      
            alaAaaProfAcctSyslogIPAddr       InetAddress,      
            alaAaaProfAcctSyslogUdpPort      Unsigned32,      
            alaAaaProfAcctCalingStationId    INTEGER,		
            alaAaaProfAcctRowStatus          RowStatus
        }

    alaAaaProfAcctInterface  OBJECT-TYPE
        SYNTAX        INTEGER
                      {
                         mac(1),
                         dot1x(2),
                         captivePortal(3)
                       }  
        MAX-ACCESS    not-accessible 
        STATUS        current
        DESCRIPTION
            "one for mac, two for 1x, three for Captive Portal"
        ::= { alaAaaProfAcctEntry 1 }

    alaAaaProfAcctSrvName1   OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 31 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Radius accounting Server for Onex/MAC/Captive Portal accounting  sessions."
        ::= { alaAaaProfAcctEntry 2 }

    alaAaaProfAcctSrvName2   OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 31 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Radius accounting Server for Onex/MAC/Captive Portal accounting  sessions."
        ::= { alaAaaProfAcctEntry 3 }

    alaAaaProfAcctSrvName3   OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 31 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Radius accounting Server for Onex/MAC/Captive Portal accounting  sessions."
        ::= { alaAaaProfAcctEntry 4 }

    alaAaaProfAcctSrvName4    OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 31 ) )
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Radius accounting Server for Onex/MAC/Captive Portal accounting  sessions."
        ::= { alaAaaProfAcctEntry 5 }

    alaAaaProfAcctSyslogIPAddrType   OBJECT-TYPE
        SYNTAX       InetAddressType 
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Accounting Syslog IpAddress type"
        ::= { alaAaaProfAcctEntry 6 }

    alaAaaProfAcctSyslogIPAddr OBJECT-TYPE
        SYNTAX       InetAddress 
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Accounting Syslog IpAddress "
        ::= { alaAaaProfAcctEntry 7 }

    alaAaaProfAcctSyslogUdpPort    OBJECT-TYPE
        SYNTAX      Unsigned32 (0..65535) 
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "Accounting Syslog Udp port "
        DEFVAL  { 514 }
        ::= { alaAaaProfAcctEntry 8 }
	
	alaAaaProfAcctCalingStationId OBJECT-TYPE	 
	SYNTAX      INTEGER	 
			{	 
				mac(1),	 
				ip(2)	 
			}	 

	MAX-ACCESS    read-create	 
        STATUS        current	 
	DESCRIPTION	 
	"Raduis Calling Station ID "	 
	::= { alaAaaProfAcctEntry 9 } 

    alaAaaProfAcctRowStatus   OBJECT-TYPE
        SYNTAX        RowStatus
        MAX-ACCESS    read-create
        STATUS        current
        DESCRIPTION
            "The status of this table entry."
        DEFVAL        { notInService }
        ::= { alaAaaProfAcctEntry 10 }


-- START: AAA SWITCH ACCESS CONFIG-RELATED MIB---------------------

    aaaSwitchAccessConfig   OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 7 }

-- SwitchAccess config MIB --

    aaaSwitchAccessMgmtStationTable OBJECT-TYPE
        SYNTAX           SEQUENCE OF AaaSwitchAccessMgmtStationEntry
        MAX-ACCESS       not-accessible
        STATUS           current
        DESCRIPTION
            "This table is used to configure SwitchAccess management station's Ip address."
        ::= {aaaSwitchAccessConfig 1 }

    aaaSwitchAccessMgmtStationEntry  OBJECT-TYPE
        SYNTAX                  AaaSwitchAccessMgmtStationEntry
        MAX-ACCESS               not-accessible
        STATUS                   current
        DESCRIPTION
            "SwitchAccessManagementStation configuration."
        INDEX  { aaaSwitchAccessMgmtStationIpType,
                 aaaSwitchAccessMgmtStationIpAddress,
                 aaaSwitchAccessMgmtStationIpPrefixLength
               }
        ::= { aaaSwitchAccessMgmtStationTable 1 }

    AaaSwitchAccessMgmtStationEntry  ::= SEQUENCE
        {
        aaaSwitchAccessMgmtStationIpType      InetAddressType,
        aaaSwitchAccessMgmtStationIpAddress   InetAddress,
        aaaSwitchAccessMgmtStationIpPrefixLength    InetAddressPrefixLength,
        aaaSwitchAccessMgmtStationRowStatus   RowStatus
        }

    aaaSwitchAccessMgmtStationIpType OBJECT-TYPE
        SYNTAX                  InetAddressType {  unknown(0), ipv4(1) }
        MAX-ACCESS              not-accessible
        STATUS                  current
        DESCRIPTION
            "The Ip Address Type for the SwitchAccess management station"
        ::= { aaaSwitchAccessMgmtStationEntry  1 }

    aaaSwitchAccessMgmtStationIpAddress OBJECT-TYPE
        SYNTAX                  InetAddress (SIZE (4 | 16))
        MAX-ACCESS              not-accessible
        STATUS                  current
        DESCRIPTION
            "The Ip Address for the SwitchAccess management station"
        ::= { aaaSwitchAccessMgmtStationEntry  2 }

    aaaSwitchAccessMgmtStationIpPrefixLength OBJECT-TYPE
        SYNTAX                  InetAddressPrefixLength
        MAX-ACCESS              not-accessible
        STATUS                  current
        DESCRIPTION
            "The prefix length that, when combined
            with aaaSwitchAccessMgmtStationIpAddress , gives the prefix for this
            entry.  The InetAddressType is given by the
            aaaSwitchAccessMgmtStationIpType object.
            Currntly release supports only IPV4."
        ::= { aaaSwitchAccessMgmtStationEntry 3 }

    aaaSwitchAccessMgmtStationRowStatus  OBJECT-TYPE
        SYNTAX                         RowStatus
        MAX-ACCESS                     read-create
        STATUS                         current
        DESCRIPTION
            "The Rowstatus of the AaaSwitchAccessMgmtStationEntry."
        ::= { aaaSwitchAccessMgmtStationEntry  4 }

--
-- Banned IP list, this table will be populated by software
--

    aaaSwitchAccessBannedIpTable OBJECT-TYPE
        SYNTAX           SEQUENCE OF AaaSwitchAccessBannedIpEntry
        MAX-ACCESS       not-accessible
        STATUS           current
        DESCRIPTION
            "This table is populated by software for Banned Ip address."
        ::= {aaaSwitchAccessConfig  2}

    aaaSwitchAccessBannedIpEntry OBJECT-TYPE
        SYNTAX                  AaaSwitchAccessBannedIpEntry
        MAX-ACCESS               not-accessible
        STATUS                   current
        DESCRIPTION
            "SwitchAccessManagementStation configuration."
        INDEX  {
                 aaaSwitchAccessBannedIpType,
                 aaaSwitchAccessBannedIpAddress
               }
        ::= { aaaSwitchAccessBannedIpTable 1 }

    AaaSwitchAccessBannedIpEntry   ::= SEQUENCE
        {
           aaaSwitchAccessBannedIpType      InetAddressType,
           aaaSwitchAccessBannedIpAddress   InetAddress,
           aaaSwitchAccessBannedIpRowStatus  RowStatus
        }

    aaaSwitchAccessBannedIpType   OBJECT-TYPE
        SYNTAX                     InetAddressType
        MAX-ACCESS                  not-accessible
        STATUS                      current
        DESCRIPTION
            "IP address type of banned IP"
        ::= { aaaSwitchAccessBannedIpEntry   1 }


    aaaSwitchAccessBannedIpAddress   OBJECT-TYPE
        SYNTAX                      InetAddress (SIZE (4|16))
        MAX-ACCESS                  not-accessible
        STATUS                      current
        DESCRIPTION
            "IP address of banned IP"
        ::= { aaaSwitchAccessBannedIpEntry   2 }

    aaaSwitchAccessBannedIpRowStatus  OBJECT-TYPE
        SYNTAX       RowStatus
        MAX-ACCESS   read-create 
        STATUS        current
        DESCRIPTION
            "Rowstatus of the AaaSwitchAccessBannedIpEntry, Since this table
             is populated by switch, only destroy action is allowed."
        ::= { aaaSwitchAccessBannedIpEntry   3 }

--
--  Switch Access Priv mask based on session  type
--

     aaaSwitchAccessPrivMaskTable OBJECT-TYPE
         SYNTAX        SEQUENCE OF AaaSwitchAccessPrivMaskEntry
         MAX-ACCESS    not-accessible
         STATUS        current
         DESCRIPTION
             "This table is used to define the user privilege based on access type along with users existing privilege level."
     ::= { aaaSwitchAccessConfig 3}

    aaaSwitchAccessPrivMaskEntry OBJECT-TYPE
        SYNTAX        AaaSwitchAccessPrivMaskEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "Priv mask configuration identified by the access type"
        INDEX { aaaSwitchAccessType }
        ::= { aaaSwitchAccessPrivMaskTable 1 }

    AaaSwitchAccessPrivMaskEntry ::= SEQUENCE
        {
           aaaSwitchAccessType           INTEGER,
           aaaSwitchAccessReadRight1     Unsigned32,
           aaaSwitchAccessReadRight2     Unsigned32,
           aaaSwitchAccessReadRight3     Unsigned32,
           aaaSwitchAccessReadRight4     Unsigned32,
           aaaSwitchAccessWriteRight1    Unsigned32,
           aaaSwitchAccessWriteRight2    Unsigned32,
           aaaSwitchAccessWriteRight3    Unsigned32,
           aaaSwitchAccessWriteRight4    Unsigned32
        }

    aaaSwitchAccessType    OBJECT-TYPE
        SYNTAX       INTEGER
                     {
                           console(1),
                           telnet(2),
                              ssh(3),
                             http(4),
                             https(5)
                      }
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "Type of connection for which privilege mask should be applied for.
             If no specific privilege is configured, by default all the mode shall have
             all the privilege for the user."
        ::= { aaaSwitchAccessPrivMaskEntry 1}

    aaaSwitchAccessReadRight1     OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-write 
        STATUS        current
        DESCRIPTION
            "Specifies the families through the access type can execute with read right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, through the access type the user is allowed to run
            commands of this family.First part of the bitmask.If the value is
            not specified, the value configured for the 'default'."
        ::= { aaaSwitchAccessPrivMaskEntry 2}

    aaaSwitchAccessReadRight2    OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-write 
        STATUS        current
        DESCRIPTION
             "Specifies the families through the access type can execute with read right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, through the access type the user is allowed to run
            commands of this family.First part of the bitmask.If the value is
            not specified, the value configured for the 'default'."
        ::= { aaaSwitchAccessPrivMaskEntry 3}

    aaaSwitchAccessReadRight3    OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-write 
        STATUS        current
        DESCRIPTION
             "Specifies the families through the access type can execute with read right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, through the access type the user is allowed to run
            commands of this family.First part of the bitmask.If the value is
            not specified, the value configured for the 'default'."
        ::= { aaaSwitchAccessPrivMaskEntry 4}

    aaaSwitchAccessReadRight4    OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-write 
        STATUS        current
        DESCRIPTION
             "Specifies the families through the access type can execute with read right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, through the access type the user is allowed to run
            commands of this family.First part of the bitmask.If the value is
            not specified, the value configured for the 'default'."
        ::= { aaaSwitchAccessPrivMaskEntry 5}

     aaaSwitchAccessWriteRight1   OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-write 
        STATUS        current
        DESCRIPTION
            "Specifies the families through the access type can execute with read right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, through the access type the user is allowed to run
            commands of this family.First part of the bitmask.If the value is
            not specified, the value configured for the 'default'."
        ::= { aaaSwitchAccessPrivMaskEntry 6}

    aaaSwitchAccessWriteRight2    OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-write 
        STATUS        current
        DESCRIPTION
          "Specifies the families through the access type can execute with read right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, through the access type the user is allowed to run
            commands of this family.First part of the bitmask.If the value is
            not specified, the value configured for the 'default'."
        ::= { aaaSwitchAccessPrivMaskEntry 7}

    aaaSwitchAccessWriteRight3    OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-write 
        STATUS        current
        DESCRIPTION
          "Specifies the families through the access type can execute with read right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, through the access type the user is allowed to run
            commands of this family.First part of the bitmask.If the value is
            not specified, the value configured for the 'default'."
        ::= { aaaSwitchAccessPrivMaskEntry 8}

    aaaSwitchAccessWriteRight4    OBJECT-TYPE
        SYNTAX        Unsigned32 ( 0 .. 4294967295 )
        MAX-ACCESS    read-write 
        STATUS        current
        DESCRIPTION
          "Specifies the families through the access type can execute with read right.
            Each bit of the 32-bit integer mask represents a command's family
            number. When the family bit is set, through the access type the user is allowed to run
            commands of this family.First part of the bitmask.If the value is
            not specified, the value configured for the 'default'."
        ::= { aaaSwitchAccessPrivMaskEntry 9}

-- END: AAA SWITCH ACCESS CONFIG-RELATED MIB---------------------


--
-- User profile save
--

alaAaaUserProfileSave OBJECT-TYPE
    SYNTAX        INTEGER {
        userProfile (1),
        globalProfile (2)
    }
    MAX-ACCESS    read-write
    STATUS        current
    DESCRIPTION
        "This object is used for saving the profiles to a file.
        userProfile (1) : when set through CLI user profile file is created at /flash/switch/.profiles location and 
                          synced  accross Chassis/VC.
        globalProfile (2): when set through CLI GlobalProfile.txt is generated and synced accross VC/Chassiss."
    ::= { alaAaaProfileConfig 4 }

    alaAaaCommonCriteriaConfig   OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 8 }

    alaAaaCommonCriteriaMode   OBJECT-TYPE
        SYNTAX      INTEGER {
                        enable(1),
                        disable(2)
                    }
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            " Enable/Disable Common Criteria mode."
        DEFVAL { disable }
        ::= { alaAaaCommonCriteriaConfig 1 }

--
-- START: AAA TLS CONFIG-RELATED MIB---------------------
--
    alaAaaTlsConfig   OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 9 }

    alaAaaTlsBaseConfig   OBJECT IDENTIFIER ::= { alaAaaTlsConfig 1 }

    alaAaaTlsCaFileName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Name of the CA bundle file (in PEM format) stored in /flash/switch directory."
        ::= { alaAaaTlsBaseConfig 1 }

    alaAaaTlsCrlFileName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Name of the CRL file (in PEM format) stored in /flash/switch directory."
        ::= { alaAaaTlsBaseConfig 2 }

    alaAaaTlsKeyFileName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Name of the rsa key file stored in /flash/switch directory."
        ::= { alaAaaTlsBaseConfig 3 }

    alaAaaTlsSupplicantCertFileName OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (1..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Name of the supplicant certificate file (in PEM format) stored in /flash/switch directory."
        ::= { alaAaaTlsBaseConfig 4 }

    alaAaaTlsSupplicantKeyFileName OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (1..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Name of the supplicant certificate key file (in key format) stored in /flash/switch directory."
        ::= { alaAaaTlsBaseConfig 5 }

    alaAaaTlsSupplicantKeyPasswd OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (1..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The supplicant certificate key password (in key format) stored in /flash/switch directory."
        ::= { alaAaaTlsBaseConfig 6 }

    alaAaaTlsSupplicantIdentityUsername OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..32))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The supplicant certificate identity username stored in /flash/switch directory."
        ::= { alaAaaTlsBaseConfig 7 }

    alaAaaTlsSupplicantCaCertFileName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Name of the supplicant CA certificate file (in PEM format) stored in /flash/switch directory."
        ::= { alaAaaTlsBaseConfig 8 }

    alaAaaTlsConvertCertFileName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (1..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Name of the certificate file stored in /flash/switch/certs directory that needs to be converted to PEM format."
        ::= { alaAaaTlsBaseConfig 9 }

    alaAaaTlsConvertCertKeyFileName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (1..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Name of the certificate key file stored in /flash/switch/certs directory that needs to be converted to PEM format."
        ::= { alaAaaTlsBaseConfig 10 }

    alaAaaTlsConvertCertFileFormat   OBJECT-TYPE
        SYNTAX        INTEGER {
                        der(1),
                        pem(2),
                        pkcs12(3),
                        p7b(4)
                      }
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "This object is used to set the input certificate formats (der | pem | pkcs12 | p7b) to convert to PEM format."
        ::= { alaAaaTlsBaseConfig 11 }

    alaAaaTlsConvertCertPassword   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE(0..47))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Convert certificate password."
        ::= { alaAaaTlsBaseConfig 12 }

    alaAaaTlsKeySize   OBJECT-TYPE
        SYNTAX        Integer32 (0..4096)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Key size of the rsa key file stored in /flash/switch directory."
        DEFVAL { 2048 }
        ::= { alaAaaTlsBaseConfig 13 }


    alaAaaTlsSelfSignedCert   OBJECT IDENTIFIER ::= { alaAaaTlsConfig 2 }

    alaAaaTlsSelfSignedCertFileName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Name of the self-signed certificate file stored in /flash/switch directory."
        ::= { alaAaaTlsSelfSignedCert 1 }

    alaAaaTlsSelfSignedCertKeyFileName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Name of the key file file stored in /flash/switch directory."
        ::= { alaAaaTlsSelfSignedCert 2 }

    alaAaaTlsSelfSignedCertValidPeriod   OBJECT-TYPE
        SYNTAX        Integer32 (0..3650)
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The valid period in days of certificate."
        ::= { alaAaaTlsSelfSignedCert 3 }

    alaAaaTlsSelfSignedCertCommonName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..32))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The certificate common name."
        ::= { alaAaaTlsSelfSignedCert 4 }

    alaAaaTlsSelfSignedCertOrgName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..32))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The certificate organization name ."
        ::= { alaAaaTlsSelfSignedCert 5 }

    alaAaaTlsSelfSignedCertOrgUnit   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..32))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The certificate organization unit."
        ::= { alaAaaTlsSelfSignedCert 6 }

    alaAaaTlsSelfSignedCertLocality   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..32))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Locality of the certificate organization."
        ::= { alaAaaTlsSelfSignedCert 7 }

    alaAaaTlsSelfSignedCertState   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..32))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The state of certificate organization."
        ::= { alaAaaTlsSelfSignedCert 8 }

    alaAaaTlsSelfSignedCertCountry   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (2))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The country of certificate organization."
        ::= { alaAaaTlsSelfSignedCert 9 }

    alaAaaTlsSelfSignedCertAction   OBJECT-TYPE
        SYNTAX        INTEGER
                      {
                        create (1),
                        delete (2)
                      }
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Create/delete self-signed certificate stored in /flash/switch directory."
        ::= { alaAaaTlsSelfSignedCert 10 }

    alaAaaTlsCsr   OBJECT IDENTIFIER ::= { alaAaaTlsConfig 3 }

    alaAaaTlsCsrFileName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The domain name of csr file stored in /flash/switch directory."
        ::= { alaAaaTlsCsr 1 }

    alaAaaTlsCsrKeyFileName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Name of key file stored in /flash/switch directory."
        ::= { alaAaaTlsCsr 2 }

    alaAaaTlsCsrCommonName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..32))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The csr common name."
        ::= { alaAaaTlsCsr 3 }

    alaAaaTlsCsrOrgName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..32))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The csr organization name ."
        ::= { alaAaaTlsCsr 4 }

    alaAaaTlsCsrOrgUnit   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..32))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The csr organization unit."
        ::= { alaAaaTlsCsr 5 }

    alaAaaTlsCsrLocality   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..32))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Locality of the certificate organization."
        ::= { alaAaaTlsCsr 6 }

    alaAaaTlsCsrState   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..32))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The state of certificate organization."
        ::= { alaAaaTlsCsr 7 }

    alaAaaTlsCsrCountry   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (2))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The country of certificate organization."
        ::= { alaAaaTlsCsr 8 }

    alaAaaTlsValidate   OBJECT IDENTIFIER ::= { alaAaaTlsConfig 4 }

    alaAaaTlsValidateCa   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (1..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Name of the CA certificate (in PEM format) used to validate."
        ::= { alaAaaTlsValidate 1 }

    alaAaaTlsValidateCert   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (1..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Name of the certificate (in PEM format) needed to validate."
        ::= { alaAaaTlsValidate 2 }

    alaAaaTlsImportCertConfig   OBJECT IDENTIFIER ::= { alaAaaTlsConfig 5 }

    alaAaaTlsImportCertTable OBJECT-TYPE
        SYNTAX        SEQUENCE OF AlaAaaTlsImportCertEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "Import certificate table."
    ::= { alaAaaTlsImportCertConfig 1}

    alaAaaTlsImportCertEntry OBJECT-TYPE
        SYNTAX        AlaAaaTlsImportCertEntry
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION
            "Entry of this table"
        INDEX { alaAaaTlsImportCertApplication }
        ::= { alaAaaTlsImportCertTable 1 }

    AlaAaaTlsImportCertEntry ::= SEQUENCE
        {
           alaAaaTlsImportCertApplication   INTEGER,
           alaAaaTlsImportCertFileName      SnmpAdminString,
           alaAaaTlsImportCertKeyFileName   SnmpAdminString,
           alaAaaTlsImportCertPasswd        SnmpAdminString,
           alaAaaTlsImportCertIdentity      SnmpAdminString
        }

    alaAaaTlsImportCertApplication   OBJECT-TYPE
        SYNTAX        INTEGER {
                        radius (1),
                        syslog (2),
                        webview (3),
                        ldap (4),
                        snmpAgent (5),
                        switchSupplicant (6)
                      }
        MAX-ACCESS    not-accessible
        STATUS        current
        DESCRIPTION   "The import certificate application."
        ::= { alaAaaTlsImportCertEntry 1 }

    alaAaaTlsImportCertFileName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Name of the import certificate."
        ::= { alaAaaTlsImportCertEntry 2 }

    alaAaaTlsImportCertKeyFileName   OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "Name of the import certificate key file."
        ::= { alaAaaTlsImportCertEntry 3 }

    alaAaaTlsImportCertPasswd OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (1..255))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The import certificate password."
        ::= { alaAaaTlsImportCertEntry 4 }

    alaAaaTlsImportCertIdentity OBJECT-TYPE
        SYNTAX        SnmpAdminString (SIZE (0..32))
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION   "The import certificate identity username."
        ::= { alaAaaTlsImportCertEntry 5 }

--
-- END: AAA TLS CONFIG-RELATED MIB---------------------
--

-- Notification Objects
    alaAaaNotificationObj   OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 10 }

    alaAaaUserNotificationInfo   OBJECT-TYPE
        SYNTAX     SnmpAdminString (SIZE (1..255)) 
        MAX-ACCESS accessible-for-notify
        STATUS current 
        DESCRIPTION 
            "AAA User Information Notification."
        ::= { alaAaaNotificationObj 1 }

-- ******************************************************************
-- NOTIFICATIONS (TRAPS)
-- ******************************************************************
    alaAaaUserCreation NOTIFICATION-TYPE
           OBJECTS  {
                alaAaaUserNotificationInfo
           }
        STATUS   current
        DESCRIPTION
                "The trap shall be raised when a new user is added to the Network Device."
        ::= { alcatelIND1AAAMIBNotifications 1 }

    alaAaaUserDeletion NOTIFICATION-TYPE
           OBJECTS  {
                alaAaaUserNotificationInfo
           }
        STATUS   current
        DESCRIPTION
                "The trap shall be raised when a user is deleted from the Network Device."
        ::= { alcatelIND1AAAMIBNotifications 2 }

    alaAaaUserModification NOTIFICATION-TYPE
           OBJECTS  {
                alaAaaUserNotificationInfo
           }
        STATUS   current
        DESCRIPTION
                "The trap shall be raised when a user is modified on the Network Device."
        ::= { alcatelIND1AAAMIBNotifications 3 }

	radHCSendSvrUpTrap NOTIFICATION-TYPE
           OBJECTS  {
                aaasIpAddress,
                aaasIpAddress2
           }
        STATUS   current
        DESCRIPTION
                "The trap shall be raised when the Radius sever is Up."
        ::= { alcatelIND1AAAMIBNotifications 4 }
		
	radHCSendSvrDownTrap NOTIFICATION-TYPE
           OBJECTS  {
                aaasIpAddress,
                aaasIpAddress2
           }
        STATUS   current
        DESCRIPTION
                "The trap shall be raised when the Radius server is Down."
        ::= { alcatelIND1AAAMIBNotifications 5 }
		
    alaAaaJITCConfig   OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 11 }

    alaAaaJITCMode   OBJECT-TYPE
        SYNTAX      INTEGER {
                        enable(1),
                        disable(2)
                    }
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION 
            " Enable/Disable JITC mode."
        DEFVAL { disable }
        ::= { alaAaaJITCConfig 1 }

    alaAaaConsoleAccessConfig   OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 12 }

    alaAaaConsoleAccessAdminState   OBJECT-TYPE
        SYNTAX      INTEGER {
                       enable(1),
                       disable(2)
                   }
        MAX-ACCESS read-write
        STATUS current 
        DESCRIPTION 
            " Enable/Disable console access."
        DEFVAL { enable }
        ::= { alaAaaConsoleAccessConfig 1 }

    alaAaaSuperPasswordConfig   OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 13 }

    alaAaaSuperPassword   OBJECT-TYPE
        SYNTAX        SnmpAdminString ( SIZE( 0 .. 32 ) )
        MAX-ACCESS read-write
        STATUS current
        DESCRIPTION
            "Enable super password."
        ::= { alaAaaSuperPasswordConfig 1 }

    alaAaaSwitchSupplicantConfig   OBJECT IDENTIFIER ::= { alcatelIND1AAAMIBObjects 14 }

    alaAaaSwitchSupplicantPort   OBJECT-TYPE
        SYNTAX        InterfaceIndexOrZero
        MAX-ACCESS    read-write
        STATUS        current
        DESCRIPTION
            "The switch supplicant port."
        DEFVAL { 0 }
        ::= { alaAaaSwitchSupplicantConfig 1 }

--
-- Compliance Statements
--

    alcatelIND1AAAMIBCompliance MODULE-COMPLIANCE
        STATUS  current
        DESCRIPTION
            "Compliance statement for
             Authentication, Authorization, and Accounting (AAA) Subsystem."
        MODULE  -- this module

            MANDATORY-GROUPS
            {
                aaaServerMIBGroup,
                aaaAuthAcctGroup,
                aaaUserMIBGroup,
                alaAaaClientAttrGroup,
                alaAaaProfileObjectsGroup,
                aaaSwitchAccessMIBGroup,
                alaAaaCommonCriteriaGroup,
                alaAaaTlsBaseConfigGroup,
                alaAaaTlsSelfSignedCertGroup,
                alaAaaTlsCsrGroup,
                alaAaaNotificationGroup,
                alaAaaNotificationObjectGroup,
                alaAaaJITCGroup,
                aaaAuthServerStatsGroup,
                aaaAuthorServerStatsGroup,
                aaaAcctServerStatsGroup,
                aaaByodServerStatsGroup,
                aaaRadiusServerStatusGroup,
                alaAaaConsoleAccessGroup,
                alaAaaSuperPasswordGroup,
                alaAaaSwitchSupplicantGroup,
                alaAaaTlsImportCertGroup
            }

        ::= { alcatelIND1AAAMIBCompliances 1 }



--
-- Units Of Conformance
--

    aaaServerMIBGroup OBJECT-GROUP
        OBJECTS
        {
            aaasProtocol,           -- Server configuration table
            aaasHostName,
            aaasIpAddress,
            aaasHostName2,
            aaasIpAddress2,
            aaasRetries,
            aaasTimout,
            aaasRadKey,
            aaasRadAuthPort,
            aaasRadAcctPort,
            aaasLdapPort,
            aaasLdapDn,
            aaasLdapPasswd,
            aaasLdapSearchBase,
            aaasLdapServType,
            aaasLdapEnableSsl,
            aaasRowStatus,
            aaasTacacsKey,
            aaasTacacsPort,
            aaasVrfName,
            aaasRadKeyHash,
            aaasLdapPasswdHash,
            aaasTacacsKeyHash,
            aaaAsaAccessMode,
            aaaAsaAccessIpLockoutThreshold,
            aaaAsaAccessManagementIpStatus,
            aaaAsaAccessConsoleAdminOnly,
            aaasIpv6Address,
            aaasIpv6Address2,
            aaasRadEnableSsl,
            aaasClearStats,
            aaasRadHealthCheck,
            aaasRadPollingInterval,
            aaasRadUsername,
            aaasRadPassword,
            aaasRadFailover,
            aaasRadHealthKeyHash,
            aaasTacacsSalt,
            aaasTacacsSaltHash,
            aaasRadSalt,
            aaasRadSaltHash,
            aaasLdapSalt,
            aaasLdapSaltHash
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for management of AAA Server."
        ::= { alcatelIND1AAAMIBGroups 1 }


    aaaAuthAcctGroup OBJECT-GROUP
        OBJECTS
        {
            -- Authenticated switch access configuration table
            aaatsName1,
            aaatsName2,
            aaatsName3,
            aaatsName4,
            aaatsRowStatus,
            aaatsCertificate,
            aaatsExitOnFail,

            -- Accounting configuration table for switch accesses
            aaacsName1,
            aaacsName2,
            aaacsName3,
            aaacsName4,
            aaacsRowStatus,

            aaacmdSrvName1,
            aaacmdSrvName2,
            aaacmdSrvName3,
            aaacmdSrvName4,
            aaacmdRowStatus,

	    -- Device Authentication
            aaadaInterface,
            aaadaName1,
            aaadaName2,
            aaadaName3,
            aaadaName4,
            aaadaRowStatus,

            -- Configuration Device Accounting
             aaacdName1,
            aaacdName2,
            aaacdName3,
            aaacdName4,
            aaacdRowStatus,
            aaacdSyslogIPAddrType,      
            aaacdSyslogIPAddr,    
            aaacdSyslogUdpPort, 
	    aaacdCallngStationId,
          --   Auth Config 
            alaAaaOnexReAuthStatus,
            alaAaaOnexReAuthIntrvl,
            alaAaaOnexReAuthTrustRadStatus,
            alaAaaOnexIntrmIntrvl,
            alaAaaOnexIntmIntvlTrstRadSts,
            alaAaaMacIntrmIntrvl,
            alaAaaMacIntmIntvlTrstRadStatus,
            alaAaaMacSessTimeoutStatus,
            alaAaaMacSessTimeoutIntrvl,
            alaAaaMacSesTimeoutTrstRadStatus,
            alaAaaMacInActLogoutStatus,
            alaAaaMacInActLogoutIntrvl,
            alaAaaCpSessTimeoutStatus,
            alaAaaCpSessTimeoutIntrvl,
            alaAaaCpSessTmotTrstRadStatus,
            alaAaaCpIntrmIntrvl,
            alaAaaCpIntmIntvlTrstRadStatus,
            alaAaaCpInActLogoutStatus,
            alaAaaCpInActLogoutIntrvl,
	    alaAaaTacacsServerCmdAuthorization,
            alaAaaUbootAuthenticationPassword,
            alaAaaUbootAccess,
            alaAaaOnieAuthenticationPassword,
            alaAaaOnieAuthenticationStatus,
            alaAaaRadMsgAuthenticator
}
        STATUS  current
        DESCRIPTION
            "Collection of objects for management of AAA Authentication Accounting."
        ::= { alcatelIND1AAAMIBGroups 2 }


    aaaUserMIBGroup OBJECT-GROUP
        OBJECTS
        {
                -- User local database configuration table
                aaauPassword,
                aaauReadRight1,
                aaauReadRight2,
                aaauWriteRight1,
                aaauWriteRight2,
                aaauSnmpLevel,
                aaauSnmpAuthKey,
                aaauRowStatus,
                aaauOldPassword,
                aaauPasswordExpirationDate,
                aaauPasswordExpirationInMinute,
                aaauPasswordAllowModifyDate,
                aaauPasswordLockoutEnable ,
                aaauBadAtempts,
                aaauReadRight3,
                aaauReadRight4,
                aaauWriteRight3,
                aaauWriteRight4,
                aaaAsaPasswordSizeMin, -- ASA specific configuration MIB
                aaaAsaDefaultPasswordExpirationInDays,
                aaaAsaPasswordContainUserName,
                aaaAsaPasswordMinUpperCase,
                aaaAsaPasswordMinLowerCase,
                aaaAsaPasswordMinDigit,
                aaaAsaPasswordMinNonAlphan,
                aaaAsaPasswordHistory,
                aaaAsaPasswordMinAge,
                aaaAsaLockoutWindow,
                aaaAsaLockoutDuration,
                aaaAsaLockoutThreshold,
                aaaAsaAccessPolicyAdminConsoleOnly,
                aaauSnmpPrivPassword,
                aaauAllowConfigUser,
                aaauAllowSsh,
                aaaAsaPasswordContainConsecutiveCharacters,
                aaaAsaPasswordRefresh,
                aaauPasswordRefresh
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for management of AAA User Local Database."
        ::= { alcatelIND1AAAMIBGroups 3 }

alaAaaClientAttrGroup OBJECT-GROUP
    OBJECTS
    {
      alaAaaRadNasPortId,
      alaAaaRadNasIdentifier,
      alaAaaRadUserNameDelim,
      alaAaaRadPasswordDelim,
      alaAaaRadCallnStnIdDelim,
      alaAaaRadCalldStnIdDelim,
      alaAaaRadUserNameCase,
      alaAaaRadPasswordCase,
      alaAaaRadCallingStationIdCase,
      alaAaaRadCalledStationIdCase,
      alaAaaRadNasIpAddressMode,
      alaAaaRadNasIpAddressType,
      alaAaaRadNasIpAddress,
      alaAaaRadUnpProfilePrecedence
    }
    STATUS current 
    DESCRIPTION
      "Collection of object for AAA client attributes"
    ::= { alcatelIND1AAAMIBGroups 4 }

 alaAaaProfileObjectsGroup OBJECT-GROUP
 OBJECTS
{
    -- AAA Onex/MAC/Captive Portal Profile Table 
        alaAaaProfOnexReAuthSts,       
        alaAaaProfOnexReAuthIntrvl,
        alaAaaProfOnexReAuthTrstRadSts,
        alaAaaProfOnexIntrmIntrvl,         
        alaAaaProfOnexIntmItvlTstRadSts, 
        alaAaaProfMacIntrmIntrvl,
        alaAaaProfMacIntmItvlTrstRadSts,
        alaAaaProfMacSessTimeoutSts,
        alaAaaProfMacSessTimeoutIntrvl,
        alaAaaProfMacSessTmoutTrstRadSts, 
        alaAaaProfMacInActLogoutSts,    
        alaAaaProfMacInActLogoutIntrvl,
	    alaAaaProfCpSessTimeoutSts,
        alaAaaProfCpSessTimeoutIntrvl,
        alaAaaProfCpSessTmotTrstRadSts,
        alaAaaProfCpInActLogoutSts,
        alaAaaProfCpInActLogoutIntrvl,
        alaAaaProfCpIntrmIntrvl,
        alaAaaProfCpItrmIntlTrstRadSts,
        alaAaaProfRadNasPortId,     
        alaAaaProfRadNasIdentifier,
        alaAaaProfRadUserNameDelim, 
        alaAaaProfRadPasswrdDelim,
        alaAaaProfRadCallnStnIdDelim,
        alaAaaProfRadCalldStnIdDelim,
        alaAaaProfRadUserNameCase,            
        alaAaaProfRadPasswordCase, 
        alaAaaProfRadCallnStnIdCase, 
        alaAaaProfRadCalldStnIdCase, 
        alaAaaProfRowStatus,
        alaAaaProfRadNasIpAddressMode,
        alaAaaProfRadNasIpAddressType,
        alaAaaProfRadNasIpAddress,

        ---Profile based authenticated table objects for Onex/MAC/Captive Portal
        alaAaaProfAuthSrvName1,   
        alaAaaProfAuthSrvName2, 
        alaAaaProfAuthSrvName3,
        alaAaaProfAuthSrvName4, 
        alaAaaProfAuthRowStatus, 
        ---Profile based accounting  table objects for Onex/MAC/Captive Portal
        alaAaaProfAcctSrvName1, 
        alaAaaProfAcctSrvName2,    
        alaAaaProfAcctSrvName3,    
        alaAaaProfAcctSrvName4,   
        alaAaaProfAcctSyslogIPAddrType,  
        alaAaaProfAcctSyslogIPAddr,     
        alaAaaProfAcctSyslogUdpPort,   
	alaAaaProfAcctCalingStationId,
        alaAaaProfAcctRowStatus,
        ---User Profile save object
        alaAaaUserProfileSave
    }
    STATUS current 
    DESCRIPTION
      "Collection of AAA profile objects"
    ::= { alcatelIND1AAAMIBGroups 5 }

    aaaSwitchAccessMIBGroup OBJECT-GROUP
        OBJECTS
        {
           aaaSwitchAccessMgmtStationRowStatus,
           aaaSwitchAccessBannedIpRowStatus,
           aaaSwitchAccessReadRight1,
           aaaSwitchAccessReadRight2,
           aaaSwitchAccessReadRight3,
           aaaSwitchAccessReadRight4,
           aaaSwitchAccessWriteRight1,
           aaaSwitchAccessWriteRight2,
           aaaSwitchAccessWriteRight3,
           aaaSwitchAccessWriteRight4
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for management of AAA Switch Access."
        ::= { alcatelIND1AAAMIBGroups 6 }

    alaAaaCommonCriteriaGroup  OBJECT-GROUP
        OBJECTS
        {
           alaAaaCommonCriteriaMode
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for common criteria."
        ::= { alcatelIND1AAAMIBGroups 7 }

     alaAaaTlsBaseConfigGroup OBJECT-GROUP
        OBJECTS
        {
            alaAaaTlsCaFileName,
            alaAaaTlsCrlFileName,
            alaAaaTlsKeyFileName,
            alaAaaTlsSupplicantCertFileName,
            alaAaaTlsSupplicantKeyFileName,
            alaAaaTlsSupplicantKeyPasswd,
            alaAaaTlsSupplicantIdentityUsername,
            alaAaaTlsSupplicantCaCertFileName,
            alaAaaTlsConvertCertFileName,
            alaAaaTlsConvertCertKeyFileName,
            alaAaaTlsConvertCertFileFormat,
            alaAaaTlsConvertCertPassword,
            alaAaaTlsKeySize
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for management of AAA TLS base configuration."
        ::= { alcatelIND1AAAMIBGroups 8 }

     alaAaaTlsSelfSignedCertGroup OBJECT-GROUP
        OBJECTS
        {
            alaAaaTlsSelfSignedCertFileName,
            alaAaaTlsSelfSignedCertKeyFileName,
            alaAaaTlsSelfSignedCertValidPeriod,
            alaAaaTlsSelfSignedCertCommonName,
            alaAaaTlsSelfSignedCertOrgName,
            alaAaaTlsSelfSignedCertOrgUnit,
            alaAaaTlsSelfSignedCertLocality,
            alaAaaTlsSelfSignedCertState,
            alaAaaTlsSelfSignedCertCountry,
            alaAaaTlsSelfSignedCertAction
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for management of AAA TLS self-signed certificate."
        ::= { alcatelIND1AAAMIBGroups 9 }

     alaAaaTlsCsrGroup OBJECT-GROUP
        OBJECTS
        {
            alaAaaTlsCsrFileName,
            alaAaaTlsCsrKeyFileName,
            alaAaaTlsCsrCommonName,
            alaAaaTlsCsrOrgName,
            alaAaaTlsCsrOrgUnit,
            alaAaaTlsCsrLocality,
            alaAaaTlsCsrState,
            alaAaaTlsCsrCountry
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for management of AAA TLS CSR."
        ::= { alcatelIND1AAAMIBGroups 10 }

     alaAaaTlsValidateGroup OBJECT-GROUP
        OBJECTS
        {
            alaAaaTlsValidateCa,
            alaAaaTlsValidateCert
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for certificate validation."
        ::= { alcatelIND1AAAMIBGroups 11 }

     alaAaaNotificationObjectGroup OBJECT-GROUP
        OBJECTS
        {
                  alaAaaUserNotificationInfo
        }
        STATUS  current
        DESCRIPTION
        "Collection of trap objects for AAA."
        ::= { alcatelIND1AAAMIBGroups 12 }


     alaAaaNotificationGroup NOTIFICATION-GROUP
        NOTIFICATIONS
        {
                  alaAaaUserCreation,
                  alaAaaUserDeletion,
                  alaAaaUserModification,
                  radHCSendSvrUpTrap,
                  radHCSendSvrDownTrap
        }
        STATUS  current
        DESCRIPTION
        "Collection of notifications for AAA."
        ::= { alcatelIND1AAAMIBGroups 13 }

     alaAaaJITCGroup  OBJECT-GROUP
        OBJECTS
        {
           alaAaaJITCMode
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for JITC."
        ::= { alcatelIND1AAAMIBGroups 14 }

     aaaAuthServerStatsGroup OBJECT-GROUP
        OBJECTS
        {
           aaaAuthStatsAccessReq,
           aaaAuthStatsAccessRes,
           aaaAuthStatsAccessAccept,
           aaaAuthStatsAccessReject,
           aaaAuthStatsAccessChal,
           aaaAuthStatsTimedOutReq,
           aaaAuthStatsCountRtt,
           aaaAuthStatsSumRtt,
           aaaAuthStatsMinRtt,
           aaaAuthStatsMaxRtt,
           aaaAuthStatsAvgRtt,
           aaaAuthStatsLastRtt
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for AAA authentication server statistics."
        ::= { alcatelIND1AAAMIBGroups 15 }

     aaaAuthorServerStatsGroup OBJECT-GROUP
        OBJECTS
        {
           aaaAuthorStatsAccessReq,
           aaaAuthorStatsAccessRes,
           aaaAuthorStatsTimedOutReq,
           aaaAuthorStatsCountRtt,
           aaaAuthorStatsSumRtt,
           aaaAuthorStatsMinRtt,
           aaaAuthorStatsMaxRtt,
           aaaAuthorStatsAvgRtt,
           aaaAuthorStatsLastRtt
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for AAA authorization server statistics."
        ::= { alcatelIND1AAAMIBGroups 16 }

     aaaAcctServerStatsGroup OBJECT-GROUP
        OBJECTS
        {
           aaaAcctStatsAccessReq,
           aaaAcctStatsAccessRes,
           aaaAcctStatsTimedOutReq,
           aaaAcctStatsCountRtt,
           aaaAcctStatsSumRtt,
           aaaAcctStatsMinRtt,
           aaaAcctStatsMaxRtt,
           aaaAcctStatsAvgRtt,
           aaaAcctStatsLastRtt
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for AAA accounting server statistics."
        ::= { alcatelIND1AAAMIBGroups 17 }

     aaaByodServerStatsGroup OBJECT-GROUP
        OBJECTS
        {
           aaaByodStatsCoaReq,
           aaaByodStatsCoaAck,
           aaaByodStatsCoaNack,
           aaaByodStatsDmReq,
           aaaByodStatsDmAck,
           aaaByodStatsDmNack
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for BYOD server statistics."
        ::= { alcatelIND1AAAMIBGroups 18 }

     aaaRadiusServerStatusGroup OBJECT-GROUP
        OBJECTS
        {
           aaaPrimaryOperStatus,
           aaaPrimaryUptime,
           aaaPrimaryDowntime,
           aaaPrimaryDownToUpCnt,
           aaaBackupOperStatus,
           aaaBackupUptime,
           aaaBackupDowntime,
           aaaBackupDownToUpCnt
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for the radius server status."
        ::= { alcatelIND1AAAMIBGroups 19 }

     alaAaaConsoleAccessGroup  OBJECT-GROUP
        OBJECTS
        {
           alaAaaConsoleAccessAdminState
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for console access."
        ::= { alcatelIND1AAAMIBGroups 20 }

     alaAaaSuperPasswordGroup  OBJECT-GROUP
        OBJECTS
        {
           alaAaaSuperPassword
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for super password."
        ::= { alcatelIND1AAAMIBGroups 21 }

     alaAaaSwitchSupplicantGroup  OBJECT-GROUP
        OBJECTS
        {
           alaAaaSwitchSupplicantPort
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for switch supplicant."
        ::= { alcatelIND1AAAMIBGroups 22 }

     alaAaaTlsImportCertGroup  OBJECT-GROUP
        OBJECTS
        {
           alaAaaTlsImportCertFileName,
           alaAaaTlsImportCertKeyFileName,
           alaAaaTlsImportCertPasswd,
           alaAaaTlsImportCertIdentity
        }
        STATUS  current
        DESCRIPTION
            "Collection of objects for import certificate radius."
        ::= { alcatelIND1AAAMIBGroups 23 }

END
