01 10 Huawei Aaa Mib

S1720, S2700, S5700, and S6720 Series Ethernet
Switches
MIB Reference 10 HUAWEI-AAA-MIB
10 HUAWEI-AAA-MIB
About This Chapter
10.1 Functions Overview

10.2 Relationships Between Tables
10.3 Description of Single Objects
10.4 Description of MIB Tables
10.5 Description of Alarm Objects
10.6 Unsupported Objects
10.1 Functions Overview

The HUAWEI-AAA-MIB is used to configure and query information about
authentication, accounting, and authorization of users on the device.
Root directory:
iso(1).org(3).dod(6).internet(1).private(4).enterprises(1).huawei(2011).huaweiMg
mt(5).hwAaa(2)
10.2 Relationships Between Tables

None.
10.3 Description of Single Objects

None.
Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 253

Switches
10.4 Description of MIB Tables
10.4.1 hwAuthenSchemeTable
hwAuthenSchemeTable is an authentication scheme table. You can use this table
to add, delete, query, and modify configurations of authentication schemes. The
device provides a default authentication scheme default, which can be modified
but cannot be deleted.
The index of this table is hwAuthenSchemeName.
OID Object Syntax Maximu Description Stat

m us
Access
1.3.6.1.4.1.2011.5 hwAuthenSc Display read- This object curre

.2.1.1.1.1 hemeName String only indicates the nt
name of an
authentication
scheme.

Switches

m us
Access
1.3.6.1.4.1.2011.5 hwAuthenM Integer read- This object curre

.2.1.1.1.2 ethod create indicates the nt
authentication
method. The
values and
meanings are as
follows:
● 1 (local): local
authentication
(the default
value)
● 2 (no-auth):
non-
authentication
● 3 (radius):
RADIUS
authentication
● 4
(localRadius):
local
authentication
, and then
RADIUS
authentication
if the user
name used for
local
authentication
does not exist.
● 5
(radiusLocal):
RADIUS
authentication
, and then
local
authentication
if RADIUS
authentication
is unavailable.
● 6
(radiusNoauth
): RADIUS
authentication
, and then
non-
authentication

Switches

m us
Access
if RADIUS
authentication
is unavailable.
● 7 (tacacs):
HWTACACS
authentication
● 8
(tacacsLocal):
HWTACACS
authentication
, and then
local
authentication
if HWTACACS
authentication
is unavailable.
● 9
(localTacacs):
local
authentication
, and then
HWTACACS
authentication
if the user
name used for
local
authentication
does not exist.
● 10
(tacacsNoauth
): HWTACACS
authentication
, and then
non-
authentication
if HWTACACS
authentication
is unavailable.
● 11
(localNoauth):
local
authentication
, and then
non-
authentication
if the user
name used for

Switches

m us
Access
local
authentication
does not exist.
● 12
(radiusTacacs):
RADIUS
authentication
, and then
HWTACACS
authentication
if RADIUS
authentication
is unavailable.
● 13
(tacacsRadius)
: HWTACACS
authentication
, and then
RADIUS
authentication
if HWTACACS
authentication
is unavailable.
● 14
(localRadiusN
oauth): local
authentication
, and then
RADIUS
authentication
if the user
name used for
local
authentication
does not exist,
and then non-
authentication
if RADIUS
authentication
is unavailable.
● 15
(localTacacsN
oauth): local
authentication
, and then
HWTACACS
authentication

Switches

m us
Access
if the user
name used for
local
authentication
does not exist,
and then non-
authentication
if HWTACACS
authentication
is unavailable.
● 16
(radiusLocalN
oauth):
RADIUS
authentication
, and then
local
authentication
if RADIUS
authentication
is unavailable,
and then non-
authentication
if the user
name used for
local
authentication
does not exist.
● 17
(radiusTacacs
Noauth):
RADIUS
authentication
, and then
HWTACACS
authentication
if RADIUS
authentication
is unavailable,
and then non-
authentication
if HWTACACS
authentication
is unavailable.
● 18
(tacacsLocalN
oauth):

Switches

m us
Access
HWTACACS
authentication
, and then
local
authentication
if HWTACACS
authentication
is unavailable,
and then non-
authentication
if the user
name used for
local
authentication
does not exist.
● 19
(tacacsRadius
Noauth):
HWTACACS
authentication
, and then
RADIUS
authentication
if HWTACACS
authentication
is unavailable,
and then non-
authentication
if RADIUS
authentication
is unavailable.
● 20
(localRadiusTa
cacs): local
authentication
, and then
RADIUS
authentication
if the user
name used for
local
authentication
does not exist,
and then
HWTACACS
authentication
if RADIUS

Switches

m us
Access
authentication
is unavailable.
● 21
(radiusLocalTa
cacs): RADIUS
authentication
, and then
local
authentication
if RADIUS
authentication
is unavailable,
and then
HWTACACS
authentication
if the user
name used for
local
authentication
does not exist.
● 22
(localTacacsRa
dius): local
authentication
, and then
HWTACACS
authentication
if the user
name used for
local
authentication
does not exist,
and then
RADIUS
authentication
if HWTACACS
authentication
is unavailable.
● 23
(radiusTacacsL
ocal): RADIUS
authentication
, and then
HWTACACS
authentication
if RADIUS
authentication

Switches

m us
Access
is unavailable,
and then local
authentication
if HWTACACS
authentication
is unavailable.
● 24
(tacacsLocalRa
dius):
HWTACACS
authentication
, and then
local
authentication
if HWTACACS
authentication
is unavailable,
and then
RADIUS
authentication
if the user
name used for
local
authentication
does not exist.
● 25
(tacacsRadiusL
ocal):
HWTACACS
authentication
, and then
RADIUS
authentication
if HWTACACS
authentication
is unavailable,
and then local
authentication
if RADIUS
authentication
is unavailable.
● 26
(localRadiusTa
cacsNoauth):
local
authentication
, and then

Switches

m us
Access
RADIUS
authentication
if the user
name used for
local
authentication
does not exist,
and then
HWTACACS
authentication
if RADIUS
authentication
is unavailable,
and then non-
authentication
if HWTACACS
authentication
is unavailable.
● 27
(localTacacsRa
diusNoauth):
local
authentication
, and then
HWTACACS
authentication
if the user
name used for
local
authentication
does not exist,
and then
RADIUS
authentication
if HWTACACS
authentication
is unavailable,
and then no
authentication
if RADIUS
authentication
is unavailable.
● 28
(radiusLocalTa
cacsNoauth):
RADIUS
authentication

Switches

m us
Access
, and then
local
authentication
if RADIUS
authentication
is unavailable,
and then
HWTACACS
authentication
if the user
name used for
local
authentication
is unavailable,
and then non-
authentication
if HWTACACS
authentication
is unavailable.
● 29
(radiusTacacsL
ocalNoauth):
RADIUS
authentication
, and then
HWTACACS
authentication
if RADIUS
authentication
is unavailable,
and then local
authentication
if HWTACACS
authentication
is unavailable,
and then no
authentication
if the user
name used for
local
authentication
does not exist.
● 30
(tacacsLocalRa
diusNoauth):
HWTACACS
authentication

Switches

m us
Access
, and then
local
authentication
if HWTACACS
authentication
is unavailable,
and then
RADIUS
authentication
if the user
name used for
local
authentication
is unavailable,
and then no
authentication
if RADIUS
authentication
is unavailable.
● 31
(tacacsRadiusL
ocalNoauth):
HWTACACS
authentication
, and then
RADIUS
authentication
if HWTACACS
authentication
is unavailable,
and then local
authentication
if RADIUS
authentication
is unavailable,
and then no
authentication
if the user
name used for
local
authentication
does not exist.
1.3.6.1.4.1.2011.5 hwAuthenR RowSta read- This object curre

.2.1.1.1.3 owStatus tus create indicates the row nt
status.

Switches
Creation Restriction
None
Modification Restriction
None
Deletion Restriction
When an authentication scheme is being used by a domain, you cannot delete the
authentication scheme.
To delete the authentication scheme, unbind it from the domain first.
Access Restriction
None
10.4.2 hwAcctSchemeTable
The hwAcctSchemeTable is an accounting scheme table. You can use this table to
configure basic attributes of an accounting scheme. The device provides a default
accounting scheme default. You can modify the default accounting scheme but
cannot delete it.
The indexes of this table are hwAcctSchemeName.
OID Object Syntax Maximu Description Status

m
Access
1.3.6.1.4.1.20 hwAcctSc DisplayStrin read- This object curren

11.5.2.1.2.1.1 hemeNa g only indicates the t
me name of an
accounting
scheme.

Switches

m
Access
1.3.6.1.4.1.20 hwAccM Integer read- This object curren

11.5.2.1.2.1.2 ethod create indicates the t
accounting
method. The
values and
meanings are as
follows:
● 2 (noacct): no
accounting
● 3 (radius):
RADIUS
accounting
● 5 (hwtacacs):
TACACS
accounting
1.3.6.1.4.1.20 hwAcctSt Integer read- This object curren

11.5.2.1.2.1.3 artFail create indicates the t
policy for
accounting start
failures. The
values and
meanings are as
follows:
● 1 (none):
ignoring the
failure, and
users are still
online.
● 2 (offline):
forcing the
user offline

Switches

m
Access
1.3.6.1.4.1.20 hwAcctO Integer read- This object curren

11.5.2.1.2.1.4 nlineFail create indicates the t
policy for other
abnormalities
after a user gets
online. The values
and meanings are
as follows:
● 1 (none):
ignoring the
failure, and
users are still
online.
● 2 (offline):
forcing the
user offline
1.3.6.1.4.1.20 hwAccRe Integer32 read- This object curren

11.5.2.1.2.1.5 alTimeInt create indicates the t
er interval for real-
time accounting.
The value ranges
from 0 to 65535,
in minutes. 0
indicates no real-
time accounting.
1.3.6.1.4.1.20 hwAcctR RowStatus read- This object curren

11.5.2.1.2.1.6 owStatus create indicates the row t
status, which can
be added or
deleted.
None.
The hwAcctRowStatus object can be created or deleted but cannot be modified.
When an accounting scheme is being used by a domain, you cannot delete the
accounting scheme.
To delete the accounting scheme, unbind it from the domain first.

Switches
Access Restriction
None.
10.4.3 hwAcctSchemeExtTable
The hwAcctSchemeExtTable is an extended accounting scheme table. You can use

this table to configure extended attributes of an accounting scheme.
The index of this table is hwAcctSchemeName.
OID Object Syntax Maxim Description Stat

um us
Access
1.3.6.1.4.1.2011.5. hwIfRealtim TruthVa read- This object curre

2.1.19.1.1 eAcct lue write indicates nt
whether real-
time accounting
is required. The
values and
meanings are as
follows:
● 1: performing
real-time
accounting
● 2: no real-
time
accounting
1.3.6.1.4.1.2011.5. hwRealtimeF Integer( read- This object curre

2.1.19.1.2 ailMaxnum 32) write indicates the nt
maximum
number of real-
time accounting
failures. The
value ranges
from 1 to 255
The default
value is 3.
None.
If you use the hwIfRealtimeAcct object to disable real-time accounting, the value
of hwAcctRealTimeInter in the hwAcctSchemeTable is invalid.

Switches
When an accounting scheme is being used by a domain, you cannot delete the
accounting scheme.
To delete the accounting scheme, unbind it from the domain first.
Access Restriction
None.
10.4.4 hwAAAOfflineRecordTable
hwAAAOfflineRecordTable records information about offline AAA users.
OID Object Syntax Maximum Descriptio Status

Access n
1.3.6.1.4.1. hwAAAOffl Integer32 read-only Indicates current

2011.5.2.1. ineIndex the
52.1.1 sequence
in which a
user who
goes
offline.
1.3.6.1.4.1. hwOfflineR DisplayStri read-only This object current

2011.5.2.1. ecordUser ng indicates
52.1.2 Name the name
of the
offline user.
The value
is a string
of 1 to 253
characters.

2011.5.2.1. ecordDoma ng indicates a
52.1.3 inName domain
name. The
value is a
string of 1
to 64
characters.
1.3.6.1.4.1. hwOfflineR MacAddres read-only This object current

2011.5.2.1. ecordUser s indicates
52.1.4 MAC the MAC
address of
the offline
user.

Switches

Access n

2011.5.2.1. ecordAcces ng indicates
52.1.5 sType the access
type of the
offline user.
The value
is a string
of 1 to 64
characters.

2011.5.2.1. ecordInterf ng indicates
52.1.6 ace the
interface
on which
the user
goes
offline. The
value is a
string of 1
to 63
characters.
1.3.6.1.4.1. hwOfflineR Integer32 read-only This object current

2011.5.2.1. ecordAcces indicates
52.1.7 sPeVlan informatio
n about
the outer
VLAN of
the offline
user.

2011.5.2.1. ecordAcces indicates
52.1.8 sCeVlan informatio
n about
the inner
VLAN of
the offline
user
1.3.6.1.4.1. hwOfflineR IpAddress read-only This object current

2011.5.2.1. ecordIPAdd indicates
52.1.9 ress the IP
address of
the offline
user.

Switches

Access n

2011.5.2.1. ecordUserI indicates
52.1.10 D the ID of
the offline
user.
1.3.6.1.4.1. hwOfflineR DateAndTi read-only This object current

2011.5.2.1. ecordUserL me indicates
52.1.11 oginTime the time
when the
user goes
online.
1.3.6.1.4.1. hwOfflineR DateAndTi read-only This object current

2011.5.2.1. ecordUserL me indicates
52.1.12 ogoutTime the time
when the
user goes
offline.

2011.5.2.1. ecordOfflin ng indicates
52.1.13 eReason the reason
why the
user goes
offline.
No entry can be created in this table.
The entries in this table cannot be modified.
The entries in this table cannot be deleted.
Access Restriction
None
10.4.5 hwAAASetting
hwAAASetting is a global configuration table that sets the domain name delimiter,
delimiter between the domain name and security code, parsing direction of the
domain name, and location of the domain name.

Switches
NOTE
The table does not support multi-node combination settings.
OID Object Syntax Maximu Description Access

Name m
Access
1.3.6.1.4.1.20 hwDomai INTEGER read- This object This

11.5.2.1.13.1. nNameP write indicates the object
7 arseDirec parsing direction is
tion of a domain imple
name. A domain mente
name can be d as
parsed from the define
left to right or d in
from the right to the
left. corres
pondi
ng
MIB
files.
1.3.6.1.4.1.20 hwDomai Integer read- This object This

11.5.2.1.13.1. nNameL write indicates the object
8 ocation location of a is
domain name. A imple
domain name mente
can be placed d as
behind or before define
the domain name d in
delimiter. the
● 0: before the corres
domain name pondi
delimiter. ng
MIB
● 1: behind the files.
domain name
delimiter.
1.3.6.1.4.1.20 hwDomai DisplayStrin read- This object This

11.5.2.1.13.1. nNameD g write indicates a object
35 elimiter domain name is
delimiter. The imple
value can be one mente
of the following: d as
\/:<>|@'% define
d in
the
corres
pondi
ng
MIB
files.

Switches

Name m
Access
1.3.6.1.4.1.20 hwDomai DisplayStrin read- This object This

11.5.2.1.13.1. nNameS g write indicates a object
36 ecurityDe delimiter is
limiter between the imple
domain name mente
and security d as
code. The value define
can be one of the d in
following: \ / : < > the
|@'% corres
pondi
ng
MIB
files.
1.3.6.1.4.1.20 hwGlobal INTEGER read- This object This

11.5.2.1.13.1. AuthEven write indicates that object
37 tAuthFail whether the is
Response device returns an imple
Fail authentication mente
failure packet if a d as
user fails in define
authentication. d in
● 1: enable (1): the
The device corres
returns pondi
authentication ng
failure MIB
packets. files.
● 2: disable (2):
The device
returns
authentication
success
packets.

Switches

Name m
Access
1.3.6.1.4.1.20 hwGlobal Integer32 read- This object This

11.5.2.1.13.1. AuthEven write indicates that a object
38 tAuthFail user failing in is
Vlan authentication is imple
added to the mente
corresponding d as
VLAN. define
d in
the
corres
pondi
ng
MIB
files.
1.3.6.1.4.1.20 hwGlobal INTEGER read- This object This

11.5.2.1.13.1. AuthEven write indicates that object
39 tAuthenS whether the is
erverDow device returns imple
nRespons authentication mente
eFail failure packets d as
when the define
authentication d in
server does not the
respond. corres
● 1: enable (1): pondi
The device ng
returns MIB
authentication files.
failure
packets.
● 2: disable (2):
The device
returns
authentication
success
packets.

Switches

Name m
Access

11.5.2.1.13.1. AuthEven write indicates that the object
40 tAuthenS device adds a is
erverDow user to the imple
nVlan corresponding mente
VLAN if the d as
authentication define
server does not d in
respond. the
corres
pondi
ng
MIB
files.

41 tClientNo device adds a is
Response user to the imple
Vlan corresponding mente
VLAN if the client d as
does not respond. define
d in
the
corres
pondi
ng
MIB
files.

42 tPreAuth device adds a is
Vlan user to the imple
corresponding mente
VLAN before the d as
client is define
authenticated. d in
the
corres
pondi
ng
MIB
files.

Switches

Name m
Access
1.3.6.1.4.1.20 hwGlobal OCTET read- This object This

11.5.2.1.13.1. AuthEven STRING write indicates that a object
43 tAuthFail user failing in is
UserGrou authentication is imple
p added to a user mente
group. d as
NOTE define
This object is d in
supported only in the
the NAC common corres
mode.
pondi
ng
MIB
files.

11.5.2.1.13.1. AuthEven STRING write indicates that the object
44 tAuthenS device adds a is
erverDow user to a user imple
nUserGro group if the mente
up authentication d as
server does not define
respond. d in
NOTE the
This object is corres
supported only in pondi
the NAC common ng
mode.
MIB
files.

45 tClientNo device adds a is
Response user to a user imple
UserGrou group if the client mente
p does not respond. d as
NOTE define
This object is d in
supported only in the
the NAC common corres
mode.
pondi
ng
MIB
files.

Switches

Name m
Access

46 tPreAuth device adds a is
UserGrou client to a user imple
p group before the mente
client is d as
authenticated. define
NOTE d in
This object is the
supported only in corres
the NAC common pondi
mode.
ng
MIB
files.
1.3.6.1.4.1.20 hwAutho INTEGER read- This object This

11.5.2.1.13.1. rModify write indicates the object
47 Mode validation mode is
of user imple
authorization mente
information d as
delivered by the define
authorization d in
server. the
● 1: overlay(0) corres
mode. In this pondi
mode, newly ng
delivered MIB
authorization files.
information
overwrites the
original
authorization
information of
the same type.
● 2: modify(1)
mode. In this
mode, newly
delivered
authorization
information
overwrites all
the original
authorization
information.

Switches

Name m
Access
1.3.6.1.4.1.20 hwLocalR Integer32 read- This object This

11.5.2.1.13.1. etryInter write indicates the object
48 val authentication is
retry interval of a imple
local account. mente
d as
define
d in
the
corres
pondi
ng
MIB
files.
1.3.6.1.4.1.20 hwLocalR Integer32 read- This object This

11.5.2.1.13.1. etryTime write indicates the object
49 maximum is
number of imple
unsuccessful mente
password d as
attempts of a define
local user. d in
the
corres
pondi
ng
MIB
files.
1.3.6.1.4.1.20 hwLocalB Integer32 read- This object This

11.5.2.1.13.1. lockTime write indicates the object
50 locking time of a is
local account. imple
mente
d as
define
d in
the
corres
pondi
ng
MIB
files.

Switches

Name m
Access
1.3.6.1.4.1.20 hwRemot Integer32 read- This object This

11.5.2.1.13.1. eRetryInt write indicates the object
51 erval authentication is
retry interval imple
after a remote mente
AAA d as
authentication define
failure. d in
the
corres
pondi
ng
MIB
files.

11.5.2.1.13.1. eRetryTi write indicates the object
52 me maximum is
number of imple
consecutive mente
authentication d as
failures. define
d in
the
corres
pondi
ng
MIB
files.

11.5.2.1.13.1. eBlockTi write indicates the object
53 me locking time of a is
remote AAA imple
account. mente
d as
define
d in
the
corres
pondi
ng
MIB
files.

Switches

Name m
Access
1.3.6.1.4.1.20 hwBlock INTEGER read- Whether locking This

11.5.2.1.13.1. Disable write of an account is object
54 disabled. is
● 1: localuser(0). imple
Locking of a mente
local account d as
is disabled. define
d in
● 2: the
remoteuser(1). corres
Locking of a pondi
remote ng
account is MIB
disabled. files.
● 3:
localremoteus
er(2). Locking
of local and
remote
accounts is
disabled.
1.3.6.1.4.1.20 hwTotalA Unsigned32 read- This object This

11.5.2.1.13.1. uthReqN write indicates the object
55 umPortal number of Portal is
authentication imple
users. mente
d as
define
d in
the
corres
pondi
ng
MIB
files.

Switches

Name m
Access

56 umMac number of MAC is
address imple
authentication mente
users. d as
define
d in
the
corres
pondi
ng
MIB
files.

57 umDot1x number of 802.1X is
authentication imple
users. mente
d as
define
d in
the
corres
pondi
ng
MIB
files.
This hwDomainNameDelimiter must be different from the
hwDomainNameSecurityDelimiter.
This hwDomainNameDelimiter must be different from the
hwDomainNameSecurityDelimiter.
None
Access Restriction
None

Switches
10.4.6 hwAAAState
This table displays the number of online users on a device.
OID Object Syntax Max Description Status

Name Access
1.3.6.1.4.1.20 hwTotal Unsigned32 read- This object curren

11.5.2.1.14.1. WlsOnlin only indicates the t
32 eNum total number of
online wireless
users.
1.3.6.1.4.1.20 hwTotal Unsigned32 read- This object curren

11.5.2.1.14.1. WrdOnlin only indicates the t
33 eNum total number of
online wired
users.
Access Restriction
The entries in this table can be read with restriction.
10.4.7 hwDomainTable
The hwDomainTable is a domain information table. You can use this table to
configure basic attributes of a domain. The device provides two default domains,
namely, default and default_admin. The default domains can be modified but
cannot be deleted.
The index of this table is hwDomainName.

Switches

um us
Access
1.3.6.1.4.1.2011.5 hwDomainN DisplayS read- This object curre

.2.1.4.1.1 ame tring only indicates the nt
domain name.
The value is a
string of 1 to 64
characters. No
asterisk (*),
question mark
(?) and
quotation mark
(") are
contained. The
character string
is case
insensitive.
1.3.6.1.4.1.2011.5 hwDomainA DisplayS read- This object curre

.2.1.4.1.2 uthenSchem tring create indicates the nt
eName name of the
authentication
scheme used by
the domain. The
value is a string
of 1 to 32
characters. The
default
authentication
scheme of
domains is
default.
1.3.6.1.4.1.2011.5 hwDomainA DisplayS read- This object curre

.2.1.4.1.3 cctSchemeN tring create indicates the nt
ame name of the
accounting
scheme used by
the domain. The
value is a string
of 1 to 32
characters. The
default
accounting
scheme of
domains is
default.

Switches

um us
Access
1.3.6.1.4.1.2011.5 hwDomainR DisplayS read- This object curre

.2.1.4.1.4 adiusGroup tring create indicates the nt
Name name of the
RADIUS server
group used by
the domain. The
value is a string
of 1 to 32
characters. The
RADIUS group
must already
exist.
1.3.6.1.4.1.2011.5 hwDomainR RowStat read- This object curre

.2.1.4.1.11 owStatus us create indicates the nt
row status,
which can be
created or
deleted.
1.3.6.1.4.1.2011.5 hwDomainS DisplayS read- This object curre

.2.1.4.1.13 erviceSchem tring create indicates the nt
eName name of the
service scheme
used by the
domain. The
value is a string
of 1 to 32
characters. The
service scheme
must already
exist.
1.3.6.1.4.1.2011.5 hwDomainF DisplayS read- Indicates the curre

.2.1.4.1.16 orcePushUrl tring create forcibly pushed nt
URL in domain.
1.3.6.1.4.1.2011.5 hwDomainF DisplayS read- Indicates the curre

.2.1.4.1.17 orcePushUrl tring create name of the nt
Template forcibly pushed
URL template in
domain.

Switches

um us
Access
1.3.6.1.4.1.2011.5 hwStateBloc DisplayS read- Indicates the curre

.2.1.4.1.18 kFirstTimeR tring create first blocking nt
angeName time segment in
domain.
NOTE
● If the value
of
hwStateBlock
FirstTimeRan
geName is --,
the
hwStateBlock
FirstTimeRan
geName,
hwStateBlock
SecondTimeR
angeName,
hwStateBlock
ThirdTimeRan
geName, and
hwStateBlock
ForthTimeRa
ngeName
objects are
deleted.
● If the value
of
hwStateBlock
FirstTimeRan
geName is
not --, the
values of
following
three objects
cannot be --.

.2.1.4.1.19 kSecondTim tring create second blocking nt
eRangeNam time segment in
e domain.
NOTE
To configure this
object, configure
the
hwStateBlockFirs
tTimeRangeNam
e object first.

Switches

um us
Access

.2.1.4.1.20 kThirdTimeR tring create third blocking nt
domain.
NOTE
To configure this
object, configure
the
hwStateBlockFirs
tTimeRangeNam
e and
hwStateBlockSec
ondTimeRangeN
ame objects first.

.2.1.4.1.21 kForthTimeR tring create fourth blocking nt
domain.
NOTE
To configure this
object, configure
the
hwStateBlockFirs
tTimeRangeNam
e,
hwStateBlockSec
ondTimeRangeN
ame, and
hwStateBlockThi
rdTimeRangeNa
me objects first.
None.
The modification restrictions are as follows:
● The authentication scheme specified for a domain must exist; otherwise, the
configuration fails.
● The accounting scheme specified for a domain must exist; otherwise, the
● The RADIUS server group specified for level-1 authentication and accounting
in a domain must exist; otherwise, the configuration fails.
● The service scheme specified for a domain must exist; otherwise, the

Switches
A domain cannot be deleted in the following situations:
● The domain contains users.
● The domain is a default domain.
Access Restriction
None.
10.4.8 hwDomainExtTable
hwDomainExtTable configures extended attributes of a domain, including the
domain status and the HWTACACS server template and authorization template
bound to the domain.
The index of this table is hwDomainName.

um us
Access
1.3.6.1.4.1.201 hwIfDomai TruthValu read- This object curre

1.5.2.1.5.1.2 nActive e write indicates the nt
status of a
domain. The
values are as
follows:
● 1: active
(default)
● 2: blocked
NOTE
If a domain is
blocked, all the
offline users in the
domain cannot go
online. The online
users, however,
can still keep
online.
1.3.6.1.4.1.201 hwTacGrou DisplayStr read- This object curre

1.5.2.1.5.1.26 pName ing create indicates the nt
name of the
TACACS server
group used by the
domain.
1.3.6.1.4.1.201 hwDomain DisplayStr read- This object curre

1.5.2.1.5.1.29 AuthorSch ing create indicates the nt
emeName authorization
template bound
to the domain.

Switches
None.
The modification restrictions are as follows:
● The authorization scheme specified for the domain must exist; otherwise, the
● The TACACS server group specified for the domain must exist; otherwise, the
A domain cannot be deleted in the following situations:
● The domain contains users.
● The domain is a default domain.
Access Restriction
None.
10.4.9 hwAuthorSchemeTable
hwAuthorSchemeTable is an authorization scheme table. You can use this table to
create an authorization scheme. The device provides a default authorization
scheme default. The default authorization scheme can be modified but cannot be
deleted.
The index of this table is hwAuthorSchemeName.

Switches

um us
Access
1.3.6.1.4.1.201 hwAuthor Display read- This object indicates curr

1.5.2.1.8.1.1 SchemeNa String only the name of an ent
me authorization scheme.
The value is a string of
1 to 32 characters.
The value of this
object is case
insensitive and must
comply with the
naming rule defined in
the Windows system.
That is, the value
cannot contain the
following characters:
\/:*?"<>

Switches

um us
Access
1.3.6.1.4.1.201 hwAuthor Integer read- This object indicates curr

1.5.2.1.8.1.2 Method create the authorization ent
method. The value is
an integer. The values
are as follows:
● 1: none(1): direct
authorization
● 2: local(2): local
authorization (the
default value)
● 3: hwtacacs(3):
HWTACACS
authorization
● 4: if-
authenticated(4):
if-authenticated
authorization. If the
user passes
authentication and
the authentication
mode is not none,
the user is
authorized;
otherwise, the user
cannot be
authorized.
● 5: hwtacacs-
none(5):
HWTACACS
authorization, and
then direct
authorization if
HWTACACS
authorization fails.
● 6: hwtacacs-
local(6):
HWTACACS
authorization, and
then local
authorization if
HWTACACS
● 7: hwtacacs-
ifauthenticated(7):
HWTACACS
authorization, and

Switches

um us
Access
then if-
authenticated
authorization if
HWTACACS
● 8: localnone(8):
local authorization,
and then direct
authorization if the
user name used for
local authorization
does not exist.
● 9: localhwtacacs(9):
and then
HWTACACS
user name used for
local authorization
does not exist.
● 10: localifauthenti-
cated(10): local
authorization, and
then if-
authenticated
user name used for
local authorization
does not exist.
● 11: ifauthenticated-
none(11): if-
authenticated
authorization, and
then direct
authorization if if-
authenticated
local(12): if-
authenticated
authorization, and
then local
authenticated
● 13:
ifauthenticatedhw-

Switches

um us
Access
tacacs(13): if-
authenticated
authorization, and
then HWTACACS
authenticated
● 14:
localhwtacacsnone(
14): local
authorization, and
then HWTACACS
user name used for
local authorization
does not exist, and
then direct
authorization if
HWTACACS
catednone(15):
and then if-
authenticated
user name used for
local authorization
does not exist, and
then direct
authenticated
● 16:
hwtacacslocalnone(
16): HWTACACS
authorization, and
then local
authorization if
HWTACACS
authorization fails,
and then direct
user name used for
local authorization
does not exist.

Switches

um us
Access
● 17:
hwtacacsifauthenti-
catednone(17):
HWTACACS
authorization, and
then if-
authenticated
authorization if
HWTACACS
and then direct
authenticated
localnone(18): if-
authenticated
authorization, and
then local
authenticated
and then direct
user name used for
local authorization
does not exist.
● 19:
ifauthenticatedhw-
tacacsnone(19): if-
authenticated
authorization, and
then HWTACACS
authenticated
and then direct
authorization if
HWTACACS
● 20:
localhwtacacsifau-
thenticated(20):
and then
HWTACACS

Switches

um us
Access
user name used for

local authorization
does not exist, and
then if-
authenticated
authorization if
HWTACACS
catedhwtacacs(21):
and then if-
authenticated
user name used for
local authorization
does not exist, and
then HWTACACS
authenticated
● 22:
hwtacaslocalifau-
thenticated(22):
HWTACACS
authorization, and
then local
authorization if
HWTACACS
and then if-
authenticated
user name used for
local authorization
does not exist.
● 23:
hwtacacsifauthenti-
catedlocal(23):
HWTACACS
authorization, and
then if-
authenticated
authorization if
HWTACACS
and then local

Switches

um us
Access
authenticated
localhwtacacs(24):
if-authenticated
authorization, and
then local
authenticated
and then
HWTACACS
user name used for
local authorization
does not exist.
● 25:
ifauthenticatedhw-
tacacslocal(25): if-
authenticated
authorization, and
then HWTACACS
authenticated
and then local
authorization if
HWTACACS
● 26:
localhwtacacsifau-
thenticatednone(26
): local
authorization, and
then HWTACACS
user name used for
local authorization
does not exist, and
then if-
authenticated
authorization if
HWTACACS
and then direct

Switches

um us
Access
authenticated
catedhwtacacsnon
e(27): local
authorization, and
then if-
authenticated
user name used for
local authorization
does not exist, and
then HWTACACS
authenticated
and then direct
authorization if
HWTACACS
● 28:
hwtacaslocalifau-
thenticatednone(28
): HWTACACS
authorization, and
then local
authorization if
HWTACACS
and then if-
authenticated
user name used for
local authorization
does not exist, and
then direct
authenticated
● 29:
hwtacacsifauthenti-
catedlocalnone(29):
HWTACACS
authorization, and
then if-
authenticated
authorization if

Switches

um us
Access
HWTACACS
and then local
authenticated
and then direct
user name used for
local authorization
does not exist.
localhwtacacsnone(
30): if-
authenticated
authorization, and
then local
authenticated
and then
HWTACACS
user name used for
local authorization
does not exist, and
then direct
authorization if
HWTACACS
● 31:
ifauthenticatedhw-
tacacslocalnone(31)
: if-authenticated
authorization, and
then HWTACACS
authenticated
and then local
authorization if
HWTACACS
and then direct
user name used for
local authorization
does not exist.

Switches

um us
Access
1.3.6.1.4.1.201 hwAuthor RowSta read- This object indicates curr

1.5.2.1.8.1.3 RowStatus tus create the row status, which ent
can be added or
deleted.
None
None
An object cannot be deleted when it is referenced by a domain that is being used.
Access Restriction
None
10.4.10 hwLocalUserTable
The hwLocalUserTable is used to create, configure, and delete local users.
The index of this table is hwLocalUserName.

m Access us
1.3.6.1.4.1.20 hwLocalU Display read-only This object indicates curre

11.5.2.1.10.1. serName String the name of a local nt
1 user. The value is a
string of 1 to 64
characters.

Switches

m Access us
1.3.6.1.4.1.20 hwLocalU OCTET read- This object indicates Only

11.5.2.1.10.1. serPassw STRING create the password of a the
2 ord local user. Get
oper
ation
is
supp
orte
d,
but
Set
oper
ation
is
not
supp
orte
d.
The
retur
n
valu
e of
Get
oper
ation
is
******
.

Switches

m Access us
1.3.6.1.4.1.20 hwLocalU Unsign read- This object indicates curre

11.5.2.1.10.1. serAccess ed32 create the access type of a nt
3 Type local user. The values
and meanings are as
follows:
This object indicates
the access type
allowed by a local
user. The values and
meanings are as
follows:
● 0x00000040: The
user type is Telnet.
The user is usually
a network
administrator.
● 0x00000080: The
user type is
terminal.
● 0x00000200: The
user type is SSH.
● 0x00000001: The
user type is PPP.
● 0x00000002: The
user type is WEB.
● 0x00000100: The
user type is FTP.
● 0x00000400: The
user type is X25-
PAD.
● 0x00000020: The
user type is 802.1X.
● 0x00000800: The
user type is HTTP,
which is usually
used for web
system login.
● 0x00002000: The
user type is API.

Switches

m Access us
1.3.6.1.4.1.20 hwLocalU Integer read- This object indicates curre

11.5.2.1.10.1. serPriority 32 create the priority of a local nt
4 user. The value is an
integer ranging from 0
to 16. The values 0 to
15 indicate the
specific user priority;
the value 16 indicates
that the user priority
is determined by other
modules.
1.3.6.1.4.1.20 hwftpDirc Display read- This object indicates curre

11.5.2.1.10.1. tion String create the FTP directory. The nt
5 value is a string of 1
to 64 characters. This
object is valid only
FTP users.
1.3.6.1.4.1.20 hwLocalU RowSta read- This object indicates curre

11.5.2.1.10.1. serRowSt tus create the row status. A local nt
12 atus user can be added and
deleted.
1.3.6.1.4.1.20 HwLocal Integer read- This object indicates curre

11.5.2.1.10.1. UserAcces 32 create the maximum number nt
15 sLimitNu of access users.
m
1.3.6.1.4.1.20 hwLocalU OCTET read-only This object indicates curre

11.5.2.1.10.1. serPassw STRING when the password of nt
19 ordSetTi a local user is created.
me
1.3.6.1.4.1.20 hwLocalU OCTET read-only This object indicates curre

11.5.2.1.10.1. serPassw STRING the validity period of a nt
20 ordExpire local user's password.
Time
1.3.6.1.4.1.20 hwLocalU INTEGE read-only This object indicates curre

11.5.2.1.10.1. serPassw R whether a local user's nt
21 ordIsExpir password has expired:
ed ● 0: A local user's
password does not
expire.
● 1: A local user's
password has
expired.

Switches

m Access us
1.3.6.1.4.1.20 hwLocalU INTEGE read-only This object indicates curre

11.5.2.1.10.1. serPassw R whether the password nt
22 ordIsOrgi of a local user is the
nal initial password:
● 0: The password of
a local user is not
the initial
password.
● 1: The password of
a local user is the
initial password.
1.3.6.1.4.1.20 hwhttpdir Display read- This object indicates curre

11.5.2.1.10.1. ectory String create the directory that nt
23 HTTP users can
access.
The entries in this table can be created without restriction.
The entries in this table can be modified without restriction.
The entries in this table can be deleted without restriction.
Access Restriction
The entries in this table can be read without restriction.
10.4.11 hwLocalUserExtTable
hwLocalUserExtTable is an AAA user information extension table.

Name um us
Access
1.3.6.1.4.1.201 hwLocalU INTEGE read- This object indicates curr

1.5.2.1.11.1.2 serState R write the status of a local ent
user.

Switches

Name um us
Access
1.3.6.1.4.1.201 hwLocalU Display read- This object indicates curr

1.5.2.1.11.1.7 serUserGr String write information about the ent
oup user group to which
the local user belongs.
The value is a string of
1 to 64 characters.
NOTE
This object is supported
only in the NAC
common mode.
1.3.6.1.4.1.201 hwLocalU Display read- This object indicates curr

1.5.2.1.11.1.8 serDeviceT String write the type of the local ent
ype user's device. The
value is a string of 1 to
256 characters.
NOTE
only in the NAC
common mode.
1.3.6.1.4.1.201 hwLocalU Display read- Indicates the expiry curr

1.5.2.1.11.1.9 serExpireD String write date of a local ent
ate account.
The value is in
YYYY/MM/DD format.
YYYY specifies the year,
MM specifies the
month, and DD
specifies the day. The
value ranges from
2000/1/1 to
2099/12/31.
1.3.6.1.4.1.201 hwLocalU Unsign read- Indicates the idle curr

1.5.2.1.11.1.10 serIdleTim ed32 write timeout interval of a ent
eoutSecon local account.
d
1.3.6.1.4.1.201 hwLocalU Display read- Indicates the period at curr

1.5.2.1.11.1.11 serTimeRa String write which access of the ent
nge local account is
allowed.
1.3.6.1.4.1.201 hwLocalU INTEGE read- Indicates the local curr

1.5.2.1.11.1.12 serIsExpire R only account is expired. ent
d

Switches
None
None
None
Access Restriction
None
10.4.12 hwRecordSchemeTable
hwRecordSchemeTable is a table of a recording scheme, including the recording
scheme name and a TAC template name. You can add, delete, modify, or query
the recording scheme.
The index of this table is hwRecordSchemeName.
OID Object Maxi Data Description Stat

Name mum Type us
Access
1.3.6.1.4.1.2011. hwRecordSc read- Display This object specifies curr

5.2.1.30.1 hemeName only String the name of the ent
recording scheme.
The value is a string
of 1 to 32 characters.
The scheme name
must comply with
Windows naming
regulation. It cannot
contain slash (\),
backslash (/), colon
(:), asterisk (*),
question mask (?),
quotation mask ("),
and angle brackets (<
>).
1.3.6.1.4.1.2011. hwRecordT read- Display This object indicates curr

5.2.1.30.2 acGroupNa create String the name of the ent
me HWTACACS group
referenced in the
recording scheme.
1.3.6.1.4.1.2011. hwRecordR read- RowSt This object indicates curr

5.2.1.30.3 owStatus create atus the row status. ent

Switches
None.
hwRecordSchemeName and hwRecordRowStatus can be created and deleted, but
cannot be modified.
Access Restriction
None.
10.4.13 hwServiceSchemeTable
The hwServiceSchemeTable is a service scheme table. You can use this table to
configure authorization information in a service scheme.
The index of this table is hwServiceSchemeName.
OID Object Syntax Maximu Description Statu

m s
Access
1.3.6.1.4.1.2011. hwServiceS Display read- This object curre

5.2.1.38.1.1 chemeNam String only indicates the nt
e name of a service
scheme. The value
is a string of 1 to
32 characters.
1.3.6.1.4.1.2011. hwServiceS IpAddr read- This object curre

5.2.1.38.1.15 chemeDnsF ess write indicates the IP nt
irst address of the
primary DNS
server in a service
scheme.
1.3.6.1.4.1.2011. hwServiceS IpAddr read- This object curre

5.2.1.38.1.16 chemeDnsS ess write indicates the IP nt
econd address of the
secondary DNS
server in a service
scheme.

Switches

m s
Access
1.3.6.1.4.1.2011. hwSrvSche Integer read- This object curre

5.2.1.38.1.17 meAdminU 32 write indicates the nt
serPriority privilege level of
the administrator.
The value ranges
from -1 to 15. The
value -1 is invalid.
1.3.6.1.4.1.2011. hwServiceS RowSt read- This object curre

5.2.1.38.1.51 chemeRow atus create indicates the nt
Status status of a service
scheme, which can
be added and
deleted.
1.3.6.1.4.1.2011. hwServiceS INTEG read- This object curre

5.2.1.38.1.52 chemeIdleC ER write indicates the idle- nt
utType cut mode:
● 1: inbound. The
idle-cut
function takes
effect for only
upstream
traffic of users.
● 2: outbound.
The idle-cut
function takes
effect for only
downstream
traffic of users.
● 3: both. The
idle-cut
function takes
effect for both
upstream and
downstream
traffic of users.
● 4: none. The
idle-cut
function is
disabled.

Switches

m s
Access
1.3.6.1.4.1.2011. hwServiceS Unsign read- This object curre

5.2.1.38.1.53 chemeIdleC ed32 write indicates the nt
utFlowValu traffic volume
e threshold for idle-
cut function.
When the traffic
volume of a user
is below this
threshold, the
device considers
that the user is in
idle state.
1.3.6.1.4.1.2011. hwLocalAut Display read- This object curre

5.2.1.38.1.54 horize String write indicates the user nt
authorization
information to be
delivered to a
control device.
NOTE
Only control
devices in the
Policy Association
solutions support
this object.
1.3.6.1.4.1.2011. hwRemote Display read- This object curre

5.2.1.38.1.55 Authorize String write indicates the user nt
authorization
information to be
delivered to an
access device.
NOTE
Only control
devices in the
Policy Association
solutions support
this object.
1.3.6.1.4.1.2011. hwServiceS Display read- This object curre

5.2.1.38.1.56 chemeRedir String write indicates the ACL nt
ectACL used for
redirection in a
service scheme.
None

Switches
None
The recording scheme being used by a domain cannot be deleted. To delete the
recording scheme, you must unbind the recording scheme from the domain.
Access Restriction
None.
10.4.14 hwUserGroupTable
hwUserGroupTable is a user group configuration table. You can use this table to
configure user authorization information in a user group.
The index of this table is hwUserGroupIndex.
NOTE
The functions provided by this MIB only apply to the NAC common mode.
OID Object Syntax Imple Description Stat

Name mente us
d
Specifi
cation
s
1.3.6.1.4.1.2011. hwUserGro Integer read- This object indicates curr

5.2.1.51.1.1 upIndex 32 only the user group index. ent
The value ranges
from 1 to 128.
1.3.6.1.4.1.2011. hwUserGro Display read- This object indicates curr

5.2.1.51.1.2 upName String create the user group name. ent
The value ranges
from 1 to 64.

Switches

Name mente us
d
Specifi
cation
s
1.3.6.1.4.1.2011. hwAclId Display read- This object indicates curr

5.2.1.51.1.3 String create the ID of an ACL ent
configured in a user
group. A maximum of
eight ACLs can be
configured. Two ACLs
are separated by a
space and each ACL
must exist on the
device. When this
table takes effect,
ACLs in the original
user group are
deleted.
1.3.6.1.4.1.2011. hwUserGro Integer read- This object indicates curr

5.2.1.51.1.7 upRowStat 32 create the row status of a ent
us user group. The row
status can be created
and deleted.
1.3.6.1.4.1.2011. hw8021pRe Integer read- This object indicates curr

5.2.1.51.1.9 mark 32 create the priority for ent
processing Ethernet
Layer 2 packets. The
value ranges from 0
to 7.
NOTE
Only the S5720EI,
S5720HI, S6720EI, and
S6720S-EI support this
object.
1.3.6.1.4.1.2011. hwDscpRe Integer read- This object indicates curr

5.2.1.51.1.10 mark 32 create the priority for ent
processing IP packets.
The value ranges
from 0 to 63.
NOTE
Only the S5720EI,
S6720S-EI support this
object.

Switches

Name mente us
d
Specifi
cation
s
1.3.6.1.4.1.2011. hwUserGro Unsign read- This object indicates curr

5.2.1.51.1.13 upCarCir ed32 write the CIR of the user ent
group. The value is 0
or ranges from 64 to
4294967295. The
default value is 0. 0
indicates that the CIR
is not configured for
the user group.

5.2.1.51.1.14 upCarPir ed32 write the PIR of the user ent
or ranges from 64 to
4294967295. The
indicates that the PIR
the user group.

5.2.1.51.1.15 upCarCbs ed32 write the CBS of the user ent
or ranges from 10000
to 4294967295. The
indicates that the CBS
the user group.

5.2.1.51.1.16 upCarPbs ed32 write the PBS of the user ent
or ranges from 10000
to 4294967295. The
indicates that the PBS
the user group.

Switches

Name mente us
d
Specifi
cation
s
1.3.6.1.4.1.2011. hwUserGro INTEG read- This object indicates curr

5.2.1.51.1.17 upEnable ER write whether the user ent
group function is
enabled.
● 1: enable (1): The
user group
function is
enabled.
● 2: disable (2): The
user group
function is
disabled.

5.2.1.51.1.18 upCarInBou ed32 write the CIR value of ent
ndCir incoming packets in
the user group. The
value is 0 or ranges
from 64 to
4294967295. The
indicates that the CIR
the user group.
NOTE
This object is only
supported by the
S5720HI.

5.2.1.51.1.19 upCarInBou ed32 write the PIR value of ent
ndPir incoming packets in
the user group. The
from 64 to
4294967295. The
indicates that the PIR
the user group.
NOTE
This object is only
supported by the
S5720HI.

Switches

Name mente us
d
Specifi
cation
s

5.2.1.51.1.20 upCarInBou ed32 write the CBS value of ent
ndCbs incoming packets in
the user group. The
from 10000 to
4294967295. The
indicates that the CBS
the user group.
NOTE
This object is only
supported by the
S5720HI.

5.2.1.51.1.21 upCarInBou ed32 write the PBS value of ent
ndPbs incoming packets in
the user group. The
from 10000 to
4294967295. The
indicates that the PBS
the user group.
NOTE
This object is only
supported by the
S5720HI.
Before configuring a VLAN or an ACL, ensure that the VLAN or ACL has been
created.
The bound user group cannot be modified. You cannot modify the configuration
of the user group that has been enabled.
This table cannot be deleted when any user exists in the user group.

Switches
Access Restriction
None
10.4.15 hwAccessTable
This table displays information about access users.
The index of this table is hwAccessIndex.
OID Object Syntax Implemen Descriptio Status

Name ted n
Specificati
ons
1.3.6.1.4.1.201 hwAccessI Integer32 read-only This object current

1.5.2.1.15.1.1 ndex indicates
the CIB
index.
1.3.6.1.4.1.201 hwAccess DisplayStri read-only This object current

1.5.2.1.15.1.3 UserName ng indicates
the access
user name.
The value
is a string
of 1 to 64
characters.
1.3.6.1.4.1.201 hwAccessS Integer32 read-only This object current

1.5.2.1.15.1.8 lotNo indicates
the
number of
the slot
where the
user
connected
to the
device.
The value
of this
object is
meaningle
ss for
managem
ent users.
NOTE
The slot
ID is 9 for
Eth-Trunk
access
users.

Switches

Name ted n
Specificati
ons
1.3.6.1.4.1.201 hwAccessV Integer32 read-only This object current

1.5.2.1.15.1.11 LANID indicates
the VLAN
that access
users
belong to.
The value
is an
integer
that
ranges
from 1 to
4094. The
value 0
indicates
no VLAN
ID exists.

Switches

Name ted n
Specificati
ons
1.3.6.1.4.1.201 hwAccessA INTEGER read-only This object current

1.5.2.1.15.1.13 uthenMet indicates
hod the
authentica
tion
method.
The value
is an
integer.
The values
are as
follows:
● 1: local
authent
ication
● 2: none
authent
ication
● 3:
RADIUS
authent
ication
● 4: local
authent
ication
and
then
RADIUS
authent
ication
if the
user
name
for
local
authent
ication
does
not
exist.
● 5:
remote
RADIUS
authent
ication
and

Switches

Name ted n
Specificati
ons
then
local
authent
ication
if
RADIUS
authent
ication
fails.
● 6:
remote
RADIUS
authent
ication
and
then
none
authent
ication
if
RADIUS
authent
ication
fails.
● 7:
HWTAC
ACS
authent
ication
● 8: local
authent
ication
and
then
HWTAC
ACS
authent
ication
if the
user
name
for
local
authent
ication
does

Switches

Name ted n
Specificati
ons
not
exist.
● 9:
HWTAC
ACS
authent
ication
and
then
local
authent
ication
if
HWTAC
ACS
authent
ication
fails.
● 10:
HWTAC
ACS
authent
ication
and
then
none
authent
ication
if
HWTAC
ACS
authent
ication
fails.
1.3.6.1.4.1.201 hwAccessI IpAddress read-only This object current

1.5.2.1.15.1.15 PAddress indicates
the IP
address of
an access
user.

Switches

Name ted n
Specificati
ons
1.3.6.1.4.1.201 hwAccess MacAddre read-only This object current

1.5.2.1.15.1.17 MACAddre ss indicates
ss the MAC
address of
an access
user.
1.3.6.1.4.1.201 hwAccessS DateAndTi read-only This object current

1.5.2.1.15.1.25 tartTime me indicates
the user
access
time. For
example,
2012-12-1
3,22:8:39.0
,+0:0.
1.3.6.1.4.1.201 hwAccess Counter64 read-only This object current

1.5.2.1.15.1.36 UpFlow64 indicates
data
traffic
(number
of bytes)
from users
to the
device.

1.5.2.1.15.1.37 DnFlow64 indicates
data
traffic
(number
of bytes)
from the
device to
users.

1.5.2.1.15.1.38 UpPacket6 indicates
4 data
traffic
(number
of
packets)
from users
to the
device.

Switches

Name ted n
Specificati
ons

1.5.2.1.15.1.39 DnPacket6 indicates
4 data
traffic
(number
of
packets)
from the
device to
users.
1.3.6.1.4.1.201 hwAccessC Unsigned3 read-only This object current

1.5.2.1.15.1.45 ARUpCIR 2 indicates
the CIR
value of
incoming
packets.

1.5.2.1.15.1.46 ARUpPIR 2 indicates
the PIR
value of
incoming
packets.

1.5.2.1.15.1.47 ARUpCBS 2 indicates
the CBS
value of
incoming
packets.

1.5.2.1.15.1.48 ARUpPBS 2 indicates
the PBS
value of
incoming
packets.

1.5.2.1.15.1.49 ARDnCIR 2 indicates
the CIR
value of
outbound
packets.

Switches

Name ted n
Specificati
ons

1.5.2.1.15.1.50 ARDnPIR 2 indicates
the PIR
value of
outbound
packets.

1.5.2.1.15.1.51 ARDnCBS 2 indicates
the CBS
value of
outbound
packets.

1.5.2.1.15.1.52 ARDnPBS 2 indicates
the PBS
value of
outbound
packets.
1.3.6.1.4.1.201 hwAccessI DisplayStri read-only This object current

1.5.2.1.15.1.57 nterface ng indicates
the access
interface.
The value
is a string
of 1 to 63
characters.
1.3.6.1.4.1.201 hwAccess OCTET read-only This object current

1.5.2.1.15.1.74 DeviceNa STRING indicates
me the AP
name for a
wireless
user or
indicates
the name
of the
device to
which an
access
user
connects
in a policy
association
scenario.

Switches

Name ted n
Specificati
ons
1.3.6.1.4.1.201 hwAccess MacAddre read-only This object current

1.5.2.1.15.1.75 DeviceMA ss displays
CAddress an invalid
MAC
address
that is all
0s for a
wireless
user or
displays
the MAC
address of
the device
to which
an access
user
connects
in a policy
association
scenario.

1.5.2.1.15.1.76 DevicePort STRING indicates
Name the port
name of
the device
to which
an access
user
connects
in a policy
association
scenario.
1.3.6.1.4.1.201 hwAccessA Unsigned3 read-only This object current

1.5.2.1.15.1.77 PID 2 displays
the AP ID
for a
wireless
user or
0x0FFFF
for a wired
user.

Switches

Name ted n
Specificati
ons
1.3.6.1.4.1.201 hwAccess Integer32 read-only This object current

1.5.2.1.15.1.78 QinQVLA indicates
NID the outer
VLAN ID
of QinQ
packets.
The value
is an
integer
that
ranges
from 1 to
4094. The
value 0
indicates
no VLAN
ID.

1.5.2.1.15.1.79 Option82C STRING indicates
ircuitID the circuit
ID of
Option 82.

1.5.2.1.15.1.80 Option82R STRING indicates
emoteID the
remote ID
of Option
82.
1.3.6.1.4.1.201 hwAccessS Integer32 read-only This object current

1.5.2.1.15.1.81 essionTim indicates
eout the session
timeout
interval.

1.5.2.1.15.1.82 SPVLAN indicates
the ISP
VLAN of
access
users.

Switches

Name ted n
Specificati
ons

1.5.2.1.15.1.83 SPInterfac indicates
e the ISP
interface
of access
users.
Access Restriction
None
10.4.16 hwAccessExtTable
This table is the access user extension table and displays information about access
users.

Switches

Name ted n
Specificati
ons
1.3.6.1.4.1.201 hwAccessC INTEGER read-only This object current

1.5.2.1.16.1.14 urAuthenP indicates
lace the
authentica
tion mode.
The value
can be
none(0),
local(1),
radius(2),
or
tacacs(3).

Switches

Name ted n
Specificati
ons
1.3.6.1.4.1.201 hwAccessT INTEGER read-only This object current

1.5.2.1.16.1.17 ype indicates
the access
type. The
value can
be
telnet(1),
2:termina
l(2),
3:ssh(3),
4:ftp(4),
5:x25pad(
5),
6:ppp(6),
7:pppoe(7)
,
8:pppoeovl
an(8),
9:pppoa(9)
,
10:pppoeo
a(10),
11:pppoln
s(11),
12:ordinar
yvlan(12),
13:eap(13)
,
14:pnp(14)
, 15:ip(15),
16:staticvl
an(16),
17:layer2le
asedline(1
7),
18:layer2le
asedlineus
er(18),
19:layer3le
asedline(1
9),
20:pppoele
asedline(2
0),
21:nmslea
sedline(21
),

Switches

Name ted n
Specificati
ons
22:proxyle
asedline(2
2),
23:relaylea
sedline(23
),
24:e1pos(2
4),
25:lactunn
el(25),
26:lnstunn
el(26),
27:mip(27)
,
28:deviceu
ser(28),
29:pppoeo
r(29),
30:pppoeo
vlanor(30)
,
31:ordinar
yvlanor(31
),
32:http(32
),
33:web(33
),
34:wlan(3
4),
35:mac(35
), or
36:vm(36).
1.3.6.1.4.1.201 hwAccess Unsigned3 read-only This object current

1.5.2.1.16.1.18 OnlineTim 2 indicates
e the online
duration,
in seconds.

Switches

Name ted n
Specificati
ons
1.3.6.1.4.1.201 hwAccess DisplayStri read-write This object current

1.5.2.1.16.1.19 Domain ng indicates
the
domain
that an
access
user
belongs to.
The value
is a string
of 1 to 64
characters.
1.3.6.1.4.1.201 hwAccess IpAddress read-only This object current

1.5.2.1.16.1.20 Gateway indicates
the
gateway IP
address.
1.3.6.1.4.1.201 hwAccessS DisplayStri read-write This object current

1.5.2.1.16.1.21 SID ng indicates
the SSID
of an
access
user. The
value is a
string of 1
to 32
characters.
1.3.6.1.4.1.201 hwAccessA MacAddre read-only This object current

1.5.2.1.16.1.22 PMAC ss indicates
the MAC
address of
an AP.

1.5.2.1.16.1.23 urAccounti indicates
ngPlace the
accounting
mode. The
value can
be
none(1),
radius(2),
or
tacacs(3).

Switches

Name ted n
Specificati
ons

1.5.2.1.16.1.24 urAuthorPl indicates
ace the
authorizati
on mode.
The value
can be
none(1),
local(2),
ifauthen(3
), or
tacacs(4).
1.3.6.1.4.1.201 hwAccess DisplayStri read-write This object current

1.5.2.1.16.1.25 UserGroup ng indicates
the name
of a user
group. The
value is a
string of
1to 64
characters.
NOTE
This
object is
supported
only in the
NAC
common
mode.
Access Restriction
None

Switches
10.4.17 hwCutAccessUserTable
This table disconnects access users.
NOTE
The table does not support multi-node combination settings.

Name ted n
Specificati
ons
1.3.6.1.4.1.201 hwCutStar Integer32 read-write This object current

1.5.2.1.28.1 tUserID indicates
the user
ID.
1.3.6.1.4.1.201 hwCutIPad IpAddress read-write This object current

1.5.2.1.28.3 dress indicates
the IP
address of
a user
who is to
be
disconnect
ed.
1.3.6.1.4.1.201 hwCutMac MacAddre read-write This object current

1.5.2.1.28.4 Addres ss indicates
the MAC
address of
a user
who is to
be
disconnect
ed. If the
MAC
address is
XX:XX:XX:X
X:XX:XX,
enter it in
the format
# 0xXX
0xXX 0xXX
0xXX 0xXX
0xXX.

Switches

Name ted n
Specificati
ons
1.3.6.1.4.1.201 hwCutDo DisplayStri read-write This object current

1.5.2.1.28.7 main ng indicates
the
domain
that a user
who is to
be
disconnect
ed belongs
to. The
value is a
string of 1
to 64
characters.
1.3.6.1.4.1.201 hwCutAcc DisplayStri read-write This object current

1.5.2.1.28.14 essInterfac ng indicates
e the access
interface
of a user
who is to
be
disconnect
ed. The
value is a
string of 1
to 63
characters.
1.3.6.1.4.1.201 hwCutUse Octet read-write This object current

1.5.2.1.28.15 rSSID String indicates
the SSID
of a user
who is to
be
disconnect
ed. The
value is a
string of 1
to 32
characters.

Switches

Name ted n
Specificati
ons
1.3.6.1.4.1.201 hwCutAcc Integer32 read-write This object current

1.5.2.1.28.16 essSlot indicates
the access
slot of a
user who
is to be
disconnect
ed. The
value is an
integer.
1.3.6.1.4.1.201 hwCutUse DisplayStri read-write This object current

1.5.2.1.28.17 rGroup ng indicates
the user
group that
a user
who is to
be
disconnect
ed belongs
to. The
value is a
string of 1
to 64
characters.
NOTE
This
object is
supported
only in the
NAC
common
mode.

Switches
Access Restriction
This table does not support multi-node combination configuration.
10.4.18 hwAuthEventCfgTable
The hwAuthEventCfgTable configures authentication events on interfaces. If

authentication events are configured in both the system view and interface view,
the configuration in the interface view takes effect.
The index of this table is hwAuthEventPortIndex.
NOTE
This MIB table is supported only in the NAC common mode.
OID Object Syntax Implem Description Status

Name ented
Specific
ations
1.3.6.1.4.1.20 hwAuthE Unsigned32 read- This object curren

11.5.2.1.55.1. ventPortI only specifies the user t
1 ndex interface index.
1.3.6.1.4.1.20 hwAuthE DisplayStrin read- This object curren

11.5.2.1.55.1. ventAuth g write indicates that t
2 FailRespo whether the
nseFail device returns an
authentication
failure packet if a
user fails in
authentication.
● 1: enable (1):
The device
returns
authentication
failure
packets.
● 2: disable (2):
The device
returns
authentication
success
packets.

11.5.2.1.55.1. ventAuth g write indicates that a t
3 FailVlan user failing in
authentication is
added to the
corresponding
VLAN.

Switches

Name ented
Specific
ations

11.5.2.1.55.1. ventAuth g write indicates that t
4 enServer whether the
DownRes device returns
ponseFail authentication
failure packets
when the
authentication
server does not
respond.
● 1: enable (1):
The device
returns
authentication
failure
packets.
● 2: disable (2):
The device
returns
authentication
success
packets.
1.3.6.1.4.1.20 hwAuthE Integer32 read- This object curren

11.5.2.1.55.1. ventAuth write indicates that the t
5 enServer device adds a
DownVla user to the
n corresponding
VLAN if the
authentication
server does not
respond.

11.5.2.1.55.1. ventClien write indicates that the t
6 tNoResp device adds a
onseVlan user to the
corresponding
VLAN if the client
does not respond.

Switches

Name ented
Specific
ations

11.5.2.1.55.1. ventPreA write indicates that the t
7 uthVlan device adds a
user to the
corresponding
VLAN before the
client is
authenticated.
1.3.6.1.4.1.20 hwAuthE OCTET read- This object curren

11.5.2.1.55.1. ventAuth STRING write indicates that a t
8 FailUserG user failing in
roup authentication is
added to a user
group.

11.5.2.1.55.1. ventAuth STRING write indicates that the t
9 enServer device adds a
DownUse user to a user
rGroup group if the
authentication
server does not
respond.

11.5.2.1.55.1. ventClien STRING write indicates that the t
10 tNoResp device adds a
onseUser user to a user
Group group if the client
does not respond.

11.5.2.1.55.1. ventPreA STRING write indicates that the t
11 uthUserG device adds a
roup client to a user
group before the
client is
authenticated.
None
None

Switches
None
Access Restriction
None
10.4.19 hwAuthorCmdTable
hwAuthorCmdTable is a command line authorization information table including
the user level and command line authorization mode.
The index of this table is hwAuthorCmdLevel.
OID Object Syntax Max Description Imp

Name Access lem
ent
ed
Spe
cific
atio
ns
1.3.6.1.4.1.2011. hwAuthorC Integer read- This object indicates This

5.2.1.57.1.1 mdLevel 32 only the user level of obje
commands with ct is
command line impl
authorization eme
enabled. nte
d as
defi
ned
in
the
corr
esp
ondi
ng
MIB
file.

Switches
OID Object Syntax Max Description Imp

Name Access lem
ent
ed
Spe
cific
atio
ns
1.3.6.1.4.1.2011. hwAuthorC INTEG read- This object indicates This

5.2.1.57.1.2 mdMode ER create the command line obje
authorization mode. ct is
● 1: hwtacacs(0) impl
eme
● 2: nte
hwtacacsnone(1) d as
● 3: defi
hwtacacslocal(2) ned
● 4: in
hwtacacslocalnon the
e(3) corr
esp
ondi
ng
MIB
file.
1.3.6.1.4.1.2011. hwAuthorC RowSt read- This object indicates This

5.2.1.57.1.3 mdRowStat atus create the row status. obje
us ct is
impl
eme
nte
d as
defi
ned
in
the
corr
esp
ondi
ng
MIB
file.
You can create entries in this table.
The entries in this table can be modified.

Switches
The entries in this table can be deleted.
Access Restriction
10.4.20 hwOfflineReasonStatTable
This table describes user login failure and offline reasons and statistics on the
reasons.
The index of this table is hwOfflineReason.

Name mente us
d
Specifi
cation
s
1.3.6.1.4.1.2011. hwOfflineR Integer read- This object indicates curr

5.2.1.34.1.1 eason 32 only reasons why a user ent
goes offline.
1.3.6.1.4.1.2011. hwOfflineR Integer read- This object indicates curr

5.2.1.34.1.2 easonStatis 32 only statistics on user ent
tic offline reasons.
1.3.6.1.4.1.2011. hwOnlineFa Integer read- This object indicates curr

5.2.1.34.1.3 ilReasonSta 32 only statistics on user ent
tistic login failure reasons.
Access Restriction
10.4.21 hwLocalUserPwPolicyAdmin

Switches
The hwLocalUserPwPolicyAdmin is used to create, set, and delete the password

policy of the local administrator.
NOTE
OID Object Syntax Implem Description Stat

Name ented us
Specific
ations
1.3.6.1.4.1.201 hwAdmin INTEGE read- Indicates whether the curr

1.5.2.1.59.1.1 Enable R write password control ent
function is enabled:
● 0: The password
control function is
disabled.
● 1: The password
control function is
enabled.
1.3.6.1.4.1.201 hwAdmin Integer read- Indicates the number curr

1.5.2.1.59.1.2 Expire 32 write of days after which ent
the password expires.
1.3.6.1.4.1.201 hwAdmin Integer read- Indicates the curr

1.5.2.1.59.1.3 PwHistory 32 write maximum number of ent
RecordNu historical passwords
m recorded on the
device.
1.3.6.1.4.1.201 hwAdmin Integer read- Indicates how long the curr

1.5.2.1.59.1.4 AlertBefor 32 write system displays a ent
e prompt before the
password expires.
1.3.6.1.4.1.201 hwAdmin INTEGE read- Indicates whether the curr

1.5.2.1.59.1.5 AlertOrgin R write device prompts users ent
al to change the initial
passwords:
● 0: The function of
prompting users to
change the initial
password is
disabled.
● 1: The function of
prompting users to
change the initial
password is
enabled.

Switches
None
None
None
Access Restriction
None
10.4.22 hwLocalUserPwPolicyAcc
The hwLocalUserPwPolicyAcc is used to create, set, and delete the password policy
of the local access users.
NOTE
OID Object Syntax Implem Description Stat

Name ented us
Specific
ations
1.3.6.1.4.1.201 hwAccEna INTEGE read- Indicates whether the curr

1.5.2.1.60.1.1 ble R write password control ent
function is enabled:
● 0: The password
control function is
disabled.
● 1: The password
control function is
enabled.
1.3.6.1.4.1.201 hwAccPw Integer read- Indicates the curr

1.5.2.1.60.1.2 HistoryRec 32 write maximum number of ent
ordNum historical passwords
recorded on the
device.
None

Switches
None
None
Access Restriction
None
10.4.23 userAuthenProfileTable
userAuthenProfileTable is used by the administrator to perform operations on the
authentication profile.
The index of this table is userAuthenProfileName.

Name mente us
d
Specifi
cation
s
1.3.6.1.4.1.2011. userAuthen OCTET read- This object indicates curr

5.2.1.62.1.1 ProfileNam STRIN only the name of a user ent
e G authentication profile.

5.2.1.62.1.2 ProfileDot1 STRIN create the name of the ent
xAccessProf G 802.1X access profile
ileName bound to the user

5.2.1.62.1.3 ProfileMac STRIN create the name of the MAC ent
AuthenAcce G access profile bound
ssProfileNa to the user
me authentication profile.

Switches

Name mente us
d
Specifi
cation
s

5.2.1.62.1.4 ProfilePorta STRIN create the name of the ent
lAccessProfi G Portal access profile
leName bound to the user
1.3.6.1.4.1.2011. userAuthen TruthV read- This object indicates curr

5.2.1.62.1.5 ProfileSingl alue create the single-user access ent
eAccess mode.

5.2.1.62.1.6 ProfilePreA STRIN create the name of the ent
uthenServic G service scheme based
eSchemeNa on which the device
me assigns network
access rights to pre-
connection users. The
value is a string of 1
to 32 characters.
1.3.6.1.4.1.2011. userAuthen Integer read- This object indicates curr

5.2.1.62.1.8 ProfilePreA 32 create the VLAN assigned to ent
uthenVLAN pre-authenticated
users. The value is an
integer that ranges
from 1 to 4094.

5.2.1.62.1.9 ProfileAuth STRIN create the name of the ent
enFailAuth G service scheme based
orServiceSc on which the device
hemeName assigns network
access rights to users
who fail to be
authenticated. The
value is a string of 1
to 32 characters.

5.2.1.62.1.11 ProfileAuth 32 create the VLAN assigned to ent
enFailAuth users who fail the
orVLAN authentication. The
value is an integer
that ranges from 1 to
4094.

Switches

Name mente us
d
Specifi
cation
s

5.2.1.62.1.12 ProfileAuth STRIN create the name of the ent
enServerDo G service scheme based
wnServiceS on which the device
chemeNam assigns network
e access rights to users
when the
authentication server
is Down. The value is
a string of 1 to 32
characters.

5.2.1.62.1.14 ProfileAuth 32 create the VLAN based on ent
enServerDo which the device
wnVLAN assigns network
when the
is Down. The value is
an integer that
ranges from 1 to
4094.

5.2.1.62.1.15 ProfileAuth alue create that the device sends ent
enServerDo authentication failure
wnRespons packets to users when
eSuccess the authentication
server is Down.

5.2.1.62.1.16 ProfileAuth alue create that the device re- ent
enServerUp authenticates users
Reauthen when the
changes from Down
to Up.

5.2.1.62.1.18 ProfileMAC alue create MAC address bypass ent
Bypass authentication.

Switches

Name mente us
d
Specifi
cation
s
1.3.6.1.4.1.2011. userAuthen OCTET read- This object indicates a curr

5.2.1.62.1.19 ProfileDot1 STRIN create forcible 802.1X ent
xForceDom G authentication
ain domain. The value is
a string of 1 to 64
characters.

5.2.1.62.1.20 ProfileMAC STRIN create forcible MAC address ent
AuthenForc G authentication
eDomain domain. The value is
a string of 1 to 64
characters.

5.2.1.62.1.21 ProfilePorta STRIN create forcible Portal ent
lForceDom G authentication
ain domain. The value is
a string of 1 to 64
characters.

5.2.1.62.1.22 ProfileDot1 STRIN create default 802.1X ent
xDefaultDo G authentication
main domain. The value is
a string of 1 to 64
characters.

5.2.1.62.1.23 ProfileMAC STRIN create default MAC address ent
AuthenDefa G authentication
ultDomain domain. The value is
a string of 1 to 64
characters.

5.2.1.62.1.24 ProfilePorta STRIN create default Portal ent
lDefaultDo G authentication
main domain. The value is
a string of 1 to 64
characters.

Switches

Name mente us
d
Specifi
cation
s

5.2.1.62.1.25 ProfileDefa STRIN create default user domain ent
ultDomain G that is valid for all
access authentication
users. The value is a
string of 1 to 64
characters.

5.2.1.62.1.26 ProfileForce STRIN create forcible user domain ent
Domain G that is valid for all
access authentication
users. The value is a
string of 1 to 64
characters.

5.2.1.62.1.27 ProfileDom STRIN create domain name ent
ainNameDe G delimiter.
limiter
1.3.6.1.4.1.2011. userAuthen INTEG read- This object indicates curr

5.2.1.62.1.28 ProfileDom ER create the domain name ent
ainNameLo location:
cation ● 0: The domain
name is placed
before the domain
name delimiter.
● 1: The domain
name is placed
behind the domain
name delimiter.
● 2: invalid

Switches

Name mente us
d
Specifi
cation
s

5.2.1.62.1.29 ProfileDom ER create the domain name ent
ainNamePa resolution direction:
rseDirection ● 0: The domain
name resolution
direction is from
left to right.
● 1: The domain
name resolution
direction is from
right to left.
● 2: invalid

5.2.1.62.1.30 ProfileSecur STRIN create the security name ent
ityNameDel G character delimiter.
imiter

5.2.1.62.1.31 ProfilePreA 32 create the interval for re- ent
uthenReAut authenticating pre-
henTimer connection users.
The value is an
integer that ranges
from 0 or 30 to 7200,
in seconds. The value
0 indicates that the
re-authentication
function is disabled
for pre-connection
users.

Switches

Name mente us
d
Specifi
cation
s

5.2.1.62.1.32 ProfileAuth 32 create the interval for re- ent
enFailReAut authenticating users
henTimer who fail to be
authenticated.
The value is an
integer that ranges
from 0 or 30 to 7200,
in seconds. The value
0 indicates that the
re-authentication
function is disabled
for pre-connection
users.

5.2.1.62.1.33 ProfilePreA 32 create the aging time for ent
uthenAging pre-connection user
Time entries.
The value is an
integer that ranges
from 0 or 60 to
4294860, in seconds.
The value 0 indicates
that the entry is not
aged.

5.2.1.62.1.34 ProfileAuth 32 create the aging time for ent
enFailAging entries of the users
Time who fail to be
authenticated.
The value is an
integer that ranges
from 0 or 60 to
4294860, in seconds.
The value 0 indicates
that the entry is not
aged.

Switches

Name mente us
d
Specifi
cation
s

5.2.1.62.1.35 ProfileFree STRIN create the name of an ent
RuleName G authentication-free
rule.
Currently, the device
supports only one
authentication-free
rule profile, that is,
the built-in profile
default_free_rule.

5.2.1.62.1.43 ProfileAuth ER create the user access mode. ent
enticationM
ode

5.2.1.62.1.44 ProfileMax 32 create the maximum ent
User number of access
users.

5.2.1.62.1.45 ProfileArpD alue create that the device ent
etect handshakes with pre-
connection users and
authorized users.

5.2.1.62.1.46 ProfileArpD 32 create the interval at which ent
etectTimer the device
handshakes with pre-
connection users and
authorized users.
The value is an
integer that ranges
from 5 to 7200, in
seconds.
1.3.6.1.4.1.2011. userAuthen RowSt read- This object indicates curr

5.2.1.62.1.47 ProfileRowS atus create the row status. ent
tatus

5.2.1.62.1.48 ProfilePerm STRIN create the domain that ent
itDomain G allows users to
access.

Switches

Name mente us
d
Specifi
cation
s

5.2.1.62.1.49 ProfileAuth 32 create the maximum ent
enticationM number of
axUser authenticated users
allowed in a VAP
profile.

5.2.1.62.1.50 ProfileAuth alue create that the device sends ent
enFailAuth authentication failure
orResponse packets to users when
Success the authentication
fails.
None
User authentication profiles can only be added or deleted but cannot be modified.
None
Access Restriction
None
10.4.24 userAuthenticationFreeRuleTable
userAuthenticationFreeRuleTable is used to create and delete authentication-free
rule profiles.
The index of this table is userAuthenticationFreeRuleName.

Switches

Name mente us
d
Specifi
cation
s
1.3.6.1.4.1.2011. userAuthen Display read- This object indicates curr

5.2.1.63.1.1 ticationFree String only the name of an ent
RuleName authentication-free
rule profile.

5.2.1.63.1.2 ticationFree 32 create the ID of an IPv4 ent
RuleACLNu authentication-free
mber rule.

5.2.1.63.1.4 ticationFree atus create the row status. ent
RuleRowSta
tus
None
Authentication-free rule profiles can only be added or deleted but cannot be
modified.
None
Access Restriction
None
10.4.25 hwDot1xAccessProfileTable
hwDot1xAccessProfileTable is used by the administrator to perform operations on
an 802.1X access profile.
The index of this table is hwDot1xAccessProfileName.

Switches

Name mente us
d
Specifi
cation
s
1.3.6.1.4.1.2011. hwDot1xAc Display read- This object indicates curr

5.2.1.64.1.1 cessProfile String only the name of an ent
Name 802.1X access profile.

5.2.1.64.1.2 cessProfileG String create the name of the ent
uestAuthor service scheme based
ServiceSche on which the device
meName assigns network
when 802.1X clients
do not respond.

5.2.1.64.1.3 cessProfileG String create the name of the UCL ent
uestAuthor group based on which
UserGroup the device assigns
Name network access rights
to users when 802.1X
clients do not
respond.
NOTE
only by the S5720EI,
S6720S-EI .
1.3.6.1.4.1.2011. hwDot1xAc Integer read- This object indicates curr

5.2.1.64.1.4 cessProfileG 32 create the VLAN based on ent
uestAuthor which the device
VLAN assigns network
when 802.1X clients
do not respond.
1.3.6.1.4.1.2011. hwDot1xAc TruthV read- This object indicates curr

5.2.1.64.1.5 cessProfile alue create whether handshake ent
Handshake with online 802.1X
Switch users is enabled.
● 1: enabled
● 2: disabled
The default value is 2.

Switches

Name mente us
d
Specifi
cation
s
1.3.6.1.4.1.2011. hwDot1xAc INTEG read- This object indicates curr

5.2.1.64.1.6 cessProfile ER create the type of 802.1X ent
HandShake authentication
PktType handshake packets.

5.2.1.64.1.7 cessProfile 32 create the interval at which ent
HandshakeI the device
nterval handshakes with an
802.1X authentication
user on a non-Eth-
Trunk interface.

5.2.1.64.1.8 cessProfileIf alue only whether EAP ent
EAPEnd termination
authentication is
enabled.
● 1: enabled
● 2: disabled

5.2.1.64.1.9 cessProfileE ER create 802.1X ent
APEndMeth authentication.
od 1. chap(1)
2. pap(2)
3. eap(3)

5.2.1.64.1.10 cessProfileE 32 create the code number in ent
APNotifyPk EAP packets sent in
tEAPCode response to user
requests.

5.2.1.64.1.11 cessProfileE 32 create the data type in EAP ent
APNotifyPk packets sent in
tEAPType response to user
requests.

Switches

Name mente us
d
Specifi
cation
s

5.2.1.64.1.12 cessProfileR alue create whether re- ent
eAuthenEn authentication of
able online 802.1X users is
enabled.
● 1: enabled
● 2: disabled

5.2.1.64.1.13 cessProfileR 32 create the interval for re- ent
eauthentica authenticating online
tionTimeou 802.1X authentication
t users.

5.2.1.64.1.14 cessProfileC 32 create the client ent
lientTimeou authentication
t timeout timer.

5.2.1.64.1.15 cessProfileS 32 create the server ent
erverTimeo authentication
ut timeout timer.

5.2.1.64.1.17 cessProfile 32 create the maximum ent
MaxRetryV number of times that
alue an authentication
request packet can be
sent.

5.2.1.64.1.18 cessProfileS alue create whether the function ent
peedLimitA of dynamically
uto adjusting the packet
processing rate is
enabled.
● 1: enabled
● 2: disabled

Switches

Name mente us
d
Specifi
cation
s

5.2.1.64.1.19 cessProfileT ER create the packet type that ent
riggerPktTy can trigger 802.1X
pe authentication.
● 0: default
● 1: arp
● 2: dhcp

5.2.1.64.1.20 cessProfile alue create whether the function ent
UnicastTrig 802.1X authentication
ger triggered by unicast
packets is enabled.
● 1: enabled
● 2: disabled

5.2.1.64.1.22 cessProfileE 32 create the interval at which ent
thTrunkHa the device
ndShakePer handshakes with an
iod 802.1X authentication
user on an Eth-Trunk.
1.3.6.1.4.1.2011. hwDot1xAc RowSt read- This object indicates curr

5.2.1.64.1.23 cessProfileR atus create the row status. ent
owStatus
None
802.1X access profiles can only be modified or deleted but cannot be added.
None

Switches
Access Restriction
None
10.4.26 hwMACAuthenAccessProfileTable
hwMACAuthenAccessProfileTable is used by the administrator to perform
operations on a MAC access profile.
The index of this table is hwMACAuthenAccessProfileName.

Name mente us.
d
Specifi
cation
s
1.3.6.1.4.1.2011. hwMACAut Display read- This object indicates curr

5.2.1.65.1.1 henAccessP String only the name of a MAC ent
rofileName access profile.
1.3.6.1.4.1.2011. hwMACAut TruthV read- This object indicates curr

5.2.1.65.1.2 henAccessP alue create that MAC address re- ent
rofileReAut authentication is
henEnable enabled.
1.3.6.1.4.1.2011. hwMACAut Integer read- This object indicates curr

5.2.1.65.1.3 henAccessP 32 create the MAC address re- ent
rofileReaut authentication
hentication interval.
Timeout
1.3.6.1.4.1.2011. hwMACAut OCTET read- This object indicates curr

5.2.1.65.1.5 henAccessP STRIN create the fixed user name ent
rofileUserN G format for MAC
ameFixedU address
serName authentication.

5.2.1.65.1.6 henAccessP STRIN create the fixed password ent
rofileFixedP G for MAC address
assword authentication.
1.3.6.1.4.1.2011. hwMACAut INTEG read- This object indicates curr

5.2.1.65.1.7 henAccessP ER create the MAC address ent
rofileMACA format for MAC
ddressForm address
at authentication.

5.2.1.65.1.8 henAccessP STRIN create the MAC address ent
rofileMACA G password for MAC
ddressPass address
word authentication.

Switches

Name mente us.
d
Specifi
cation
s
1.3.6.1.4.1.2011. hwMACAut Integer read- This object indicates curr

5.2.1.65.1.11 henAccessP 32 create the packet type that ent
rofileTrigge NOTE can trigger MAC
rPktType When address
the authentication.
functi
on of
trigge
ring
MAC
addre
ss
authe
nticat
ion
throu
gh
any
packe
t is
confi
gured
, this
object
canno
t be
read
or
modif
ied.
1.3.6.1.4.1.2011. hwMACAut INTEG read- This object indicates curr

5.2.1.65.1.12 henAccessP ER create that the device sends ent
rofileTrigge DHCP option
rDHCPOpti information to the
onType authentication server
when receiving DHCP
packets that trigger
MAC address
authentication.

5.2.1.65.1.13 henAccessP alue create that the device clears ent
rofileDHCP user entries when
RelaseOffli receiving DHCP
ne release packets from
MAC address
authentication users.

Switches

Name mente us.
d
Specifi
cation
s

5.2.1.65.1.14 henAccessP alue create that the device re- ent
rofileDHCP authenticates MAC
RenewReAu address
then authentication users
when receiving DHCP
lease renewal packets
from the users.
1.3.6.1.4.1.2011. hwMACAut MacAd read- This object indicates curr

5.2.1.65.1.15 henAccessP dress create the MAC address ent
rofilePermit allowed for MAC
AuthenMA address
C authentication.
1.3.6.1.4.1.2011. hwMACAut MacAd read- This object indicates curr

5.2.1.65.1.16 henAccessP dress create the MAC address ent
rofilePermit mask allowed for
AuthenMA MAC address
CMask authentication.
1.3.6.1.4.1.2011. hwMACAut RowSt read- This object indicates curr

5.2.1.65.1.17 henAccessP atus create the row status. ent
rofileRowSt
atus
None
MAC access profiles can only be modified or deleter, but cannot be added.
None
Access Restriction
None
10.4.27 hwPortalAccessProfileTable

Switches
hwPortalAccessProfileTable is used by the administrator to perform operations on

a Portal access profile.
The index of this table is hwPortalAccessProfileName.

Name mente us
d
Specifi
cation
s
1.3.6.1.4.1.2011. hwPortalAc Display read- This object indicates curr

5.2.1.66.1.1 cessProfile String only the name of a Portal ent
Name access profile.
1.3.6.1.4.1.2011. hwPortalAc Integer read- This object indicates curr

5.2.1.66.1.2 cessProfile 32 create the offline detection ent
DetectPerio interval for Portal
d authentication users.
The value is an
integer that ranges
from 0 or 30 to 7200,
in seconds.
1.3.6.1.4.1.2011. hwPortalAc OCTET read- This object indicates curr

5.2.1.66.1.3 cessProfileP STRIN create the name of the ent
ortalServer G service scheme based
DownServic on which the device
eSchemeNa assigns network
me access rights to users
when the Portal
server is Down.

5.2.1.66.1.4 cessProfileP STRIN create the name of the UCL ent
ortalServer G group based on which
DownUserG the device assigns
roupName network access rights
to users when the
Portal server is Down.
NOTE
only by the S5720EI,
S6720S-EI .
1.3.6.1.4.1.2011. hwPortalAc TruthV read- This object indicates curr

5.2.1.66.1.5 cessProfileP alue create that the device sets ent
ortalServer the status of users
UpReAuthe who fail to be
n authenticated to pre-
connection when the
Portal server changes
from Down to Up.

Switches

Name mente us
d
Specifi
cation
s

5.2.1.66.1.8 cessProfileA STRIN create the source subnet for ent
uthenNetW G Portal authentication.
ork When multiple
network segments
exist, different
network segments
are divided using ?.
For example, 10.1.2.0?
10.1.3.0?10.1.5.0.

5.2.1.66.1.9 cessProfileA STRIN create the source subnet ent
uthenNetW G mask for Portal
orkMask authentication.
1.3.6.1.4.1.2011. hwPortalAc Display read- This object indicates curr

5.2.1.66.1.10 cessProfileP String create the name of a Portal ent
ortalServer server profile.
Name
1.3.6.1.4.1.2011. hwPortalAc INTEG read- This object indicates curr

5.2.1.66.1.11 cessProfileP ER create that the Portal ent
ortalAccess authentication mode.
Direct ● 0: invalid, indicates
that the Portal
authentication
mode is not
configured.
● 2: direct, indicates
that the Layer 2
authentication
mode is
configured.
● 3: layer3, indicates
that the Layer 3
authentication
mode is
configured.

5.2.1.66.1.12 cessProfileL alue create the built-in Portal ent
ocalServerE server.
nable ● 1: enabled
● 2: disabled

Switches

Name mente us
d
Specifi
cation
s

5.2.1.66.1.13 cessProfileL alue create the anonymous login ent
ocalServerA of built-in Portal
nonymous authentication users.
● 1: enabled
● 2: disabled
1.3.6.1.4.1.2011. hwPortalAc RowSt read- This object indicates curr

5.2.1.66.1.14 cessProfileR atus create the row status. ent
owStatus

5.2.1.66.1.16 cessProfileL STRIN create the redirection URL ent
ocalServerA G for anonymous login
nonymousU users authenticated
rl through the built-in
Portal server.
None
Portal access profiles can only be modified or deleted but cannot be added.
None
Access Restriction
None
10.4.28 userAuthenticationFreeRuleExtTable
userAuthenticationFreeRuleExtTable is used by the administrator to configure

authentication-free rules.
The index of this table is userAuthenticationFreeRuleNumber.

Switches

Name mente us
d
Specifi
cation
s

5.2.1.68.1.1 ticationFree 32 only the ID of an ent
RuleNumbe authentication-free
r rule.

5.2.1.68.1.2 ticationFree 32 only the source mode in ent
RuleSource an authentication-
Mode free rule.

5.2.1.68.1.3 ticationFree 32 only the VLAN ID of ent
RuleSource source packets in an
Vlan authentication-free
rule.

5.2.1.68.1.4 ticationFree STRIN only the interface of ent
RuleSourceI G source packets in an
nterface authentication-free
rule.
1.3.6.1.4.1.2011. userAuthen IpAddr read- This object indicates curr

5.2.1.68.1.5 ticationFree ess only the source IP address ent
RuleSourceI in an authentication-
P free rule.

5.2.1.68.1.6 ticationFree ess only the source IP address ent
RuleSourceI mask in an
PMask authentication-free
rule.
1.3.6.1.4.1.2011. userAuthen MacAd read- This object indicates curr

5.2.1.68.1.7 ticationFree dress only the source MAC ent
RuleSource address in an
Mac authentication-free
rule.

5.2.1.68.1.8 ticationFree 32 only the destination mode ent
RuleDestina in an authentication-
tionMode free rule.

Switches

Name mente us
d
Specifi
cation
s

5.2.1.68.1.9 ticationFree ess only the destination IP ent
RuleDestina address in an
tionIP authentication-free
rule.

5.2.1.68.1.10 ticationFree ess only the destination IP ent
RuleDestina address mask in an
tionIPMask authentication-free
rule.

5.2.1.68.1.11 ticationFree ER only the destination ent
RuleDestina protocol type in an
tionProtoco authentication-free
l rule.
1. tcp(1)
2. udp(2)
3. none(3)

5.2.1.68.1.12 ticationFree 32 only the destination port ent
RuleDestina number in an
tionPort authentication-free
rule.
NOTE
The return value -1 is
an invalid value.

5.2.1.68.1.14 ticationFree atus only the status of an ent
RuleExtRow authentication-free
Status rule expansion table.
None
None

Switches
None
Access Restriction
None
10.4.29 hwReAuthenUserTable
This table describes re-authentication information of a MAC address user or
802.1X user who has a specified MAC address.

Name mente us
d
Specifi
cation
s
1.3.6.1.4.1.2011. hwReAuthe MacAd read- This object indicates curr

5.2.1.73.1 nMacAddre dress write the MAC address of a ent
ss NOTE MAC user or 802.1X
Curre user who is re-
ntly, authenticated.
only
write If the MAC address is
is XX:XX:XX:XX:XX:XX,
suppo enter it in the format
rted. # 0xXX 0xXX 0xXX
0xXX 0xXX 0xXX.
Access Restriction
Currently, only write is supported.
10.4.30 hwAccessUserNumberTable
This table displays information related to the number of access users.

Switches

Name Access n

1.5.2.1.74.1.1 UserNumb indicates
erDot1x the
number of
802.1X
authentica
tion users.

erMAC the
number of
MAC
authentica
tion users.

erPortal the
number of
Portal
authentica
tion users.

erPPP the
number of
PPP
authentica
tion users.

erNone the
number of
pre-
connection
users.

erStatic the
number of
static
users.

Switches

Name Access n

erAdmin the
number of
managem
ent users.
Access Restriction
None.
10.5 Description of Alarm Objects

Switches
10.5.1 hwMacMovedQuietMaxUserAlarm
OID Object Binding Description Impl
Name Variable emen
ted
Specif
icatio
ns
1.3.6.1.4.1.2 hwMac ● hwMacMove The percentage of MAC This

011.5.2.2.2. MovedQ dQuietUserSp address migration users in objec
0.53 uietMax ec quiet state against the t is
UserAlar ● hwMacMove maximum number of users imple
m dUserPercent reaches the upper alarm ment
age threshold. ed as
defin
● hwLowerMac ed in
MovedUserPe the
rcentage corres
● hwUpperMac pondi
MovedUserPe ng
rcentage MIB
files.
10.5.2 hwMacMovedQuietUserClearAlarm
OID Object Binding Description Impl
Name Variable emen
ted
Specif
icatio
ns
1.3.6.1.4.1.2 hwMac ● hwMacMove The percentage of MAC This

011.5.2.2.2. MovedQ dQuietUserSp address migration users in objec
0.54 uietUser ec quiet state against the t is
ClearAla ● hwMacMove maximum number of users imple
rm dUserPercent decreases to be equal to or ment
age smaller than the lower ed as
alarm threshold. defin
● hwLowerMac ed in
MovedUserPe the
rcentage corres
● hwUpperMac pondi
MovedUserPe ng
rcentage MIB
files.

Switches
10.6 Unsupported Objects

The functions corresponding to the following objects are not supported on the
device. Do not use these MIB objects to maintain the device.
Table 10-1 List of unsupported objects

Object ID Object Name Table
1.3.6.1.4.1.2011.5.2.1.13.1.3 hwGlobalAuthEven- hwAAASetting

7 tAuthFailResponseFail

8 tAuthFailVlan
1.3.6.1.4.1.2011.5.2.1.13.1.3 hwGlobalAuthEventAu- hwAAASetting

9 thenServerDownRes-
ponseFail

0 thenServerDownVlan
1.3.6.1.4.1.2011.5.2.1.13.1.4 hwGlobalAuthEvent- hwAAASetting

1 ClientNoResponseVlan

2 PreAuthVlan

3 tAuthFailUserGroup

4 thenServerDownU-
serGroup

5 ClientNoResponseU-
serGroup

6 PreAuthUserGroup
1.3.6.1.4.1.2011.5.2.1.1.1.4 hwAuthenFailPolicy hwAuthenSchemeTable
1.3.6.1.4.1.2011.5.2.1.1.1.5 hwAuthenFailDomain hwAuthenSchemeTable
1.3.6.1.4.1.2011.5.2.1.4.1.6 hwDomainAccessLimit- hwDomainTable

Num
1.3.6.1.4.1.2011.5.2.1.4.1.7 hwDomainIfSrcRoute hwDomainTable
1.3.6.1.4.1.2011.5.2.1.4.1.8 hwDomainNextHopIP hwDomainTable
1.3.6.1.4.1.2011.5.2.1.4.1.9 hwDomainIdleCutTime hwDomainTable

Switches
1.3.6.1.4.1.2011.5.2.1.4.1.10 hwDomainIdleCutFlow hwDomainTable
1.3.6.1.4.1.2011.5.2.1.4.1.12 hwDomainType hwDomainTable
1.3.6.1.4.1.2011.5.2.1.5.1.1 hwDomainPPPURL hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.3 hwPriority hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.4 hwWebServerURL hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.5 hwIPPoolOneName hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.6 hwIPPoolTwoName hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.7 hwIPPoolThreeName hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.9 hwTwoLevelAcctRa- hwDomainExtTable

diusGroupName
1.3.6.1.4.1.2011.5.2.1.5.1.10 hwVPDNGroupIndex hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.11 hwUclIndex hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.12 hwIfPPPoeURL hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.13 hwUclGroupName hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.15 hwVpdnGroupName hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.16 hwDomainVrf hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.17 hwDomainGre hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.18 hwDomainRenewIPTag hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.19 hwPortalURL hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.20 hwPortalServerIP hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.21 hwRedirectTimesLimit hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.22 hwDot1xTemplate hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.23 hwWebServerIP hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.24 hwWebServerMode hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.25 hwPoolWarningThres- hwDomainExtTable

hold
1.3.6.1.4.1.2011.5.2.1.5.1.27 hwServicePolicyName hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.28 hwCopsGroupSSGType hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.30 hwNtvUserProfileName hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.31 hwDomainQoSProfile hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.32 hwDomainZone hwDomainExtTable

Switches
1.3.6.1.4.1.2011.5.2.1.5.1.33 hwIfL2tpRadiusForce hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.34 hwDownPriority hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.35 hwPPPForceAuthtype hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.36 hwDnsIPAddress hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.37 hwAdminUserPriority hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.38 hwShapingTemplate hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.39 hwDomainDPIPolicy- hwDomainExtTable

Name
1.3.6.1.4.1.2011.5.2.1.5.1.40 hwCopsGroupSIGType hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.41 hwCopsGroupCIPNType hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.43 hwPCReduceCir hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.44 hwValAcctType hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.45 hwValRadiusServer hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.46 hwValCopsServer hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.47 hwPCReducePir hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.48 hwDomainInboundL2tp hwDomainExtTable

QoSProfile
1.3.6.1.4.1.2011.5.2.1.5.1.49 hwDomainOutboundL2 hwDomainExtTable

tpQoSProfile
1.3.6.1.4.1.2011.5.2.1.5.1.50 hwIfMulticastForward hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.51 hwMulticastVirtual- hwDomainExtTable

SchedulRezCir
1.3.6.1.4.1.2011.5.2.1.5.1.52 hwMulticastVirtual- hwDomainExtTable

SchedulRezPir
1.3.6.1.4.1.2011.5.2.1.5.1.53 hwMaxMulticastList- hwDomainExtTable

Num
1.3.6.1.4.1.2011.5.2.1.5.1.54 hwMultiProfile hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.5.1.55 hwDomainServiceType hwDomainExtTable
1.3.6.1.4.1.2011.5.2.1.6.1.1 hwDomainAccessed- hwDomainStatTable

Num
1.3.6.1.4.1.2011.5.2.1.6.1.2 hwDomainOnlineNum hwDomainStatTable
1.3.6.1.4.1.2011.5.2.1.6.1.3 hwDomainOnlinePP- hwDomainStatTable

PUser

Switches
1.3.6.1.4.1.2011.5.2.1.6.1.4 hwDomainFlowDnByte hwDomainStatTable
1.3.6.1.4.1.2011.5.2.1.6.1.5 hwDomainFlowDnPkt hwDomainStatTable
1.3.6.1.4.1.2011.5.2.1.6.1.6 hwDomainFlowUpByte hwDomainStatTable
1.3.6.1.4.1.2011.5.2.1.6.1.7 hwDomainFlowUpPkt hwDomainStatTable
1.3.6.1.4.1.2011.5.2.1.6.1.8 hwDomainIPTotalNum hwDomainStatTable
1.3.6.1.4.1.2011.5.2.1.6.1.9 hwDomainIPUsedNum hwDomainStatTable
1.3.6.1.4.1.2011.5.2.1.6.1.10 hwDomainIPConflict- hwDomainStatTable

Num
1.3.6.1.4.1.2011.5.2.1.6.1.11 hwDomainIPExclude- hwDomainStatTable

Num
1.3.6.1.4.1.2011.5.2.1.6.1.12 hwDomainIPIdleNum hwDomainStatTable
1.3.6.1.4.1.2011.5.2.1.6.1.13 hwDomainIPUsedPer- hwDomainStatTable

cent
1.3.6.1.4.1.2011.5.2.1.10.1.6 hwQosProfileName hwLocalUserTable
1.3.6.1.4.1.2011.5.2.1.10.1.1 hwLocalUserIpAddress hwLocalUserTable

3
1.3.6.1.4.1.2011.5.2.1.10.1.1 hwLocalUserVpnIn- hwLocalUserTable

4 stance
1.3.6.1.4.1.2011.5.2.1.10.1.1 hwLocalUserPasswor- hwLocalUserTable

6 dLifetimeMin
1.3.6.1.4.1.2011.5.2.1.10.1.1 hwLocalUserPasswor- hwLocalUserTable

7 dLifetimeMax
1.3.6.1.4.1.2011.5.2.1.11.1.3 hwLocalUserNoCall- hwLocalUserExtTable

BackVerify
1.3.6.1.4.1.2011.5.2.1.11.1.4 hwLocalUserCallBack- hwLocalUserExtTable

DialStr
1.3.6.1.4.1.2011.5.2.1.11.1.5 hwLocalUserBlockFail- hwLocalUserExtTable

Times
1.3.6.1.4.1.2011.5.2.1.11.1.6 hwLocalUserBlockIn- hwLocalUserExtTable

terval
1.3.6.1.4.1.2011.5.2.1.11.1.1 hwLocalUserRole hwLocalUserExtTable

4
1.3.6.1.4.1.2011.5.2.1.13.1.1 hwRoamChar Single object
1.3.6.1.4.1.2011.5.2.1.13.1.2 hwGlobalControl Single object
1.3.6.1.4.1.2011.5.2.1.13.1.3 hwSystemRecord Single object

Switches
1.3.6.1.4.1.2011.5.2.1.13.1.4 hwOutboundRecord Single object
1.3.6.1.4.1.2011.5.2.1.13.1.5 hwCmdRecord Single object
1.3.6.1.4.1.2011.5.2.1.13.1.6 hwPPPUserOfflineStan- Single object

dardize
1.3.6.1.4.1.2011.5.2.1.13.1.9 hwAccessSpeedNumber Single object
1.3.6.1.4.1.2011.5.2.1.13.1.1 hwAccessSpeedPeriod Single object

0
1.3.6.1.4.1.2011.5.2.1.13.1.1 hwRealmNameChar Single object

1
1.3.6.1.4.1.2011.5.2.1.13.1.1 hwRealmParseDirection Single object

2
1.3.6.1.4.1.2011.5.2.1.13.1.1 hwIPOXpassword Single object

4
1.3.6.1.4.1.2011.5.2.1.13.1.1 hwAccessDelayTransi- Single object

6 tionStep
1.3.6.1.4.1.2011.5.2.1.13.1.1 hwAccessDelayTime Single object

7
1.3.6.1.4.1.2011.5.2.1.13.1.1 hwAccessDelayMin- Single object

8 Time
1.3.6.1.4.1.2011.5.2.1.13.1.1 hwParsePriority Single object

9
1.3.6.1.4.1.2011.5.2.1.13.1.2 hwRealmNameLoca- Single object

0 tion
1.3.6.1.4.1.2011.5.2.1.13.1.2 hwIPOXUsernameOp- Single object

1 tion82
1.3.6.1.4.1.2011.5.2.1.13.1.2 hwIPOXUsernameIP Single object

2
1.3.6.1.4.1.2011.5.2.1.13.1.2 hwIPOXUsernameSys- Single object

3 name
1.3.6.1.4.1.2011.5.2.1.13.1.2 hwIPOXUsernameMAC Single object

4
1.3.6.1.4.1.2011.5.2.1.13.1.2 hwDefaultUserName Single object

5
1.3.6.1.4.1.2011.5.2.1.14.1.1 hwTotalOnlineNum hwAAAStat
1.3.6.1.4.1.2011.5.2.1.14.1.2 hwTotalPPPoeOnline- hwAAAStat

Num

Switches
1.3.6.1.4.1.2011.5.2.1.14.1.3 hwTotalPPPoAOnline- hwAAAStat

Num
1.3.6.1.4.1.2011.5.2.1.14.1.4 hwTotalftpOnlineNum hwAAAStat
1.3.6.1.4.1.2011.5.2.1.14.1.5 hwTotalsshOnlineNum hwAAAStat
1.3.6.1.4.1.2011.5.2.1.14.1.6 hwTotaltelnetOnline- hwAAAStat

Num
1.3.6.1.4.1.2011.5.2.1.14.1.7 hwTotalVLANOnline- hwAAAStat

Num
1.3.6.1.4.1.2011.5.2.1.14.1.8 hwHistoricMaxOnline- hwAAAStat

Num
1.3.6.1.4.1.2011.5.2.1.14.1.9 hwResetHistoricMax- hwAAAStat

OnlineNum
1.3.6.1.4.1.2011.5.2.1.14.1.1 hwResetOfflineReason- hwAAAStat

0 Statistic
1.3.6.1.4.1.2011.5.2.1.14.1.1 hwResetOnlineFailRea- hwAAAStat

1 sonStatistic
1.3.6.1.4.1.2011.5.2.1.15.1.5 hwAccessPortType hwAccessTable
1.3.6.1.4.1.2011.5.2.1.15.1.6 hwAccessPriority hwAccessTable
1.3.6.1.4.1.2011.5.2.1.15.1.9 hwAccessSubSlotNo hwAccessTable
1.3.6.1.4.1.2011.5.2.1.15.1.1 hwAccessPortNo hwAccessTable

0
1.3.6.1.4.1.2011.5.2.1.15.1.1 hwAccessPVC hwAccessTable

2
1.3.6.1.4.1.2011.5.2.1.15.1.1 hwAccessAcctMethod hwAccessTable

4
1.3.6.1.4.1.2011.5.2.1.15.1.1 hwAccessVRF hwAccessTable

6
1.3.6.1.4.1.2011.5.2.1.15.1.1 hwAccessIfIdleCut hwAccessTable

8
1.3.6.1.4.1.2011.5.2.1.15.1.1 hwAccessIdleCutTime hwAccessTable

9
1.3.6.1.4.1.2011.5.2.1.15.1.2 hwAccessIdleCutFlow hwAccessTable

0
1.3.6.1.4.1.2011.5.2.1.15.1.2 hwAccessTimeLimit hwAccessTable

1
1.3.6.1.4.1.2011.5.2.1.15.1.2 hwAccessTotalFlow64Li hwAccessTable

2 mit

Switches
1.3.6.1.4.1.2011.5.2.1.15.1.2 hwAccessCARIfUpAc- hwAccessTable

7 tive
1.3.6.1.4.1.2011.5.2.1.15.1.3 hwAccessCARIfDnAc- hwAccessTable

1 tive
1.3.6.1.4.1.2011.5.2.1.15.1.5 hwAccessDownPriority hwAccessTable

3
1.3.6.1.4.1.2011.5.2.1.15.1.5 hwAccessQosProfile hwAccessTable

6
1.3.6.1.4.1.2011.5.2.1.15.1.5 hwAccessIPv6IFID hwAccessTable

8
1.3.6.1.4.1.2011.5.2.1.15.1.5 hwAccessIPv6WanAddr hwAccessTable

9 ess
1.3.6.1.4.1.2011.5.2.1.15.1.6 hwAccessIPv6WanPrefi hwAccessTable

0 x
1.3.6.1.4.1.2011.5.2.1.15.1.6 hwAccessIPv6LanPrefix hwAccessTable

1
1.3.6.1.4.1.2011.5.2.1.15.1.6 hwAccessIPv6LanPrefix hwAccessTable

2 Len
1.3.6.1.4.1.2011.5.2.1.15.1.6 hwAccessBasicIPType hwAccessTable

3
1.3.6.1.4.1.2011.5.2.1.15.1.6 hwAccessIPv6WaitDela hwAccessTable

4 y
1.3.6.1.4.1.2011.5.2.1.15.1.6 hwAccessIPv6Managed hwAccessTable

5 AddressFlag
1.3.6.1.4.1.2011.5.2.1.15.1.6 hwAccessIPv6CPIFIDAv hwAccessTable

6 ailable
1.3.6.1.4.1.2011.5.2.1.15.1.6 hwAccessIPv6OtherFlag hwAccessTable

7
1.3.6.1.4.1.2011.5.2.1.15.1.6 hwAccessIPv6CPAssignI hwAccessTable

8 FID
1.3.6.1.4.1.2011.5.2.1.15.1.6 hwAccessLineID hwAccessTable

9
1.3.6.1.4.1.2011.5.2.1.15.1.7 hwAccessIPv6UpFlow64 hwAccessTable

0
1.3.6.1.4.1.2011.5.2.1.15.1.7 hwAccessIPv6DnFlow6 hwAccessTable

1 4
1.3.6.1.4.1.2011.5.2.1.15.1.7 hwAccessIPv6UpPacket hwAccessTable

2 64

Switches
1.3.6.1.4.1.2011.5.2.1.15.1.7 hwAccessIPv6DnPacket hwAccessTable

3 64
1.3.6.1.4.1.2011.5.2.1.16.1.2 hwAccessUCLGroup hwAccessExtTable
1.3.6.1.4.1.2011.5.2.1.16.1.4 hwAuthenticationState hwAccessExtTable
1.3.6.1.4.1.2011.5.2.1.16.1.5 hwAuthorizationState hwAccessExtTable
1.3.6.1.4.1.2011.5.2.1.16.1.6 hwAccountingState hwAccessExtTable
1.3.6.1.4.1.2011.5.2.1.16.1.7 hwAccessDomainName hwAccessExtTable
1.3.6.1.4.1.2011.5.2.1.16.1.8 hwIdleTimeLength hwAccessExtTable
1.3.6.1.4.1.2011.5.2.1.16.1.9 hwAcctSessionID hwAccessExtTable
1.3.6.1.4.1.2011.5.2.1.16.1.1 hwAccessStartAcctTime hwAccessExtTable

0
1.3.6.1.4.1.2011.5.2.1.16.1.1 hwAccessNormalSer- hwAccessExtTable

1 verGroup
1.3.6.1.4.1.2011.5.2.1.16.1.1 hwAccessDomainAcct- hwAccessExtTable

2 CopySeverGroup
1.3.6.1.4.1.2011.5.2.1.16.1.1 hwAccessPVlanAcctCo- hwAccessExtTable

3 pyServerGroup
1.3.6.1.4.1.2011.5.2.1.16.1.1 hwAccessActionFlag hwAccessExtTable

5
1.3.6.1.4.1.2011.5.2.1.16.1.1 hwAccessAuthtype hwAccessExtTable

6
1.3.6.1.4.1.2011.5.2.1.16.1.2 hwAccessAuthorizetype hwAccessExtTable

6
1.3.6.1.4.1.2011.5.2.1.19.1.4 hwStartFailOnlineIf- hwAcctSchemeExtTable

SendInterim
1.3.6.1.4.1.2011.5.2.1.21 hwBillPoolTable Single object
1.3.6.1.4.1.2011.5.2.1.21.1 hwBillsPoolVolume Single object
1.3.6.1.4.1.2011.5.2.1.21.2 hwBillsPoolNum Single object
1.3.6.1.4.1.2011.5.2.1.21.3 hwBillsPoolAlarmThres- Single object

hold
1.3.6.1.4.1.2011.5.2.1.21.4 hwBillsPoolBackup- Single object

Mode
1.3.6.1.4.1.2011.5.2.1.21.5 hwBillsPoolBackupIn- Single object

terval
1.3.6.1.4.1.2011.5.2.1.21.6 hwBillsPoolBackupNow Single object

Switches
1.3.6.1.4.1.2011.5.2.1.21.7 hwBillsPoolReset Single object
1.3.6.1.4.1.2011.5.2.1.22 hwBillTFTPTable Single object
1.3.6.1.4.1.2011.5.2.1.22.1 hwBillsTFTPSrvIP Single object
1.3.6.1.4.1.2011.5.2.1.22.2 hwBillsTFTPMainFile- Single object

Name
1.3.6.1.4.1.2011.5.2.1.25 hwUclGrpTable hwUclGrpTable
1.3.6.1.4.1.2011.5.2.1.25.1.1 hwUclGrpName hwUclGrpTable
1.3.6.1.4.1.2011.5.2.1.25.1.2 hwUclGrpRowStatus hwUclGrpTable
1.3.6.1.4.1.2011.5.2.1.27 hwIPAccessTable hwIPAccessTable
1.3.6.1.4.1.2011.5.2.1.27.1.1 hwIPAccessIPaddress hwIPAccessTable
1.3.6.1.4.1.2011.5.2.1.27.1.2 hwIPAccessCID hwIPAccessTable
1.3.6.1.4.1.2011.5.2.1.27.1.3 hwIPAccessVRF hwIPAccessTable
1.3.6.1.4.1.2011.5.2.1.28.5 hwCutUserName Single object
1.3.6.1.4.1.2011.5.2.1.28.6 hwCutUserAttri Single object
1.3.6.1.4.1.2011.5.2.1.28.8 hwCutIPPoolName Single object
1.3.6.1.4.1.2011.5.2.1.28.9 hwCutIfIndex Single object
1.3.6.1.4.1.2011.5.2.1.28.10 hwCutVlanID Single object
1.3.6.1.4.1.2011.5.2.1.28.11 hwCutVPI Single object
1.3.6.1.4.1.2011.5.2.1.28.12 hwCutVCI Single object
1.3.6.1.4.1.2011.5.2.1.28.13 hwCutVRF Single object
1.3.6.1.4.1.2011.5.2.1.29 hwAAACallRate Single object
1.3.6.1.4.1.2011.5.2.1.29.1 hwAAAUserPPP Single object
1.3.6.1.4.1.2011.5.2.1.29.1.1 hwTotalConnectNum Single object
1.3.6.1.4.1.2011.5.2.1.29.1.2 hwTotalSuccessNum Single object
1.3.6.1.4.1.2011.5.2.1.29.1.3 hwTotalLCPFailNum Single object
1.3.6.1.4.1.2011.5.2.1.29.1.4 hwTotalAuthenFailNum Single object
1.3.6.1.4.1.2011.5.2.1.29.1.5 hwTotalNCPFailNum Single object
1.3.6.1.4.1.2011.5.2.1.29.1.6 hwTotalIPAllocFailNum Single object
1.3.6.1.4.1.2011.5.2.1.29.1.7 hwTotalOtherPPPFail- Single object

Num

Switches
1.3.6.1.4.1.2011.5.2.1.29.2 hwAAAUserWeband- Single object

Fast
1.3.6.1.4.1.2011.5.2.1.29.2.1 hwTotalWebConnect- Single object

Num
1.3.6.1.4.1.2011.5.2.1.29.2.2 hwTotalSuccessWeb- Single object

ConnectNum
1.3.6.1.4.1.2011.5.2.1.29.3 hwAAAUserDot1X Single object
1.3.6.1.4.1.2011.5.2.1.29.3.1 hwTotalDot1XConnect Single object

Num
1.3.6.1.4.1.2011.5.2.1.29.3.2 hwTotalSuccessDot1XC Single object

onnectNum
1.3.6.1.4.1.2011.5.2.1.29.4 hwAAAUserBind Single object
1.3.6.1.4.1.2011.5.2.1.29.4.1 hwTotalBindConnect- Single object

Num
1.3.6.1.4.1.2011.5.2.1.29.4.2 hwTotalSuccessBind- Single object

ConnectNum
1.3.6.1.4.1.2011.5.2.1.31 hwMACAccessTable table
1.3.6.1.4.1.2011.5.2.1.31.1.1 hwMACAccessMACAd- hwMACAccessTable

dress
1.3.6.1.4.1.2011.5.2.1.31.1.2 hwMACAccessCID hwMACAccessTable
1.3.6.1.4.1.2011.5.2.1.32 hwSlotConnectNumTa- table

ble
1.3.6.1.4.1.2011.5.2.1.32.1.1 hwSlotConnectNum- hwSlotConnectNumTable

Slot
1.3.6.1.4.1.2011.5.2.1.32.1.2 hwSlotConnectNu- hwSlotConnectNumTable

mOnlineNum
1.3.6.1.4.1.2011.5.2.1.35 hwMulticastListTable table
1.3.6.1.4.1.2011.5.2.1.35.1.1 hwMulticastListIndex hwMulticastListTable
1.3.6.1.4.1.2011.5.2.1.35.1.2 hwMulticastListName hwMulticastListTable
1.3.6.1.4.1.2011.5.2.1.35.1.3 hwMulticastListSour- hwMulticastListTable

ceIp
1.3.6.1.4.1.2011.5.2.1.35.1.4 hwMulticastListSour- hwMulticastListTable

ceIpMask
1.3.6.1.4.1.2011.5.2.1.35.1.5 hwMulticastListGroupIp hwMulticastListTable
1.3.6.1.4.1.2011.5.2.1.35.1.6 hwMulticastListGrou- hwMulticastListTable

pIpMask

Switches
1.3.6.1.4.1.2011.5.2.1.35.1.7 hwMulticastListVpnIn- hwMulticastListTable

stance
1.3.6.1.4.1.2011.5.2.1.35.1.8 hwMulticastListRow- hwMulticastListTable

Status
1.3.6.1.4.1.2011.5.2.1.36 hwMulticastProfileTa- table

ble
1.3.6.1.4.1.2011.5.2.1.36.1.1 hwMulticastProfileIn- hwMulticastProfileTable

dex
1.3.6.1.4.1.2011.5.2.1.36.1.2 hwMulticastProfile- hwMulticastProfileTable

Name
1.3.6.1.4.1.2011.5.2.1.36.1.3 hwMulticastProfileR- hwMulticastProfileTable

owStatus
1.3.6.1.4.1.2011.5.2.1.37 hwMulticastProfileExt- table

Table
1.3.6.1.4.1.2011.5.2.1.37.1.1 hwMulticastListBind- hwMulticastProfileExtTa-

Name ble
1.3.6.1.4.1.2011.5.2.1.37.1.2 hwMulticastProfileEx- hwMulticastProfileExtTa-

tRowStatus ble
1.3.6.1.4.1.2011.5.2.1.38.1.1 hwServiceSchemeNex- hwServiceSchemeTable

1 tHopIp
1.3.6.1.4.1.2011.5.2.1.38.1.1 hwServiceSchemeUser- hwServiceSchemeTable

2 Priority
1.3.6.1.4.1.2011.5.2.1.38.1.1 hwServiceSchemeIdle- hwServiceSchemeTable

3 CutTime
1.3.6.1.4.1.2011.5.2.1.38.1.1 hwServiceSchemeIdle- hwServiceSchemeTable

4 CutFlow
1.3.6.1.4.1.2011.5.2.1.51.1.4 hwQoSProfileName hwUserGroupTable
1.3.6.1.4.1.2011.5.2.1.51.1.5 hwInterIsolateFlag hwUserGroupTable
1.3.6.1.4.1.2011.5.2.1.51.1.6 hwInnerIsolateFlag hwUserGroupTable
1.3.6.1.4.1.2011.5.2.1.51.1.1 hwExpRemark hwUserGroupTable

1
1.3.6.1.4.1.2011.5.2.1.51.1.1 hwLpRemark hwUserGroupTable

2
1.3.6.1.4.1.2011.5.2.1.51.1.2 hwUserGroupUserVlan- hwUserGroupTable

2 Pool

Switches
1.3.6.1.4.1.2011.5.2.1.62.1.7 userAuthenProfile- userAuthenProfileTable

PreAuthenUserGroup-
Name
1.3.6.1.4.1.2011.5.2.1.62.1.1 userAuthenProfileAu- userAuthenProfileTable

0 thenFailAuthorUser-
GroupName

3 thenServerDownUser-
GroupName
1.3.6.1.4.1.2011.5.2.1.62.1.1 userAuthenProfileMa- userAuthenProfileTable

7 cAuthenFirst

6 thenSchemeName

7 thorSchemeName
1.3.6.1.4.1.2011.5.2.1.62.1.3 userAuthenProfileAcct- userAuthenProfileTable

8 SchemeName
1.3.6.1.4.1.2011.5.2.1.62.1.3 userAuthenProfileServi- userAuthenProfileTable

9 ceSchemeName
1.3.6.1.4.1.2011.5.2.1.62.1.4 userAuthenProfileUser- userAuthenProfileTable

0 GroupName
1.3.6.1.4.1.2011.5.2.1.62.1.4 userAuthenProfileRa- userAuthenProfileTable

1 diusServerName
1.3.6.1.4.1.2011.5.2.1.62.1.4 userAuthenProfileHw- userAuthenProfileTable

2 tacacsServerName
1.3.6.1.4.1.2011.5.2.1.63.1.3 userAuthentication- userAuthentication-

FreeRuleIPv6ACLNumb FreeRuleTable
er
1.3.6.1.4.1.2011.5.2.1.64.1.1 hwDot1xAccessProfileT hwDot1xAccessProfileTa-

6 xPeriod ble
1.3.6.1.4.1.2011.5.2.1.64.1.2 hwDot1xAccessProfileU hwDot1xAccessProfileTa-

1 RL ble
1.3.6.1.4.1.2011.5.2.1.65.1.4 hwMACAuthenAcces- hwMACAuthenAcces-

sProfileServerTimeout sProfileTable

sProfileUserNameDHC- sProfileTable
POption

Switches

0 sProfileUserNameDHC- sProfileTable
POSubOption
1.3.6.1.4.1.2011.5.2.1.66.1.6 hwPortalAccessProfi- hwPortalAccessProfileTa-

leAlarmUserLowNum ble
1.3.6.1.4.1.2011.5.2.1.66.1.7 hwPortalAccessProfi- hwPortalAccessProfileTa-

leAlarmUserHighNum ble
1.3.6.1.4.1.2011.5.2.1.68.1.1 userAuthentication- userAuthentication-

3 FreeRuleDestinationU- FreeRuleExtTable
serGroup
1.3.6.1.4.1.2011.5.2.2 hwAAAMibTrap Single object
1.3.6.1.4.1.2011.5.2.2.1 hwAAATrapOid Single object
1.3.6.1.4.1.2011.5.2.2.1.1 hwDomainIndex Single object
1.3.6.1.4.1.2011.5.2.2.1.2 hwHdFreeamount Single object
1.3.6.1.4.1.2011.5.2.2.1.3 hwHdWarningThres- Single object

hold
1.3.6.1.4.1.2011.5.2.2.1.4 hwUserSlot Single object
1.3.6.1.4.1.2011.5.2.2.1.5 hwUserSlotMaxNum- Single object

Threshold
1.3.6.1.4.1.2011.5.2.2.1.6 hwOnlineUserNum- Single object

Threshold
1.3.6.1.4.1.2011.5.2.2.1.32 hwMacMovedQuietU- Alarm object

serSpec
1.3.6.1.4.1.2011.5.2.2.1.33 hwMacMovedUserPer- Alarm object

centage
1.3.6.1.4.1.2011.5.2.2.1.34 hwLowerMacMovedU- Alarm object

serPercentage
1.3.6.1.4.1.2011.5.2.2.1.35 hwUpperMacMovedU- Alarm object

serPercentage
1.3.6.1.4.1.2011.5.2.2.2 hwAAATrapsDefine Single object
1.3.6.1.4.1.2011.5.2.2.2.0 hwAAATraps Single object
1.3.6.1.4.1.2011.5.2.2.2.0.1 hwUserIPAllocAlarm Alarm object
1.3.6.1.4.1.2011.5.2.2.2.0.2 hwUserSlotMaxNum Alarm object
1.3.6.1.4.1.2011.5.2.2.2.0.3 hwOnlineUserNumA- Alarm object

larm

Switches
1.3.6.1.4.1.2011.5.2.2.2.0.4 hwSetUserQosProfile- Alarm object

Fail
1.3.6.1.4.1.2011.5.2.2.3 hwLAMTrapsDefine Single object
1.3.6.1.4.1.2011.5.2.2.3.0 hwLAMTraps Single object
1.3.6.1.4.1.2011.5.2.2.3.0.1 hwHarddiskoverflow Alarm object
1.3.6.1.4.1.2011.5.2.2.3.0.2 hwHarddiskReach- Alarm object

Threshold
1.3.6.1.4.1.2011.5.2.2.3.0.3 hwHarddiskOK Alarm object
1.3.6.1.4.1.2011.5.2.2.3.0.4 hwCachetoFTPFail Alarm object
1.3.6.1.4.1.2011.5.2.2.3.0.5 hwHDtoFTPFail Alarm object
1.3.6.1.4.1.2011.5.2.5 hwAaaConformance Single object
1.3.6.1.4.1.2011.5.2.5.1 hwAaaCompliances Single object
1.3.6.1.4.1.2011.5.2.5.2 hwAaaObjectGroups Single object
1.3.6.1.4.1.2011.5.2.1.56 hwWlanInterfaceTable hwWlanInterfaceTable
1.3.6.1.4.1.2011.5.2.1.56.1 hwWlanInterfaceEntry hwWlanInterfaceTable
1.3.6.1.4.1.2011.5.2.1.56.1.1 hwWlanInterfaceIndex hwWlanInterfaceTable
1.3.6.1.4.1.2011.5.2.1.56.1.2 hwWlanInterfaceName hwWlanInterfaceTable
1.3.6.1.4.1.2011.5.2.1.56.1.3 hwWlanInterfaceDo- hwWlanInterfaceTable

mainNameDelimiter

mainNameSecurityDe-
limiter

mainNameParseDirec-
tion

mainNameLocation
1.3.6.1.4.1.2011.5.25.40.15. hwRadiusGlobalSet- hwRadiusGlobalSettingT-

1.18 tingTable able
1.3.6.1.4.1.2011.5.2.1.66.1.1 hwPortalAccessProfile- hwPortalAccessProfileTa-

7 WebProxyEnable ble
1.3.6.1.4.1.2011.5.2.1.66.1.1 hwPortalAccessProfile- hwPortalAccessProfileTa-

8 WebProxyPort ble

01 10 Huawei Aaa Mib

Uploaded by

Document Information

Copyright

Available Formats

Share this document

Share or Embed Document

Sharing Options

Did you find this document useful?

Is this content inappropriate?

Copyright:

Available Formats

01 10 Huawei Aaa Mib

Uploaded by

Copyright:

Available Formats

S1720, S2700, S5700, and S6720 Series Ethernet

About This Chapter

10.1 Functions Overview

10.1 Functions Overview

10.2 Relationships Between Tables

10.3 Description of Single Objects

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 253

10.4 Description of MIB Tables

OID Object Syntax Maximu Description Stat

1.3.6.1.4.1.2011.5 hwAuthenSc Display read- This object curre

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 254

OID Object Syntax Maximu Description Stat

1.3.6.1.4.1.2011.5 hwAuthenM Integer read- This object curre

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 255

OID Object Syntax Maximu Description Stat

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 256

OID Object Syntax Maximu Description Stat

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 257

OID Object Syntax Maximu Description Stat

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 258

OID Object Syntax Maximu Description Stat

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 259

OID Object Syntax Maximu Description Stat

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 260

OID Object Syntax Maximu Description Stat

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 261

OID Object Syntax Maximu Description Stat

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 262

OID Object Syntax Maximu Description Stat

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 263

OID Object Syntax Maximu Description Stat

1.3.6.1.4.1.2011.5 hwAuthenR RowSta read- This object curre

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 264

OID Object Syntax Maximu Description Status

1.3.6.1.4.1.20 hwAcctSc DisplayStrin read- This object curren

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 265

OID Object Syntax Maximu Description Status

1.3.6.1.4.1.20 hwAccM Integer read- This object curren

1.3.6.1.4.1.20 hwAcctSt Integer read- This object curren

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 266

OID Object Syntax Maximu Description Status

1.3.6.1.4.1.20 hwAcctO Integer read- This object curren

1.3.6.1.4.1.20 hwAccRe Integer32 read- This object curren

1.3.6.1.4.1.20 hwAcctR RowStatus read- This object curren

To delete the accounting scheme, unbind it from the domain first.

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 267

The hwAcctSchemeExtTable is an extended accounting scheme table. You can use

The index of this table is hwAcctSchemeName.

OID Object Syntax Maxim Description Stat

1.3.6.1.4.1.2011.5. hwIfRealtim TruthVa read- This object curre

1.3.6.1.4.1.2011.5. hwRealtimeF Integer( read- This object curre

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 268

OID Object Syntax Maximum Descriptio Status

1.3.6.1.4.1. hwAAAOffl Integer32 read-only Indicates current

1.3.6.1.4.1. hwOfflineR DisplayStri read-only This object current

1.3.6.1.4.1. hwOfflineR DisplayStri read-only This object current

1.3.6.1.4.1. hwOfflineR MacAddres read-only This object current

Issue 12 (2020-11-15) Copyright © Huawei Technologies Co., Ltd. 269

OID Object Syntax Maximum Descriptio Status

1.3.6.1.4.1. hwOfflineR DisplayStri read-only This object current

1.3.6.1.4.1. hwOfflineR DisplayStri read-only This object current

1.3.6.1.4.1. hwOfflineR Integer32 read-only This object current

1.3.6.1.4.1. hwOfflineR Integer32 read-only This object current

1.3.6.1.4.1. hwOfflineR IpAddress read-only This object current