July 10 2002 doc IEEE 802 1

July 10, 2002 doc. : IEEE 802. 1 -02/xxxr 0 Extensions to 802. 1 X MIB • Problem statement • Recommended solution • MIB text included in a separate submission document • Call to action Submission 1 David Nelson, Enterasys Networks

July 10, 2002 doc. : IEEE 802. 1 -02/xxxr 0 Extensions to 802. 1 X MIB • The tables having bearing on the supplicant are indexed by dot 1 XPae. Port. Number which is an Interface. Index value • This is practical for 802. 3 wired switches but less so for 802. 11 access points • Typically if. Number is static or pseudo-static • To keep track of the virtual PAE ports in an 802. 11 WLAN, it is desirable to have tables indexed by station address Submission 2 David Nelson, Enterasys Networks

July 10, 2002 doc. : IEEE 802. 1 -02/xxxr 0 Extensions to 802. 1 X MIB • Create a extensions MIB with separate tables for station based (i. e. virtual port based) information • Index these tables by station address (i. e. MAC address) • New conditionally mandatory groups to include: – – – Submission dot 1 x. Auth. Station. Group dot 1 x. Auth. Config. Group dot 1 x. Auth. Stats. Group dot 1 x. Auth. Diag. Group dot 1 x. Auth. Session. Stats. Group 3 David Nelson, Enterasys Networks

July 10, 2002 doc. : IEEE 802. 1 -02/xxxr 0 Extensions to 802. 1 X MIB • dot 1 x. Auth. Station. Group OBJECT-GROUP OBJECTS { edot 1 x. Auth. Station. Pae. Port, dot 1 x. Auth. Station. Pae. State, dot 1 x. Auth. Station. Backend. Auth. State, dot 1 x. Auth. Station. User. Name } STATUS current DESCRIPTION "A collection of objects providing basic status information about Authenticator PAEs running on ports that use stationbased access control. " : : = { dot 1 x. Groups 1 } Submission 4 David Nelson, Enterasys Networks

July 10, 2002 doc. : IEEE 802. 1 -02/xxxr 0 Extensions to 802. 1 X MIB • dot 1 x. Auth. Config. Group OBJECT-GROUP OBJECTS { dot 1 x. Auth. Initialize, Note: objects in red have MAX-ACCESS of read-write. dot 1 x. Auth. Reauthenticate, dot 1 x. Auth. Admin. Controlled. Directions, dot 1 x. Auth. Oper. Controlled. Directions, dot 1 x. Auth. Controlled. Port. Status, dot 1 x. Auth. Controlled. Port. Control, dot 1 x. Auth. Quiet. Period, dot 1 x. Auth. Tx. Period, dot 1 x. Auth. Supp. Timeout, dot 1 x. Auth. Server. Timeout, dot 1 x. Auth. Max. Req, dot 1 x. Auth. Re. Auth. Period, dot 1 x. Auth. Re. Auth. Enabled, dot 1 x. Auth. Key. Tx. Enabled } STATUS current DESCRIPTION "A collection of objects providing configuration information about Authenticator PAEs running on ports that use stationbased access control. " : : = { dot 1 x. Groups 2 } Submission 5 David Nelson, Enterasys Networks

July 10, 2002 doc. : IEEE 802. 1 -02/xxxr 0 Extensions to 802. 1 X MIB • dot 1 x. Auth. Stats. Group OBJECT-GROUP OBJECTS { dot 1 x. Auth. Eapol. Frames. Rx, dot 1 x. Auth. Eapol. Frames. Tx, dot 1 x. Auth. Eapol. Start. Frames. Rx, dot 1 x. Auth. Eapol. Logoff. Frames. Rx, dot 1 x. Auth. Eapol. Resp. Id. Frames. Rx, dot 1 x. Auth. Eapol. Resp. Frames. Rx, dot 1 x. Auth. Eapol. Req. Id. Frames. Tx, dot 1 x. Auth. Eapol. Req. Frames. Tx, dot 1 x. Auth. Invalid. Eapol. Frames. Rx, dot 1 x. Auth. Eap. Length. Error. Frames. Rx, dot 1 x. Auth. Last. Eapol. Frame. Version, dot 1 x. Auth. Last. Eapol. Frame. Source } STATUS current DESCRIPTION "A collection of objects providing statistics about Authenticator PAEs running on ports that use stationbased access control. " : : = { dot 1 x. Groups 3 } Submission 6 David Nelson, Enterasys Networks

July 10, 2002 doc. : IEEE 802. 1 -02/xxxr 0 Extensions to 802. 1 X MIB • dot 1 x. Auth. Diag. Group OBJECT-GROUP OBJECTS { dot 1 x. Auth. Enters. Connecting, dot 1 x. Auth. Eap. Logoffs. While. Connecting, dot 1 x. Auth. Enters. Authenticating, dot 1 x. Auth. Success. While. Authenticating, dot 1 x. Auth. Timeouts. While. Authenticating, dot 1 x. Auth. Fail. While. Authenticating, dot 1 x. Auth. Reauths. While. Authenticating, dot 1 x. Auth. Eap. Starts. While. Authenticating, dot 1 x. Auth. Eap. Logoff. While. Authenticating, dot 1 x. Auth. Reauths. While. Authenticated, dot 1 x. Auth. Eap. Starts. While. Authenticated, dot 1 x. Auth. Eap. Logoff. While. Authenticated, dot 1 x. Auth. Backend. Responses, dot 1 x. Auth. Backend. Access. Challenges, dot 1 x. Auth. Backend. Other. Requests. To. Supplicant, dot 1 x. Auth. Backend. Non. Nak. Responses. From. Supplicant, dot 1 x. Auth. Backend. Auth. Successes, dot 1 x. Auth. Backend. Auth. Fails } STATUS current DESCRIPTION "A collection of objects providing diagnostic statistics about Authenticator PAEs running on ports that use stationbased access control. " : : = { dot 1 x. Groups 4 } Submission 7 David Nelson, Enterasys Networks

July 10, 2002 doc. : IEEE 802. 1 -02/xxxr 0 Extensions to 802. 1 X MIB • dot 1 x. Auth. Session. Stats. Group OBJECT-GROUP OBJECTS { dot 1 x. Auth. Session. Octets. Rx, dot 1 x. Auth. Session. Octets. Tx, dot 1 x. Auth. Session. Frames. Rx, dot 1 x. Auth. Session. Frames. Tx, dot 1 x. Auth. Session. Id, dot 1 x. Auth. Session. Authentic. Method, dot 1 x. Auth. Session. Time, dot 1 x. Auth. Session. Terminate. Cause } STATUS current DESCRIPTION "A collection of objects providing statistics about the current or last sessions for Authenticator PAEs running on ports that use station-based access control. " : : = { dot 1 x. Groups 5 } Submission 8 David Nelson, Enterasys Networks

July 10, 2002 doc. : IEEE 802. 1 -02/xxxr 0 Extensions to 802. 1 X MIB • Call to action • Is this an architecturally acceptable approach? • Can this MIB Extension be considered for inclusion in the next draft of 802. 1 aa? Submission 9 David Nelson, Enterasys Networks