Security MIB (ap-security.mib)
The following table describes the SNMP GET query names for the Security MIB (ap-security.mib).
The apSecurityMIBObjects object has the OID 1.3.6.1.4.1.9148.3.9.1.
| SNMP GET Query Name | Object ID: 1.3.6.1.4.1.9148.3.9.1 + | Description |
|---|---|---|
| apSecurityOCSRIpAddress | .5 | OCSR server IP Address |
| apSecurityOCSRHostname | .6 | OCSR server hostname |
The apSecurityTacacsTable object has the OID 1.3.6.1.4.1.9148.3.9.1.4, and the apSecurityTacacsEntry object has the 1.3.6.1.4.1.9148.3.9.1.4.1.
| SNMP GET Query Name | Object ID: 1.3.6.1.4.1.9148.3.9.1.4.1+ | Description |
|---|---|---|
| apSecurityTacacsCliCommands | .3 | Number of CLI commands sent for TACACS+ accounting |
| apSecurityTacacsSuccessAuthentication | .4 | Number of successful TACACS+ authentication requests |
| apSecurityTacacsFailureAuthentication | .5 | Number of failed TACACS+ authentication requests |
| apSecurityTacacsSuccessAuthorization | .6 | Number of successful TACACS+ authorization requests |
| apSecurityTacacsFailureAuthorization | .7 | Number of failed TACACS+ authorization requests |
apSecurityCertificateTable
This table, found in the ap-security.mib, provides information about installed security certificates and their expiration. It conveys the same information displayed in the show security certificates command.
| MIB Object | Object ID: 1.3.6.1.4.1.9148.3.9.1.10 + | Description |
|---|---|---|
| apSecurityCertificateEntry | .1 | The certificate entry. |
| apSecurityCertificateConfigId | .1.1 | The internal configuration ID of the certificate. |
| apSecurityCertificateIndex | .1.2 | The internal index of the certificate. Combined with configuration ID is the unique ID of a certificate. |
| apSecurityCertificateRecordName | .1.3 | The SBC's configuration record name for the certificate. |
| apSecurityCertificateCertSubject | .1.4 | The security certificate subject. |
| apSecurityCertificateCertStart | .1.5 | The start time and date of the security certificate. |
| apSecurityCertificateCertExpire | .1.6 | The expiration time and date of the security certificate. |
| apSecurityCertificateCertIssuer | .1.7 | The issuer of the security certificate. |
| apSecurityCertificateCertIsCA | .1.8 | Boolean value indicating if the certificate is a CA certificate. |
To fully identify an object you may need to access, you may need to consider two additional values that extend after the OIDs listed in the table above. To fully understand this detail, consider that the apSecurityCertificateTable has two indices:
- apSecurityCertificateConfigId (1.3.6.1.4.1.9148.3.9.1.10.1.1)
- apSecurityCertificateIndex (1.3.6.1.4.1.9148.3.9.1.10.1.2)
The combination of these two uniquely identify a certificate. Any instance of the tabular objects of this table, however, would have two additional numbers included the end of its OID.
Take the example of apSecurityCertificateCertSubject (1.3.6.1.4.1.9148.3.9.1.10.1.4). A possible OID of an instance could be 1.3.6.1.4.1.9148.3.9.1.10.1.4.18.3. In this example:
- 1.3.6.1.4.1.9148.3.9.1.10.1.4 is apSecurityCertificateCertSubject
- 18 would be the apSecurityCertificateConfigId value
- 3 would be the apSecurityCertificateIndex value