-- -- Copyright 2003-2006 Innominate Security Technologies AG -- All Rights Reserved -- -- innominate mGuard 4.1.0"".default -- -- DO NOT MODIFY THIS FILE. Generated from master. Thu Sep 7 17:22:55 CEST 2006 -- MGUARDB-MIB DEFINITIONS ::= BEGIN IMPORTS enterprises, IpAddress FROM RFC1155-SMI OBJECT-TYPE FROM RFC-1212 RowStatus, TruthValue, MacAddress FROM SNMPv2-TC DisplayString FROM RFC1213-MIB TRAP-TYPE FROM RFC-1215; innominate OBJECT IDENTIFIER ::= { enterprises 15450 } mGuardb OBJECT IDENTIFIER ::= { innominate 2 } mGuardVPN OBJECT IDENTIFIER ::= { mGuardb 1 } mGuardFirewall OBJECT IDENTIFIER ::= { mGuardb 2 } mGuardNetwork OBJECT IDENTIFIER ::= { mGuardb 3 } mGuardSystem OBJECT IDENTIFIER ::= { mGuardb 4 } mGuardSNMP OBJECT IDENTIFIER ::= { mGuardb 5 } mGuardNTP OBJECT IDENTIFIER ::= { mGuardb 6 } mGuardUpdate OBJECT IDENTIFIER ::= { mGuardb 7 } mGuardRedundancy OBJECT IDENTIFIER ::= { mGuardb 9 } mGuardInfo OBJECT IDENTIFIER ::= { mGuardb 10 } mGuardLogging OBJECT IDENTIFIER ::= { mGuardb 11 } mGuardContFilt OBJECT IDENTIFIER ::= { mGuardb 12 } mGuardBlade OBJECT IDENTIFIER ::= { mGuardb 13 } mGuardProfile OBJECT IDENTIFIER ::= { mGuardb 14 } mGuardUsers OBJECT IDENTIFIER ::= { mGuardb 15 } -- -- IPsec: Local Certificate -- mGuardVPNMachine OBJECT IDENTIFIER ::= { mGuardVPN 1 } mGuardVPNMachineCert OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Machine certificate and private key of this device." ::= { mGuardVPNMachine 1 } mGuardVPNMachinePrivate OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Private key" ::= { mGuardVPNMachine 2 } -- -- IPsec: Connection -- mGuardVPNConnectionTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardVPNConnectionEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing the configuration of the local device's VPN connections." ::= { mGuardVPN 2 } mGuardVPNConnectionEntry OBJECT-TYPE SYNTAX MGuardVPNConnectionEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Configuration of a single VPN connection." INDEX { mGuardVPNconIndex } ::= { mGuardVPNConnectionTable 1 } MGuardVPNConnectionEntry ::= SEQUENCE { mGuardVPNconIndex INTEGER, mGuardVPNconName DisplayString, mGuardVPNconEnabled INTEGER, mGuardVPNremGW DisplayString, mGuardVPNconType INTEGER, mGuardVPNlocalNet IpAddress, mGuardVPNlocalMask IpAddress, mGuardVPNremoteNet IpAddress, mGuardVPNremoteMask IpAddress, mGuardVPNauthType INTEGER, mGuardVPNpsk DisplayString, mGuardVPNx509 DisplayString, mGuardVPNikeDH INTEGER, mGuardVPNikeHash INTEGER, mGuardVPNipsecHash INTEGER, mGuardVPNikeAlg INTEGER, mGuardVPNipsecAlg INTEGER, mGuardVPNpfs INTEGER, mGuardVPNconStartUp INTEGER, mGuardVPNvirtIPMethod INTEGER, mGuardVPNvirtIP IpAddress, mGuardVPNFWLogDefIn INTEGER, mGuardVPNFWLogDefOut INTEGER, mGuardVPNProtoAH INTEGER, mGuardVPNProtoESP INTEGER, mGuardVPNComp INTEGER, mGuardVPNLocalIDMode INTEGER, mGuardVPNLocalID DisplayString, mGuardVPNRemoteIDMode INTEGER, mGuardVPNRemoteID DisplayString, mGuardVPNIkeLifetime INTEGER, mGuardVPNIpsecLifetime INTEGER, mGuardVPNRekeyMargin INTEGER, mGuardVPNRekeyFuzz INTEGER, mGuardVPNKeyingTries INTEGER, mGuardVPNRekey INTEGER, mGuardVPNDPDAction INTEGER, mGuardVPNDPDDelay INTEGER, mGuardVPNDPDTimeout INTEGER, mGuardVPNRowStatus RowStatus, mGuardVPNAggressive INTEGER, mGuardVPNlocal DisplayString, mGuardVPNremote DisplayString, mGuardVPNuuid DisplayString } mGuardVPNconIndex OBJECT-TYPE SYNTAX INTEGER (1..250) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the connection." ::= { mGuardVPNConnectionEntry 1 } mGuardVPNconName OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Descriptive name of the connection." ::= { mGuardVPNConnectionEntry 2 } mGuardVPNconEnabled OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Is the connection enabled: yes / no ." ::= { mGuardVPNConnectionEntry 3 } mGuardVPNremGW OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Remote VPN gateway." ::= { mGuardVPNConnectionEntry 4 } mGuardVPNconType OBJECT-TYPE SYNTAX INTEGER { transport(1), tunnel(2), l2tp-w2k(3), l2tp-ssh(4) } ACCESS read-write STATUS mandatory DESCRIPTION "Type of VPN connection: transport / tunnel / l2tp-w2k / l2tp-ssh" ::= { mGuardVPNConnectionEntry 5 } mGuardVPNlocalNet OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS deprecated DESCRIPTION "Local net address for VPN connection in tunnel mode." ::= { mGuardVPNConnectionEntry 6 } mGuardVPNlocalMask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS deprecated DESCRIPTION "Local netmask for VPN connection in tunnel mode." ::= { mGuardVPNConnectionEntry 7 } mGuardVPNremoteNet OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS deprecated DESCRIPTION "Remote net address for VPN connection in tunnel mode." ::= { mGuardVPNConnectionEntry 8 } mGuardVPNremoteMask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS deprecated DESCRIPTION "Remote netmask for VPN connection in tunnel mode." ::= { mGuardVPNConnectionEntry 9 } mGuardVPNauthType OBJECT-TYPE SYNTAX INTEGER { psk(1), x509(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Authentification mode of the VPN connection: psk / x509" ::= { mGuardVPNConnectionEntry 10 } mGuardVPNpsk OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Pre Shared Secret" ::= { mGuardVPNConnectionEntry 11 } mGuardVPNx509 OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "X.509 certificate" ::= { mGuardVPNConnectionEntry 12 } mGuardVPNikeDH OBJECT-TYPE SYNTAX INTEGER{ all(1), modp1024(2), modp1536(3), modp2048(4), modp3072(5), modp4096(6) } ACCESS read-write STATUS mandatory DESCRIPTION "IKE DH algorithm." ::= { mGuardVPNConnectionEntry 13 } mGuardVPNikeHash OBJECT-TYPE SYNTAX INTEGER { all(1), md5(2), sha1(3) } ACCESS read-write STATUS mandatory DESCRIPTION "IKE hash algorithm: all / md5 / sha1" ::= { mGuardVPNConnectionEntry 14 } mGuardVPNipsecHash OBJECT-TYPE SYNTAX INTEGER { all(1), md5(2), sha1(3) } ACCESS read-write STATUS mandatory DESCRIPTION "ipsec hash algorithm: all / md5 / sha1" ::= { mGuardVPNConnectionEntry 15 } mGuardVPNikeAlg OBJECT-TYPE SYNTAX INTEGER { des(1), tripledes168(2), aes128(3), aes192(4), aes256(5) } ACCESS read-write STATUS mandatory DESCRIPTION "IKE encryption algorithm: des / 3des168 / aes128 / aes192 / aes256" ::= { mGuardVPNConnectionEntry 16 } mGuardVPNipsecAlg OBJECT-TYPE SYNTAX INTEGER { des(1), tripledes168(2), aes128(3), aes192(4), aes256(5), null(6) } ACCESS read-write STATUS mandatory DESCRIPTION "ipsec encryption algorithm: des/ 3des168 / aes128 / aes192 / aes256 / null" ::= { mGuardVPNConnectionEntry 17 } mGuardVPNpfs OBJECT-TYPE SYNTAX INTEGER { no(1), all(2), modp1024(3), modp1536(4), modp2048(5), modp3072(6), modp4096(7) } ACCESS read-write STATUS mandatory DESCRIPTION "ipsec perfect forward secrecy: no / all / modp1024 / modp1536 / modp2048 / modp3072 / modp4096" ::= { mGuardVPNConnectionEntry 18 } mGuardVPNconStartUp OBJECT-TYPE SYNTAX INTEGER { initiate(1), waitForRemote(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Recognize the startup of the VPN connection or wait for connection startup of the remote gateway: yes / no ." ::= { mGuardVPNConnectionEntry 19 } mGuardVPNvirtIPMethod OBJECT-TYPE SYNTAX INTEGER{ static(1), dhcp-over-ipsec(2) } ACCESS read-write STATUS mandatory DESCRIPTION "This option isn't implemented yet." ::= { mGuardVPNConnectionEntry 20 } mGuardVPNvirtIP OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Virtual IP to use" ::= { mGuardVPNConnectionEntry 21 } mGuardVPNFWLogDefIn OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Log entries for undefined incoming connection attempts?" ::= { mGuardVPNConnectionEntry 22 } mGuardVPNFWLogDefOut OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Log entries for undefined outgoing connection attempts?" ::= { mGuardVPNConnectionEntry 23 } mGuardVPNProtoAH OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Use the AH protocoll. Only 'no' is supported." ::= { mGuardVPNConnectionEntry 26 } mGuardVPNProtoESP OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Use the ESP protocoll. Only 'yes' is supported." ::= { mGuardVPNConnectionEntry 27 } mGuardVPNComp OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Use IPsec compression. Only 'no' is supported." ::= { mGuardVPNConnectionEntry 28 } mGuardVPNLocalIDMode OBJECT-TYPE SYNTAX INTEGER{ auto(1), freeswan(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Mode for local ID. This option isn't implemented yet." ::= { mGuardVPNConnectionEntry 29 } mGuardVPNLocalID OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Local ID." ::= { mGuardVPNConnectionEntry 30 } mGuardVPNRemoteIDMode OBJECT-TYPE SYNTAX INTEGER{ auto(1), freeswan(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Mode for remote ID. This option isn't implemented yet." ::= { mGuardVPNConnectionEntry 31 } mGuardVPNRemoteID OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Local ID." ::= { mGuardVPNConnectionEntry 32 } mGuardVPNIkeLifetime OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "ISAKMP SA lifetime (seconds)." ::= { mGuardVPNConnectionEntry 33 } mGuardVPNIpsecLifetime OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "IPSec SA lifetime (seconds)." ::= { mGuardVPNConnectionEntry 34 } mGuardVPNRekeyMargin OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Rekey Margin (seconds)." ::= { mGuardVPNConnectionEntry 35 } mGuardVPNRekeyFuzz OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Rekey fuzz (in percent)." ::= { mGuardVPNConnectionEntry 36 } mGuardVPNKeyingTries OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Rekey fuzz (in percent)." ::= { mGuardVPNConnectionEntry 37 } mGuardVPNRekey OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Renegotiate connection after the keys have expired? Must be set to 'no' on both end to be effective." ::= { mGuardVPNConnectionEntry 38 } mGuardVPNDPDAction OBJECT-TYPE SYNTAX INTEGER{ hold(1), clear(2), restart(3) } ACCESS read-write STATUS mandatory DESCRIPTION "What to do in case DPD found out that the connection is dead: 'hold': renegotiate connection. 'clear': clear connection and don't renegotiate." ::= { mGuardVPNConnectionEntry 39 } mGuardVPNDPDDelay OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Interval in seconds to wait before sending DPD requests when the remote end didn't send data. The default value is 30." ::= { mGuardVPNConnectionEntry 40 } mGuardVPNDPDTimeout OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Interval in seconds before declaring the remote end as dead after sending the first DPD request. The default value is 120." ::= { mGuardVPNConnectionEntry 41 } mGuardVPNRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardVPNConnectionEntry 42 } mGuardVPNAggressive OBJECT-TYPE SYNTAX INTEGER{ no(1), yes(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Wether to use/accept aggressive mode VPn connections for this one." ::= { mGuardVPNConnectionEntry 43 } mGuardVPNlocal OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Local network for VPN connection in tunnel mode in CIDR notation." ::= { mGuardVPNConnectionEntry 44 } mGuardVPNremote OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Remote network for VPN connection in tunnel mode in CIDR notation." ::= { mGuardVPNConnectionEntry 45 } mGuardVPNuuid OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "Universally Unique IDentifier (UUID, RFC 4122) used for mGuardVPNConnectionTable logging." ::= { mGuardVPNConnectionEntry 46 } --- --- IPsec: Incoming Firewall --- mGuardVPNFW OBJECT IDENTIFIER ::= { mGuardVPN 3 } mGuardVPNFWINTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardVPNFWINEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Table of firewall rules for incoming packets." ::= { mGuardVPNFW 1 } mGuardVPNFWINEntry OBJECT-TYPE SYNTAX MGuardVPNFWINEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing data of a single rule." INDEX { mGuardVPNFWINconIndex, mGuardVPNFWINruleIndex } ::= { mGuardVPNFWINTable 1 } MGuardVPNFWINEntry ::= SEQUENCE { mGuardVPNFWINconIndex INTEGER, mGuardVPNFWINruleIndex INTEGER, mGuardVPNFWINsourceIP DisplayString, mGuardVPNFWINdestinationIP DisplayString, mGuardVPNFWINsport DisplayString, mGuardVPNFWINdport DisplayString, mGuardVPNFWINtarget INTEGER, mGuardVPNFWINproto INTEGER, mGuardVPNFWINlog INTEGER, mGuardVPNFWINRowStatus RowStatus, mGuardVPNFWINcomment DisplayString } mGuardVPNFWINconIndex OBJECT-TYPE SYNTAX INTEGER (1..250) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the rule." ::= { mGuardVPNFWINEntry 1 } mGuardVPNFWINruleIndex OBJECT-TYPE SYNTAX INTEGER (1..250) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the rule." ::= { mGuardVPNFWINEntry 2 } mGuardVPNFWINsourceIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address" ::= { mGuardVPNFWINEntry 3 } mGuardVPNFWINdestinationIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address" ::= { mGuardVPNFWINEntry 4 } mGuardVPNFWINsport OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source port" ::= { mGuardVPNFWINEntry 5 } mGuardVPNFWINdport OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's destination port" ::= { mGuardVPNFWINEntry 6 } mGuardVPNFWINtarget OBJECT-TYPE SYNTAX INTEGER { accept(1), reject(2), drop(3) } ACCESS read-write STATUS mandatory DESCRIPTION "The rule's target" ::= { mGuardVPNFWINEntry 7 } mGuardVPNFWINproto OBJECT-TYPE SYNTAX INTEGER { tcp(1), udp(2), icmp(3), all(4) } ACCESS read-write STATUS mandatory DESCRIPTION "The rule's transport protocol" ::= { mGuardVPNFWINEntry 8 } mGuardVPNFWINlog OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Log packets matching this rule." ::= { mGuardVPNFWINEntry 9 } mGuardVPNFWINRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardVPNFWINEntry 10 } mGuardVPNFWINcomment OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Commentary or name for this rule." ::= { mGuardVPNFWINEntry 11 } -- -- IPsec: Outgoing Firewall -- mGuardVPNFWOUTTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardVPNFWOUTEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Table of firewall rules for outgoing packets." ::= { mGuardVPNFW 2 } mGuardVPNFWOUTEntry OBJECT-TYPE SYNTAX MGuardVPNFWOUTEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing data of a single rule." INDEX { mGuardVPNFWOUTconIndex, mGuardVPNFWOUTruleIndex } ::= { mGuardVPNFWOUTTable 1 } MGuardVPNFWOUTEntry ::= SEQUENCE { mGuardVPNFWOUTconIndex INTEGER, mGuardVPNFWOUTruleIndex INTEGER, mGuardVPNFWOUTsourceIP DisplayString, mGuardVPNFWOUTdestinationIP DisplayString, mGuardVPNFWOUTsport DisplayString, mGuardVPNFWOUTdport DisplayString, mGuardVPNFWOUTtarget INTEGER, mGuardVPNFWOUTproto INTEGER, mGuardVPNFWOUTlog INTEGER, mGuardVPNFWOUTRowStatus RowStatus, mGuardVPNFWOUTcomment DisplayString } mGuardVPNFWOUTconIndex OBJECT-TYPE SYNTAX INTEGER (1..250) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the rule." ::= { mGuardVPNFWOUTEntry 1 } mGuardVPNFWOUTruleIndex OBJECT-TYPE SYNTAX INTEGER (1..250) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the rule." ::= { mGuardVPNFWOUTEntry 2 } mGuardVPNFWOUTsourceIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address" ::= { mGuardVPNFWOUTEntry 3 } mGuardVPNFWOUTdestinationIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address" ::= { mGuardVPNFWOUTEntry 4 } mGuardVPNFWOUTsport OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source port" ::= { mGuardVPNFWOUTEntry 5 } mGuardVPNFWOUTdport OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's destination port" ::= { mGuardVPNFWOUTEntry 6 } mGuardVPNFWOUTtarget OBJECT-TYPE SYNTAX INTEGER { accept(1), reject(2), drop(3) } ACCESS read-write STATUS mandatory DESCRIPTION "The rule's target" ::= { mGuardVPNFWOUTEntry 7 } mGuardVPNFWOUTproto OBJECT-TYPE SYNTAX INTEGER { tcp(1), udp(2), icmp(3), all(4) } ACCESS read-write STATUS mandatory DESCRIPTION "The rule's transport protocol" ::= { mGuardVPNFWOUTEntry 8 } mGuardVPNFWOUTlog OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Log packets matching this rule." ::= { mGuardVPNFWOUTEntry 9 } mGuardVPNFWOUTRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardVPNFWOUTEntry 10 } mGuardVPNFWOUTcomment OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Commentary or name for this rule." ::= { mGuardVPNFWOUTEntry 11 } -- -- DynDNS Register -- mGuardVPNDynDNS OBJECT IDENTIFIER ::= { mGuardVPN 4 } mGuardVPNDynDNSRegister OBJECT IDENTIFIER ::= { mGuardVPNDynDNS 1 } mGuardVPNDynDNSReg OBJECT-TYPE SYNTAX TruthValue ACCESS read-write STATUS mandatory DESCRIPTION " Register at a DynDNS service: no, yes" ::= { mGuardVPNDynDNSRegister 1 } mGuardVPNDynDNSRegInterval OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION " Refresh interval for registration." ::= { mGuardVPNDynDNSRegister 2 } mGuardVPNDynDNSRegServer OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "DynDNS server." ::= { mGuardVPNDynDNSRegister 3 } mGuardVPNDynDNSRegLogin OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Login for DynDNS server." ::= { mGuardVPNDynDNSRegister 4 } mGuardVPNDynDNSRegPasswd OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Password for DynDNS server." ::= { mGuardVPNDynDNSRegister 5 } mGuardVPNDynDNSRegProvider OBJECT-TYPE SYNTAX INTEGER { inominate(1), dyndns(2), dns4biz(3) } ACCESS read-write STATUS mandatory DESCRIPTION "DynDNS provider" ::= { mGuardVPNDynDNSRegister 6 } mGuardVPNDynDNSRegHostname OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Hostname to register" ::= { mGuardVPNDynDNSRegister 7 } -- -- DynDNS Watch -- mGuardVPNDynDNSCheck OBJECT IDENTIFIER ::= { mGuardVPNDynDNS 2 } mGuardVPNDynDNSCheckDo OBJECT-TYPE SYNTAX TruthValue ACCESS read-write STATUS mandatory DESCRIPTION "Should hostnames of remote vpn gateways be checked after certain time intervals in case they are at a DynDNS provider? : no,yes" ::= { mGuardVPNDynDNSCheck 1 } mGuardVPNDynDNSCheckRefresh OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Refresh interval for checking DNS names of remote VPN peers." ::= { mGuardVPNDynDNSCheck 2 } -- -- IPSec L2TP -- mGuardVPNL2TP OBJECT IDENTIFIER ::= { mGuardVPN 5 } mGuardVPNL2TPStart OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Start the L2TP Server ? yes,no" ::= { mGuardVPNL2TP 1 } mGuardVPNL2TPLocalIP OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Local IP for L2TP connections" ::= { mGuardVPNL2TP 2 } mGuardVPNL2TPRemoteIPRangeStart OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Start of range of remote IPs." ::= { mGuardVPNL2TP 3 } mGuardVPNL2TPRemoteIPRangeEnd OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "End of range of remote IPs." ::= { mGuardVPNL2TP 4 } mGuardVPNL2TPpppdOptTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardVPNL2TPpppdOptEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table of options set for the pppd process implementing IPsec/L2TP." ::= { mGuardVPNL2TP 5 } mGuardVPNL2TPpppdOptEntry OBJECT-TYPE SYNTAX MGuardVPNL2TPpppdOptEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A single option set for pppd. " INDEX { mGuardVPNL2TPpppdOptIndex } ::= { mGuardVPNL2TPpppdOptTable 1 } MGuardVPNL2TPpppdOptEntry ::= SEQUENCE { mGuardVPNL2TPpppdOptIndex INTEGER, mGuardVPNL2TPpppdOptValue DisplayString, mGuardVPNL2TPpppdOptRowStatus RowStatus } mGuardVPNL2TPpppdOptIndex OBJECT-TYPE SYNTAX INTEGER (1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Table index." ::= { mGuardVPNL2TPpppdOptEntry 1 } mGuardVPNL2TPpppdOptValue OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The pppd option." ::= { mGuardVPNL2TPpppdOptEntry 2 } mGuardVPNL2TPpppdOptRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "Row Status" ::= { mGuardVPNL2TPpppdOptEntry 3 } -- -- IPsec Options -- mGuardVPNSettings OBJECT IDENTIFIER ::= { mGuardVPN 6 } mGuardVPNRequireUniqueIDs OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Allow only one open connection per identity (ie. X.509 certificate)." ::= { mGuardVPNSettings 1 } mGuardVPNNatTraversal OBJECT-TYPE SYNTAX INTEGER{ on(1), off(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Encapsulate ESP traffic into IKE (UDP) packets to pass IPsec unaware NAT routers." ::= { mGuardVPNSettings 2 } mGuardVPNNatTPortfloating OBJECT-TYPE SYNTAX INTEGER{ on(1), off(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Some NAT routers fail to perform NAT originating low UDP ports. This option moves IKE from UDP 500 to UDP 4500 if possible" ::= { mGuardVPNSettings 3 } mGuardVPNNatTKeepAliveInterval OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "NAT-T Keepalive Interval (in seconds). Keepalives will tell the NAT router not to close the connection. " ::= { mGuardVPNSettings 4 } mGuardVPNNatTKeepAliveForce OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Force NAT-T Keepalive ?" ::= { mGuardVPNSettings 5 } mGuardVPNIkeLog OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Log verbose information on IKE ?" ::= { mGuardVPNSettings 6 } mGuardVPNHideTos OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "When set to yes the TOS bit will be cleared on IPsec output. " ::= { mGuardVPNSettings 7 } mGuardVPNmtu OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "ipsec0 mtu" ::= { mGuardVPNSettings 8 } mGuardVPNStrictCRLPolicy OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Use a strict CRL policy?" ::= { mGuardVPNSettings 9 } mGuardVPNNoCertReqSend OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Don't send certificate requests?" ::= { mGuardVPNSettings 10 } -- -- Firewall Incoming -- mGuardFirewallIncoming OBJECT IDENTIFIER ::= { mGuardFirewall 1 } mGuardFirewallIncomingTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardFirewallIncomingEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing firewall rules for incoming packets." ::= { mGuardFirewallIncoming 1 } mGuardFirewallIncomingEntry OBJECT-TYPE SYNTAX MGuardFirewallIncomingEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing data of a single rule." INDEX { mGuardFWINruleIndex } ::= { mGuardFirewallIncomingTable 1 } MGuardFirewallIncomingEntry ::= SEQUENCE { mGuardFWINruleIndex INTEGER, mGuardFWINsourceIP DisplayString, mGuardFWINdestinationIP DisplayString, mGuardFWINsport DisplayString, mGuardFWINdport DisplayString, mGuardFWINtarget INTEGER, mGuardFWINproto INTEGER, mGuardFWINlog INTEGER, mGuardFWINRowStatus RowStatus, mGuardFWINcomment DisplayString, mGuardFWINfromMAC MacAddress } mGuardFWINruleIndex OBJECT-TYPE SYNTAX INTEGER (1..250) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the rule." ::= { mGuardFirewallIncomingEntry 1 } mGuardFWINsourceIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address" ::= { mGuardFirewallIncomingEntry 2 } mGuardFWINdestinationIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address" ::= { mGuardFirewallIncomingEntry 3 } mGuardFWINsport OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source port" ::= { mGuardFirewallIncomingEntry 4 } mGuardFWINdport OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's destination port" ::= { mGuardFirewallIncomingEntry 5 } mGuardFWINtarget OBJECT-TYPE SYNTAX INTEGER { accept(1), reject(2), drop(3) } ACCESS read-write STATUS mandatory DESCRIPTION "The rule's target" ::= { mGuardFirewallIncomingEntry 6 } mGuardFWINproto OBJECT-TYPE SYNTAX INTEGER { tcp(1), udp(2), icmp(3), all(4) } ACCESS read-write STATUS mandatory DESCRIPTION "The rule's transport protocol" ::= { mGuardFirewallIncomingEntry 7 } mGuardFWINlog OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION " Log packets matching this rule ?" ::= { mGuardFirewallIncomingEntry 8 } mGuardFWINRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardFirewallIncomingEntry 9 } mGuardFWINcomment OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Commentary or name for this rule." ::= { mGuardFirewallIncomingEntry 10 } mGuardFWINfromMAC OBJECT-TYPE SYNTAX MacAddress ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source MAC address." ::= { mGuardFirewallIncomingEntry 11 } mGuardFirewallINLogDefault OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Log entries for unknown connection attempts?" ::= { mGuardFirewallIncoming 2 } mGuardFirewallINuuid OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "Universally Unique IDentifier (UUID, RFC 4122) used for mGuardFirewallIncomingTable logging." ::= { mGuardFirewallIncoming 3 } -- -- Firewall Outgoing -- mGuardFirewallOutgoing OBJECT IDENTIFIER ::= { mGuardFirewall 2 } mGuardFirewallOutgoingTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardFirewallOutgoingEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing firewall rules for outgoing packets." ::= { mGuardFirewallOutgoing 1 } mGuardFirewallOutgoingEntry OBJECT-TYPE SYNTAX MGuardFirewallOutgoingEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing data of a single rule." INDEX { mGuardFWOUTruleIndex } ::= { mGuardFirewallOutgoingTable 1 } MGuardFirewallOutgoingEntry ::= SEQUENCE { mGuardFWOUTruleIndex INTEGER, mGuardFWOUTsourceIP DisplayString, mGuardFWOUTdestinationIP DisplayString, mGuardFWOUTsport DisplayString, mGuardFWOUTdport DisplayString, mGuardFWOUTtarget INTEGER, mGuardFWOUTproto INTEGER, mGuardFWOUTlog INTEGER, mGuardFWOUTRowStatus RowStatus, mGuardFWOUTcomment DisplayString, mGuardFWOUTfromMAC MacAddress } mGuardFWOUTruleIndex OBJECT-TYPE SYNTAX INTEGER (1..250) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the rule." ::= { mGuardFirewallOutgoingEntry 1 } mGuardFWOUTsourceIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address" ::= { mGuardFirewallOutgoingEntry 2 } mGuardFWOUTdestinationIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address" ::= { mGuardFirewallOutgoingEntry 3 } mGuardFWOUTsport OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source port" ::= { mGuardFirewallOutgoingEntry 4 } mGuardFWOUTdport OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's destination port" ::= { mGuardFirewallOutgoingEntry 5 } mGuardFWOUTtarget OBJECT-TYPE SYNTAX INTEGER { accept(1), reject(2), drop(3) } ACCESS read-write STATUS mandatory DESCRIPTION "The rule's target" ::= { mGuardFirewallOutgoingEntry 6 } mGuardFWOUTproto OBJECT-TYPE SYNTAX INTEGER { tcp(1), udp(2), icmp(3), all(4) } ACCESS read-write STATUS mandatory DESCRIPTION "The rule's transport protocol" ::= { mGuardFirewallOutgoingEntry 7 } mGuardFWOUTlog OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION " Log packets matching this rule ?" ::= { mGuardFirewallOutgoingEntry 8 } mGuardFWOUTRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardFirewallOutgoingEntry 9 } mGuardFWOUTcomment OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Commentary or name for this rule." ::= { mGuardFirewallOutgoingEntry 10 } mGuardFWOUTfromMAC OBJECT-TYPE SYNTAX MacAddress ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source MAC address." ::= { mGuardFirewallOutgoingEntry 11 } mGuardFirewallOUTLogDefault OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Log entries for unknown connection attempts?" ::= { mGuardFirewallOutgoing 2 } mGuardFirewallOUTuuid OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "Universally Unique IDentifier (UUID, RFC 4122) used for mGuardFirewallOutgoingTable logging." ::= { mGuardFirewallOutgoing 3 } -- -- Firwall Portforwarding -- mGuardFirewallPortforwarding OBJECT IDENTIFIER ::= { mGuardFirewall 3 } mGuardFirewallPortforwardTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardFirewallPortforwardEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing firewall rules for portforwarding." ::= { mGuardFirewallPortforwarding 1 } mGuardFirewallPortforwardEntry OBJECT-TYPE SYNTAX MGuardFirewallPortforwardEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing data of a single rule." INDEX { mGuardFWPORTFORWruleIndex } ::= { mGuardFirewallPortforwardTable 1 } MGuardFirewallPortforwardEntry ::= SEQUENCE { mGuardFWPORTFORWruleIndex INTEGER, mGuardFWPORTFORWinIP DisplayString, mGuardFWPORTFORWoutIP DisplayString, mGuardFWPORTFORWinport DisplayString, mGuardFWPORTFORWoutport DisplayString, mGuardFWPORTFORWproto INTEGER, mGuardFWPORTFORWlog INTEGER, mGuardFWPORTFORWRowStatus RowStatus, mGuardFWPORTFORWsrcIP DisplayString, mGuardFWPORTFORWsrcport DisplayString, mGuardFWPORTFORWcomment DisplayString, mGuardFWPORTFORWsrcMAC MacAddress } mGuardFWPORTFORWruleIndex OBJECT-TYPE SYNTAX INTEGER (1..250) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the rule." ::= { mGuardFirewallPortforwardEntry 1 } mGuardFWPORTFORWinIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's incoming IP address" ::= { mGuardFirewallPortforwardEntry 2 } mGuardFWPORTFORWoutIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's redirect IP address" ::= { mGuardFirewallPortforwardEntry 3 } mGuardFWPORTFORWinport OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's incoming port" ::= { mGuardFirewallPortforwardEntry 4 } mGuardFWPORTFORWoutport OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's destination port" ::= { mGuardFirewallPortforwardEntry 5 } mGuardFWPORTFORWproto OBJECT-TYPE SYNTAX INTEGER { tcp(1), udp(2) } ACCESS read-write STATUS mandatory DESCRIPTION "The rule's transport protocol" ::= { mGuardFirewallPortforwardEntry 6 } mGuardFWPORTFORWlog OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION " Log packets matching this rule ?" ::= { mGuardFirewallPortforwardEntry 7 } mGuardFWPORTFORWRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardFirewallPortforwardEntry 8 } mGuardFWPORTFORWsrcIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address" ::= { mGuardFirewallPortforwardEntry 9 } mGuardFWPORTFORWsrcport OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source port" ::= { mGuardFirewallPortforwardEntry 10 } mGuardFWPORTFORWcomment OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Commentary or name for this rule." ::= { mGuardFirewallPortforwardEntry 11 } mGuardFWPORTFORWsrcMAC OBJECT-TYPE SYNTAX MacAddress ACCESS read-write STATUS mandatory DESCRIPTION "Commentary or name for this rule." ::= { mGuardFirewallPortforwardEntry 12 } mGuardFirewallFWDuuid OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "Universally Unique IDentifier (UUID, RFC 4122) used for mGuardFirewallPortforwardTable logging." ::= { mGuardFirewallPortforwarding 2 } -- -- Firewall NAT -- mGuardFirewallNAT OBJECT IDENTIFIER ::= { mGuardFirewall 4 } mGuardFirewallNATRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardFirewallNATRuleEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing firewall rules for network address translation." ::= { mGuardFirewallNAT 1 } mGuardFirewallNATRuleEntry OBJECT-TYPE SYNTAX MGuardFirewallNATRuleEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing data of a single rule." INDEX { mGuardFWNATruleIndex } ::= { mGuardFirewallNATRuleTable 1 } MGuardFirewallNATRuleEntry ::= SEQUENCE { mGuardFWNATruleIndex INTEGER, mGuardFWNATIP DisplayString, mGuardFWNATRowStatus RowStatus, mGuardFWNATOutIP DisplayString } mGuardFWNATruleIndex OBJECT-TYPE SYNTAX INTEGER (1..250) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the rule." ::= { mGuardFirewallNATRuleEntry 1 } mGuardFWNATIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address" ::= { mGuardFirewallNATRuleEntry 2 } mGuardFWNATRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardFirewallNATRuleEntry 3 } mGuardFWNATOutIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Reserved for future use" ::= { mGuardFirewallNATRuleEntry 4 } -- -- Firewall Extended Settings -- mGuardFirewallExtended OBJECT IDENTIFIER ::= { mGuardFirewall 5 } mGuardFirewallIPConntrackMax OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Maximum size of connection tracking table" ::= { mGuardFirewallExtended 1 } mGuardFirewallIPSynfloodLimitInt OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Maximum number of new outgoing TCP connections (SYN) per second" ::= { mGuardFirewallExtended 2 } mGuardFirewallIPSynfloodLimitExt OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Maximum number of new incoming TCP connections (SYN) per second" ::= { mGuardFirewallExtended 3 } mGuardFirewallICMPLimitInt OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Maximum number of outgoing ping frames (ICMP Echo Request) per second" ::= { mGuardFirewallExtended 4 } mGuardFirewallICMPLimitExt OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Maximum number of incoming ping frames (ICMP Echo Request) per second" ::= { mGuardFirewallExtended 5 } mGuardFirewallEnableConntrackFTP OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable active FTP NAT/Connection Tracking support" ::= { mGuardFirewallExtended 6 } mGuardFirewallConntrackIRC OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable IRC NAT/Connection Tracking support" ::= { mGuardFirewallExtended 7 } mGuardFirewallConntrackPPTP OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable PPTP NAT/Connection Tracking support" ::= { mGuardFirewallExtended 8 } mGuardFirewallARPLimitInt OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Maximum number of outgoing arp request frames per second (stealth mode only)" ::= { mGuardFirewallExtended 9 } mGuardFirewallARPLimitExt OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Maximum number of incoming arp request frames per second (stealth mode only)" ::= { mGuardFirewallExtended 10 } mGuardFirewallICMPPolicy OBJECT-TYPE SYNTAX INTEGER { drop(1), ping(2), all(3) } ACCESS read-write STATUS mandatory DESCRIPTION "Allow incoming ICMP frames to the mGuard itself (router modes only): drop: default, ping: allow incoming ICMP echo request (required to answer ping), all: allow all incoming ICMP request to reach the TCP stack. Note: ICMP packets related to established connections are handled by the connection tracking. This setting is used for unrelated ICMP traffic." ::= { mGuardFirewallExtended 11 } mGuardFirewallConntrackH323 OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable H323 NAT/Connection Tracking support" ::= { mGuardFirewallExtended 12 } mGuardFirewallIpUncleanMatch OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable IP Unclean Match" ::= { mGuardFirewallExtended 13 } -- -- Firewall 1:1 NAT -- mGuardFirewall11NAT OBJECT IDENTIFIER ::= { mGuardFirewall 6 } mGuardFirewall11NATRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardFirewall11NATRuleEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing firewall rules for network address translation." ::= { mGuardFirewall11NAT 1 } mGuardFirewall11NATRuleEntry OBJECT-TYPE SYNTAX MGuardFirewall11NATRuleEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing data of a single rule." INDEX { mGuardFW11NATruleIndex } ::= { mGuardFirewall11NATRuleTable 1 } MGuardFirewall11NATRuleEntry ::= SEQUENCE { mGuardFW11NATruleIndex INTEGER, mGuardFW11NATLocal IpAddress, mGuardFW11NATRemote IpAddress, mGuardFW11NATMask INTEGER, mGuardFW11NATLog INTEGER, mGuardFW11NATRowStatus RowStatus } mGuardFW11NATruleIndex OBJECT-TYPE SYNTAX INTEGER (1..250) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the rule." ::= { mGuardFirewall11NATRuleEntry 1 } mGuardFW11NATLocal OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Network for 1:1 NAT on local interface." ::= { mGuardFirewall11NATRuleEntry 2 } mGuardFW11NATRemote OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Network for 1:1 NAT on remote interface." ::= { mGuardFirewall11NATRuleEntry 3 } mGuardFW11NATMask OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Netmask for 1:1 NAT between 0 and 32." ::= { mGuardFirewall11NATRuleEntry 4 } mGuardFW11NATLog OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Log entries for this rule?" ::= { mGuardFirewall11NATRuleEntry 5 } mGuardFW11NATRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardFirewall11NATRuleEntry 10 } -- -- User Firewall -- mGuardFWUsrFW OBJECT IDENTIFIER ::= { mGuardFirewall 7 } mGuardFWUsrFWEnabled OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable the user firewall." ::= { mGuardFWUsrFW 1 } mGuardFWUsrFWTmplTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardFWUsrFWTmplEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing user firewall templates." ::= { mGuardFWUsrFW 2 } mGuardFWUsrFWTmplEntry OBJECT-TYPE SYNTAX MGuardFWUsrFWTmplEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing a single user firewall template." INDEX { mGuardFWUsrFWTmplIndex } ::= { mGuardFWUsrFWTmplTable 1 } MGuardFWUsrFWTmplEntry ::= SEQUENCE { mGuardFWUsrFWTmplIndex INTEGER, mGuardFWUsrFWTmplEnabled INTEGER, mGuardFWUsrFWTmplName DisplayString, mGuardFWUsrFWTmplComment DisplayString, mGuardFWUsrFWTmplTimeout INTEGER, mGuardFWUsrFWTmplSrcIP DisplayString, mGuardFWUsrFWTmplRowStatus RowStatus, mGuardFWUsrFWTmplTimeOutType INTEGER, mGuardFWUsrFWTmplUUID DisplayString } mGuardFWUsrFWTmplIndex OBJECT-TYPE SYNTAX INTEGER (1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the user firewall template entry." ::= { mGuardFWUsrFWTmplEntry 1 } mGuardFWUsrFWTmplEnabled OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable this user firewall template." ::= { mGuardFWUsrFWTmplEntry 2 } mGuardFWUsrFWTmplName OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "A descriptive name of the user firewall template." ::= { mGuardFWUsrFWTmplEntry 3 } mGuardFWUsrFWTmplComment OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "A comment associated with the user firewall template." ::= { mGuardFWUsrFWTmplEntry 4 } mGuardFWUsrFWTmplTimeout OBJECT-TYPE SYNTAX INTEGER (1..86400) ACCESS read-write STATUS mandatory DESCRIPTION "The timeout in seconds of the user firewall template." ::= { mGuardFWUsrFWTmplEntry 5 } mGuardFWUsrFWTmplSrcIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The source IP address of the user firewall template." ::= { mGuardFWUsrFWTmplEntry 6 } mGuardFWUsrFWTmplRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "Row Status" ::= { mGuardFWUsrFWTmplEntry 7 } mGuardFWUsrFWTmplTimeOutType OBJECT-TYPE SYNTAX INTEGER { static(1), dynamic(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Use static or dynamic timeout for this template." ::= { mGuardFWUsrFWTmplEntry 8 } mGuardFWUsrFWTmplUUID OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "Universally Unique IDentifier (UUID, RFC 4122) used for logging." ::= { mGuardFWUsrFWTmplEntry 9 } mGuardFWUsrFWTmplUserTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardFWUsrFWTmplUserEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing the users associated with a user firewall template." ::= { mGuardFWUsrFW 3 } mGuardFWUsrFWTmplUserEntry OBJECT-TYPE SYNTAX MGuardFWUsrFWTmplUserEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing a single user associated with a user firewall template." INDEX { mGuardFWUsrFWTmplUserTemplateIdx, mGuardFWUsrFWTmplUserIndex } ::= { mGuardFWUsrFWTmplUserTable 1 } MGuardFWUsrFWTmplUserEntry ::= SEQUENCE { mGuardFWUsrFWTmplUserTemplateIdx INTEGER, mGuardFWUsrFWTmplUserIndex INTEGER, mGuardFWUsrFWTmplUserName DisplayString, mGuardFWUsrFWTmplUserRowStatus RowStatus } mGuardFWUsrFWTmplUserTemplateIdx OBJECT-TYPE SYNTAX INTEGER (1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the user firewall template entry." ::= { mGuardFWUsrFWTmplUserEntry 1 } mGuardFWUsrFWTmplUserIndex OBJECT-TYPE SYNTAX INTEGER (1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the user within the user firewall template entry." ::= { mGuardFWUsrFWTmplUserEntry 2 } mGuardFWUsrFWTmplUserName OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The username of the user within the user firewall template entry." ::= { mGuardFWUsrFWTmplUserEntry 3 } mGuardFWUsrFWTmplUserRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "Row Status" ::= { mGuardFWUsrFWTmplUserEntry 4 } mGuardFWUsrFWTmplRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardFWUsrFWTmplRuleEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing the rules associated with a user firewall template." ::= { mGuardFWUsrFW 4 } mGuardFWUsrFWTmplRuleEntry OBJECT-TYPE SYNTAX MGuardFWUsrFWTmplRuleEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing a single rule associated with a user firewall template." INDEX { mGuardFWUsrFWTmplRuleTemplateIdx, mGuardFWUsrFWTmplRuleIndex } ::= { mGuardFWUsrFWTmplRuleTable 1 } MGuardFWUsrFWTmplRuleEntry ::= SEQUENCE { mGuardFWUsrFWTmplRuleTemplateIdx INTEGER, mGuardFWUsrFWTmplRuleIndex INTEGER, mGuardFWUsrFWTmplRuleProto INTEGER, mGuardFWUsrFWTmplRuleSrcPort DisplayString, mGuardFWUsrFWTmplRuleDstPort DisplayString, mGuardFWUsrFWTmplRuleDstIP DisplayString, mGuardFWUsrFWTmplRuleLog INTEGER, mGuardFWUsrFWTmplRuleComment DisplayString, mGuardFWUsrFWTmplRuleRowStatus RowStatus } mGuardFWUsrFWTmplRuleTemplateIdx OBJECT-TYPE SYNTAX INTEGER (1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the user firewall template entry." ::= { mGuardFWUsrFWTmplRuleEntry 1 } mGuardFWUsrFWTmplRuleIndex OBJECT-TYPE SYNTAX INTEGER (1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the rule within the user firewall template entry." ::= { mGuardFWUsrFWTmplRuleEntry 2 } mGuardFWUsrFWTmplRuleProto OBJECT-TYPE SYNTAX INTEGER { tcp(1), udp(2), icmp(3), all(4) } ACCESS read-write STATUS mandatory DESCRIPTION "The protocol of the rule within the user firewall template entry." ::= { mGuardFWUsrFWTmplRuleEntry 3 } mGuardFWUsrFWTmplRuleSrcPort OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The source port or port range of the rule within the user firewall template entry." ::= { mGuardFWUsrFWTmplRuleEntry 4 } mGuardFWUsrFWTmplRuleDstPort OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The destination port or port range of the rule within the user firewall template entry." ::= { mGuardFWUsrFWTmplRuleEntry 5 } mGuardFWUsrFWTmplRuleDstIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The destination IP address of the rule within the user firewall template entry." ::= { mGuardFWUsrFWTmplRuleEntry 6 } mGuardFWUsrFWTmplRuleLog OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Log packets matching the rule within the user firewall template entry." ::= { mGuardFWUsrFWTmplRuleEntry 7 } mGuardFWUsrFWTmplRuleComment OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "A comment associated with the rule within the user firewall template entry." ::= { mGuardFWUsrFWTmplRuleEntry 8 } mGuardFWUsrFWTmplRuleRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "Row Status" ::= { mGuardFWUsrFWTmplRuleEntry 9 } mGuardFWUsrFWGroupAuthEnabled OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable group authentication for the user firewall." ::= { mGuardFWUsrFW 5 } -- -- Network -- mGuardNetworkMode OBJECT-TYPE SYNTAX INTEGER { stealth(1), router(2), pppoe(3), pptp(4) } ACCESS read-only STATUS mandatory DESCRIPTION "Network mode: router,stealth" ::= { mGuardNetwork 1 } -- -- Stealth -- mGuardStealth OBJECT IDENTIFIER ::= { mGuardNetwork 2 } mGuardStealthIPConfMode OBJECT-TYPE SYNTAX INTEGER { autoDetect(1), static(2), multi(3) } ACCESS read-write STATUS mandatory DESCRIPTION "Type of IP Stack configuration in stealth mode. autodetect, static, multiple-clients" ::= { mGuardStealth 1 } mGuardStealthIPConfStatic OBJECT IDENTIFIER ::= { mGuardStealth 2 } mGuardStealthStaticIP OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "IP address of the protected client in stealth mode (using static ip configuration)." ::= { mGuardStealthIPConfStatic 1 } mGuardStealthStaticMAC OBJECT-TYPE SYNTAX MacAddress ACCESS read-write STATUS mandatory DESCRIPTION "MAC address of protected client in stealth mode (using static ip configuration)." ::= { mGuardStealthIPConfStatic 2 } mGuardStealthStaticActivate OBJECT-TYPE SYNTAX INTEGER { activate(1), valuescached(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Button to activate Stealth Static IP configuration." ::= { mGuardStealthIPConfStatic 3 } mGuardStealthManageIP OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The management IP address of this system in stealth mode When set, this value is internally cached inside the agent until it is explicitly activated by writing the mGuardStealthManageActivate object. When read the currently active setting is returned, not regarding any cached values." ::= { mGuardStealthIPConfStatic 4 } mGuardStealthManageNetmask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The management IP netmask of this system in stealth mode When set, this value is internally cached inside the agent until it is explicitly activated by writing the mGuardStealthManageActivate object. When read the currently active setting is returned, not regarding any cached values." ::= { mGuardStealthIPConfStatic 5 } mGuardStealthManageGateway OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The default gateway for the management IP of the mGuard in stealth mode When set, this value is internally cached inside the agent until it is explicitly activated by writing the mGuardStealthManageActivate object. When read the currently active setting is returned, not regarding any cached values." ::= { mGuardStealthIPConfStatic 6 } mGuardStealthManageActivate OBJECT-TYPE SYNTAX INTEGER { activate(1), valuescached(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Button to activate the stealth management IP configuration. When activate(1) is written, any cached values for the mGuardStealthManageIP, mGuardStealthManageNetmask, and mGuardStealthManageGateway objects are activated. When read and one or more of the above mentioned objects have been cached, valuescached(2) is returned, not regarding whether the cached valued and the current value are different." ::= { mGuardStealthIPConfStatic 7 } -- -- HiDiscovery in StealthMode -- mGuardStealthHiDiscoveryRelay OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Relay/bridge HiDiscovery queries when in Stealth Mode." ::= { mGuardStealth 3 } mGuardStealthHiDiscoveryState OBJECT-TYPE SYNTAX INTEGER { readwrite(1), disabled(2), readonly(3) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable HiDiscovery in StealthMode. This is mutually exclusive with the two HiDiscovery router mode settings of course." ::= { mGuardStealth 4 } mGuardStealthL2Filter OBJECT IDENTIFIER ::= { mGuardStealth 5 } -- -- mGuardStealthL2FilterIntern -- mGuardL2FilterInternTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardL2FilterInternEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Table of firewall rules for Layer 2 filtering on internal interface." ::= { mGuardStealthL2Filter 1 } mGuardL2FilterInternEntry OBJECT-TYPE SYNTAX MGuardL2FilterInternEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A single rule for Layer-2 filter in internal interface. " INDEX { mGuardL2FilterInternRuleIndex } ::= { mGuardL2FilterInternTable 1 } MGuardL2FilterInternEntry ::= SEQUENCE { mGuardL2FilterInternRuleIndex INTEGER, mGuardL2FilterInternRowStatus RowStatus, mGuardL2FilterInternSrcMac MacAddress, mGuardL2FilterInternDstMac MacAddress, mGuardL2FilterInternEthType INTEGER, mGuardL2FilterInternTarget INTEGER, mGuardL2FilterInternComment DisplayString } mGuardL2FilterInternRuleIndex OBJECT-TYPE SYNTAX INTEGER (1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Table index." ::= { mGuardL2FilterInternEntry 1 } mGuardL2FilterInternRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "Row Status." ::= { mGuardL2FilterInternEntry 2 } mGuardL2FilterInternSrcMac OBJECT-TYPE SYNTAX MacAddress ACCESS read-write STATUS mandatory DESCRIPTION "Source MAC Address to apply this filter rule for." ::= { mGuardL2FilterInternEntry 3 } mGuardL2FilterInternDstMac OBJECT-TYPE SYNTAX MacAddress ACCESS read-write STATUS mandatory DESCRIPTION "Destination MAC Address to apply this filter rule for." ::= { mGuardL2FilterInternEntry 4 } mGuardL2FilterInternEthType OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Ethernet type to apply this filter rule for." ::= { mGuardL2FilterInternEntry 5 } mGuardL2FilterInternTarget OBJECT-TYPE SYNTAX INTEGER { accept(1), reject(2), drop(3) } ACCESS read-write STATUS mandatory DESCRIPTION "The rule's target" ::= { mGuardL2FilterInternEntry 6 } mGuardL2FilterInternComment OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Comment or name for this rule." ::= { mGuardL2FilterInternEntry 7 } -- -- mGuardStealthL2FilterExtern -- mGuardL2FilterExternTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardL2FilterExternEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "Table of firewall rules for Layer 2 filterin on external interface." ::= { mGuardStealthL2Filter 2 } mGuardL2FilterExternEntry OBJECT-TYPE SYNTAX MGuardL2FilterExternEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A single rule for Layer-2 filter in external interface. " INDEX { mGuardL2FilterExternRuleIndex } ::= { mGuardL2FilterExternTable 1 } MGuardL2FilterExternEntry ::= SEQUENCE { mGuardL2FilterExternRuleIndex INTEGER, mGuardL2FilterExternRowStatus RowStatus, mGuardL2FilterExternSrcMac MacAddress, mGuardL2FilterExternDstMac MacAddress, mGuardL2FilterExternEthType INTEGER, mGuardL2FilterExternTarget INTEGER, mGuardL2FilterExternComment DisplayString } mGuardL2FilterExternRuleIndex OBJECT-TYPE SYNTAX INTEGER (1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Table index." ::= { mGuardL2FilterExternEntry 1 } mGuardL2FilterExternRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "Row Status." ::= { mGuardL2FilterExternEntry 2 } mGuardL2FilterExternSrcMac OBJECT-TYPE SYNTAX MacAddress ACCESS read-write STATUS mandatory DESCRIPTION "Source MAC Address to apply this filter rule for." ::= { mGuardL2FilterExternEntry 3 } mGuardL2FilterExternDstMac OBJECT-TYPE SYNTAX MacAddress ACCESS read-write STATUS mandatory DESCRIPTION "Desitination MAC Address to apply this filter rule for." ::= { mGuardL2FilterExternEntry 4 } mGuardL2FilterExternEthType OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Ethernet type to apply this filter rule for." ::= { mGuardL2FilterExternEntry 5 } mGuardL2FilterExternTarget OBJECT-TYPE SYNTAX INTEGER { accept(1), reject(2), drop(3) } ACCESS read-write STATUS mandatory DESCRIPTION "The rule's target" ::= { mGuardL2FilterExternEntry 6 } mGuardL2FilterExternComment OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Comment or name for this rule." ::= { mGuardL2FilterExternEntry 7 } -- -- mGuardStealthL2Filter fuer spezielle Protokolle -- mGuardStealthL2ForwardGVRP OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable GVRP forwarding in StealthMode." ::= { mGuardStealthL2Filter 3 } mGuardStealthL2ForwardSTP OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable STP forwarding in StealthMode." ::= { mGuardStealthL2Filter 4 } mGuardStealthL2ForwardDHCP OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable DHCP forwarding in StealthMode. This will allow computers on the internal/protected side to receive their configuration via DHCP even if no special DHCP rule is configured in the firewall" ::= { mGuardStealthL2Filter 5 } -- -- Stealth Interface -- mGuardStealthInterface OBJECT IDENTIFIER ::= { mGuardStealth 6 } mGuardStealthMTU OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "MTU to use in Stealth Mode." ::= { mGuardStealthInterface 1 } mGuardStealthVlanMTU OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "MTU to use in Stealth Mode for VLAN packets." ::= { mGuardStealthInterface 2 } mGuardStealthManageUseVLAN OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Use VLAn tagging for the management IP address in Stealth Mode." ::= { mGuardStealthInterface 3 } mGuardStealthManageVLanID OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "VLAN ID for the management IP address in Stealth Mode." ::= { mGuardStealthInterface 4 } -- -- Network Internal IP -- mGuardRouter OBJECT IDENTIFIER ::= { mGuardNetwork 3 } mGuardRouterLocal OBJECT IDENTIFIER ::= { mGuardRouter 1 } mGuardRouterLocalIP OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The internal IP address of this device in router mode. When set, this value is internally cached inside the agent until it is explicitly activated by writing the mGuardRouterLocalActivate object. When read the currently active setting is returned, not regarding any cached values." ::= { mGuardRouterLocal 1 } mGuardRouterLocalNetmask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The internal subnet mask of this device in router mode. When set, this value is internally cached inside the agent until it is explicitly activated by writing the mGuardRouterLocalActivate object. When read the currently active setting is returned, not regarding any cached values." ::= { mGuardRouterLocal 2 } mGuardRouterLocalActivate OBJECT-TYPE SYNTAX INTEGER { activate(1), valuescached(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Button to activate the router local IP configuration. When activate(1) is written, any cached values for the mGuardRouterLocalIP, mGuardRouterLocalNetmask, and mGuardRouterExternStaticGateway objects are activated. When read and one or more of the above mentioned objects have been cached, valuescached(2) is returned, not regarding whether the cached valued and the current value are different." ::= { mGuardRouterLocal 3 } -- -- Network Internal Aliases -- mGuardRouterLocalAliasesTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardRouterLocalAliasesEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing aliases for the local interface." ::= { mGuardRouterLocal 4 } mGuardRouterLocalAliasesEntry OBJECT-TYPE SYNTAX MGuardRouterLocalAliasesEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing a single alias for the local interface." INDEX { mGuardLocalAliasIndex } ::= { mGuardRouterLocalAliasesTable 1 } MGuardRouterLocalAliasesEntry ::= SEQUENCE { mGuardLocalAliasIndex INTEGER, mGuardLocalAliasIpAddress IpAddress, mGuardLocalAliasNetmask IpAddress, mGuardLocalAliasRowStatus RowStatus, mGuardLocalAliasUseVLAN INTEGER, mGuardLocalAliasVLANid INTEGER } mGuardLocalAliasIndex OBJECT-TYPE SYNTAX INTEGER(1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Identifier." ::= { mGuardRouterLocalAliasesEntry 1 } mGuardLocalAliasIpAddress OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "IP address." ::= { mGuardRouterLocalAliasesEntry 2 } mGuardLocalAliasNetmask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Netmask." ::= { mGuardRouterLocalAliasesEntry 3 } mGuardLocalAliasRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardRouterLocalAliasesEntry 4 } mGuardLocalAliasUseVLAN OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Use VLAn tagging with this Alias interface." ::= { mGuardRouterLocalAliasesEntry 5 } mGuardLocalAliasVLANid OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "VLAN ID to be used with this Alias." ::= { mGuardRouterLocalAliasesEntry 6 } -- -- Network Internal Routes -- mGuardLocalRoutesTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardLocalRoutesEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing additional internal routes interface." ::= { mGuardRouterLocal 5 } mGuardLocalRoutesEntry OBJECT-TYPE SYNTAX MGuardLocalRoutesEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing a single internal route." INDEX { mGuardLocalRouteIndex } ::= { mGuardLocalRoutesTable 1 } MGuardLocalRoutesEntry ::= SEQUENCE { mGuardLocalRouteIndex INTEGER, mGuardLocalRouteNetwork DisplayString, mGuardLocalRouteGateway IpAddress, mGuardLocalRouteRowStatus RowStatus } mGuardLocalRouteIndex OBJECT-TYPE SYNTAX INTEGER(1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Identifier." ::= { mGuardLocalRoutesEntry 1 } mGuardLocalRouteNetwork OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Routed network." ::= { mGuardLocalRoutesEntry 2 } mGuardLocalRouteGateway OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Routing gateway." ::= { mGuardLocalRoutesEntry 3 } mGuardLocalRouteRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardLocalRoutesEntry 4 } mGuardRouterLocalDevMTU OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Set the MTU for the local interface. Router-Mode only." ::= { mGuardRouterLocal 6 } mGuardRouterLocalUseVLAN OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Use VLAN for the local interface. Router-Mode only." ::= { mGuardRouterLocal 7 } mGuardRouterLocalVlanId OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "VLAN-ID for the local interface, used only if set to use VLAN. Router-Mode only." ::= { mGuardRouterLocal 8 } mGuardRouterLocalDevVlanMTU OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Set the MTU for the VLAN if enabled on local interface. Router-Mode only." ::= { mGuardRouterLocal 9 } -- -- Network External IP -- mGuardRouterExtern OBJECT IDENTIFIER ::= { mGuardRouter 2 } mGuardRouterExternDHCP OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "When enabled, retrieve the external IP via DHCP, otherwise use the value stored in mGuardRouterExternStaticIP." ::= { mGuardRouterExtern 1 } mGuardRouterExternStatic OBJECT IDENTIFIER ::= { mGuardRouterExtern 2 } mGuardRouterExternStaticIP OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The external IP address of this device in router mode (when statically configured). When set, this value is internally cached inside the agent until it is explicitly activated by writing the mGuardRouterExternStaticActivate object. When read the currently active setting is returned, not regarding any cached values." ::= { mGuardRouterExternStatic 1 } mGuardRouterExternStaticNetmask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The external netmask of this device in router mode (when statically configured). When set, this value is internally cached inside the agent until it is explicitly activated by writing the mGuardRouterExternStaticActivate object. When read the currently active setting is returned, not regarding any cached values." ::= { mGuardRouterExternStatic 2 } mGuardRouterExternStaticGateway OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The (extern) default gateway of this device in router mode (when statically configured). When set, this value is internally cached inside the agent until it is explicitly activated by writing the mGuardRouterExternStaticActivate or mGuardRouterLocalActivate object. When read the currently active setting is returned, not regarding any cached values." ::= { mGuardRouterExternStatic 3 } mGuardRouterExternActivate OBJECT-TYPE SYNTAX INTEGER { activate(1), valuescached(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Button to activate the router extern IP configuration. When activate(1) is written, any cached values for the mGuardRouterExternStaticIP, mGuardRouterExternStaticNetmask, and mGuardRouterExternStaticGateway objects are activated. When read and one or more of the above mentioned objects have been cached, valuescached(2) is returned, not regarding whether the cached valued and the current value are different." ::= { mGuardRouterExternStatic 4 } mGuardRouterExternDevMTU OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Set the MTU for the external interface. Router-Mode only." ::= { mGuardRouterExtern 6 } mGuardRouterExternUseVLAN OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Use VLAN for the external interface. Router-Mode only." ::= { mGuardRouterExtern 7 } mGuardRouterExternVlanId OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "VLAN-ID for the external interface, used only if set to use VLAN. Router-Mode only." ::= { mGuardRouterExtern 8 } mGuardRouterExternDevVlanMTU OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Set the MTU for the VLAN if enabled on external interface. Router-Mode only." ::= { mGuardRouterExtern 9 } -- -- Network External Aliases -- mGuardRouterExternAliasesTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardRouterExternAliasesEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing aliases for the external interface." ::= { mGuardRouterExternStatic 5 } mGuardRouterExternAliasesEntry OBJECT-TYPE SYNTAX MGuardRouterExternAliasesEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing a single alias for the extern interface." INDEX { mGuardExternAliasIndex } ::= { mGuardRouterExternAliasesTable 1 } MGuardRouterExternAliasesEntry ::= SEQUENCE { mGuardExternAliasIndex INTEGER, mGuardExternAliasIpAddress IpAddress, mGuardExternAliasNetmask IpAddress, mGuardExternAliasRowStatus RowStatus, mGuardExternAliasUseVLAN INTEGER, mGuardExternAliasVLANid INTEGER } mGuardExternAliasIndex OBJECT-TYPE SYNTAX INTEGER(1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Identifier." ::= { mGuardRouterExternAliasesEntry 1 } mGuardExternAliasIpAddress OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "IP address." ::= { mGuardRouterExternAliasesEntry 2 } mGuardExternAliasNetmask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Netmask." ::= { mGuardRouterExternAliasesEntry 3 } mGuardExternAliasRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardRouterExternAliasesEntry 4 } mGuardExternAliasUseVLAN OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Use VLAn tagging with this Alias interface." ::= { mGuardRouterExternAliasesEntry 5 } mGuardExternAliasVLANid OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "VLAN ID to be used with this Alias." ::= { mGuardRouterExternAliasesEntry 6 } -- -- Network External Routes -- mGuardExternRoutesTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardExternRoutesEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing additional external routes." ::= { mGuardRouterExternStatic 6 } mGuardExternRoutesEntry OBJECT-TYPE SYNTAX MGuardExternRoutesEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing a single external route." INDEX { mGuardExternRouteIndex } ::= { mGuardExternRoutesTable 1 } MGuardExternRoutesEntry ::= SEQUENCE { mGuardExternRouteIndex INTEGER, mGuardExternRouteNetwork DisplayString, mGuardExternRouteGateway IpAddress, mGuardExternRouteRowStatus RowStatus } mGuardExternRouteIndex OBJECT-TYPE SYNTAX INTEGER(1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Identifier." ::= { mGuardExternRoutesEntry 1 } mGuardExternRouteNetwork OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Routed network." ::= { mGuardExternRoutesEntry 2 } mGuardExternRouteGateway OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Routing gateway." ::= { mGuardExternRoutesEntry 3 } mGuardExternRouteRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardExternRoutesEntry 4 } -- -- HiDiscovery in RouterMode -- mGuardRouterHiDiscovery OBJECT IDENTIFIER ::= { mGuardRouter 3 } mGuardRouterHiDiscoveryIntern OBJECT-TYPE SYNTAX INTEGER { readwrite(1), disabled(2), readonly(3) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable HiDiscovery on internal interface in RouterMode." ::= { mGuardRouterHiDiscovery 1 } mGuardRouterHiDiscoveryExtern OBJECT-TYPE SYNTAX INTEGER { readwrite(1), disabled(2), readonly(3) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable HiDiscovery on external interface in RouterMode." ::= { mGuardRouterHiDiscovery 2 } -- -- Network PPPoE -- mGuardPPPOE OBJECT IDENTIFIER ::= { mGuardNetwork 4 } mGuardPPPOELogin OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "PPPoE login user name." ::= { mGuardPPPOE 1 } mGuardPPPOEPasswd OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "PPPoE login password." ::={ mGuardPPPOE 2 } mGuardPPPOEMSS OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The maximum segment size used for PPPoE" ::={ mGuardPPPOE 3 } mGuardPPPOEServiceName OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS obsolete DESCRIPTION "The service name used for PPPoE, normally not used!" ::={ mGuardPPPOE 4 } mGuardPPPOEAccessConcentName OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS obsolete DESCRIPTION "The access concentrator name used for PPPoE, normally not used!" ::={ mGuardPPPOE 5 } mGuardPPPOEHostUnique OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS obsolete DESCRIPTION "Set 'Host-Unique' tag for discovery, required for operation with several daemons" ::={ mGuardPPPOE 6 } mGuardPPPOEpppdOptionsTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardPPPOEpppdOptionsEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table of options set for the pppd process implementing PPPOE." ::= { mGuardPPPOE 7 } mGuardPPPOEpppdOptionsEntry OBJECT-TYPE SYNTAX MGuardPPPOEpppdOptionsEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A single option set for pppd. " INDEX { mGuardPPPOEpppdOptionsIndex } ::= { mGuardPPPOEpppdOptionsTable 1 } MGuardPPPOEpppdOptionsEntry ::= SEQUENCE { mGuardPPPOEpppdOptionsIndex INTEGER, mGuardPPPOEpppdOptionsValue DisplayString, mGuardPPPOEpppdOptionsRowStatus RowStatus } mGuardPPPOEpppdOptionsIndex OBJECT-TYPE SYNTAX INTEGER (1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Table index." ::= { mGuardPPPOEpppdOptionsEntry 1 } mGuardPPPOEpppdOptionsValue OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The pppd option." ::= { mGuardPPPOEpppdOptionsEntry 2 } mGuardPPPOEpppdOptionsRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "Row Status" ::= { mGuardPPPOEpppdOptionsEntry 3 } -- -- DHCP Server & DHCP Relay -- mGuardDHCP OBJECT IDENTIFIER ::= { mGuardNetwork 5 } mGuardDHCPInt OBJECT IDENTIFIER ::= { mGuardDHCP 1 } mGuardDHCPExt OBJECT IDENTIFIER ::= { mGuardDHCP 2 } -- -- Internal DHCP Server & Relay -- mGuardDHCPIntStart OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2), enabled-relay(3) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable the internal DHCP/DHCP Relay Server ?" ::={ mGuardDHCPInt 1 } -- -- Internal DHCP Server -- mGuardDHCPIntPoolEnable OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable the dynamic DHCP Pool ?" ::={ mGuardDHCPInt 2 } mGuardDHCPIntRangeStart OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Start of ip range provided by the builtin DHCP Server for the internal network." ::={ mGuardDHCPInt 3 } mGuardDHCPIntRangeEnd OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "End of ip range provided by the builtin DHCP Server for the internal network." ::={ mGuardDHCPInt 4 } mGuardDHCPIntNetmask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Netmask provided by the builtin DHCP Server for the internal network." ::={ mGuardDHCPInt 5 } mGuardDHCPIntGateway OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Default gateway provided by the builtin DHCP Server for the internal network." ::={ mGuardDHCPInt 6 } mGuardDHCPIntDnsServer OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "DNS Server provided by the builtin DHCP server." ::={ mGuardDHCPInt 7 } mGuardDHCPIntStaticTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardDHCPIntStaticEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing static MAC-IP address allocations." ::= { mGuardDHCPInt 8 } mGuardDHCPIntStaticEntry OBJECT-TYPE SYNTAX MGuardDHCPIntStaticEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing a single MAC-IP address allocation." INDEX { mGuardDHCPIntStaticIndex } ::= { mGuardDHCPIntStaticTable 1 } MGuardDHCPIntStaticEntry ::= SEQUENCE { mGuardDHCPIntStaticIndex INTEGER, mGuardDHCPIntStaticMAC MacAddress, mGuardDHCPIntStaticIP IpAddress, mGuardDHCPIntStaticRowStatus RowStatus } mGuardDHCPIntStaticIndex OBJECT-TYPE SYNTAX INTEGER (1..250) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify allocation entry." ::= { mGuardDHCPIntStaticEntry 1 } mGuardDHCPIntStaticMAC OBJECT-TYPE SYNTAX MacAddress ACCESS read-write STATUS mandatory DESCRIPTION "The client's MAC address" ::= { mGuardDHCPIntStaticEntry 2 } mGuardDHCPIntStaticIP OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The allocated IP address" ::= { mGuardDHCPIntStaticEntry 3 } mGuardDHCPIntStaticRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardDHCPIntStaticEntry 4 } mGuardDHCPIntBroadcast OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Broadcast address provided by the builtin DHCP server." ::={ mGuardDHCPInt 9 } mGuardDHCPIntWINS OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "WINS provided by the builtin DHCP Server for the internal network." ::={ mGuardDHCPInt 10 } mGuardDHCPIntLeaseTime OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Lifetime for DHCP Leases" ::={ mGuardDHCPInt 11 } -- -- Internal DHCP Relay Server -- mGuardDHCPIntRelayServerTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardDHCPIntRelayServerEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "List of DHCP Servers to relay to." ::= { mGuardDHCPInt 50 } mGuardDHCPIntRelayServerEntry OBJECT-TYPE SYNTAX MGuardDHCPIntRelayServerEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing a DHCP Relay Server IP." INDEX { mGuardDHCPIntRelayServerIndex } ::= { mGuardDHCPIntRelayServerTable 1 } MGuardDHCPIntRelayServerEntry ::= SEQUENCE { mGuardDHCPIntRelayServerIndex INTEGER, mGuardDHCPIntRelayServerIP IpAddress, mGuardDHCPIntRelayRowStatus RowStatus } mGuardDHCPIntRelayServerIndex OBJECT-TYPE SYNTAX INTEGER (1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify relay server entry." ::= { mGuardDHCPIntRelayServerEntry 1 } mGuardDHCPIntRelayServerIP OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The allocated IP address" ::= { mGuardDHCPIntRelayServerEntry 2 } mGuardDHCPIntRelayRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardDHCPIntRelayServerEntry 10 } mGuardDHCPIntRelayMaxHop OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Maximal number of Hops when relaying." ::={ mGuardDHCPInt 51 } mGuardDHCPIntRelayAppend OBJECT-TYPE SYNTAX TruthValue ACCESS read-write STATUS mandatory DESCRIPTION "Whether to append DHCP Relay Agent Information." ::={ mGuardDHCPInt 52 } mGuardDHCPIntRelayAppendLimit OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "When appending DHCP Relay Agent Information would exceed this limit, it is not appended." ::={ mGuardDHCPInt 53 } mGuardDHCPIntRelayCircuitInfo OBJECT-TYPE SYNTAX INTEGER { none(1), if-idx(2), if-name(3), if-mac(4), if-ip(5), sysname(6), text(7), if-prefixed-ip(8), rs2(9) } ACCESS read-write STATUS mandatory DESCRIPTION "What to append as Circuit ID: none: no Cicuit ID if-idx: the system interface index (1 octet) if-name: the systems interface name (ascii) if-mac: the MAC address (6 octets) if-ip: the IP address (4 octets) sysname: the systems hostname text: a text defined in mGuardDHCPIntRelayCircuitText.0 if-prefixed-ip: prefix IP with 0xA1 Sub Remote ID (2+4 octets) rs2: Hirschmann RS2 Sub Circuit Information" ::={ mGuardDHCPInt 54 } mGuardDHCPIntRelayCircuitText OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Text in case mGuardDHCPIntRelayCircuitInfo.0 is set to text(7)." ::= { mGuardDHCPInt 55 } mGuardDHCPIntRelayRemoteInfo OBJECT-TYPE SYNTAX INTEGER { none(1), if-idx(2), if-name(3), if-mac(4), if-ip(5), sysname(6), text(7), if-prefixed-ip(8), rs2(9) } ACCESS read-write STATUS mandatory DESCRIPTION "What to append as Remote ID: none: no Cicuit ID if-idx: the system interface index (1 octet) if-name: the systems interface name (ascii) if-mac: the MAC address (6 octets) if-ip: the IP address (4 octets) sysname: the systems hostname text: a text defined in mGuardDHCPIntRelayRemoteText.0 if-prefixed-ip: prefix IP with 0xA1 Sub Remote ID (2+4 octets) rs2: Hirschmann RS2 Sub Circuit Information" ::={ mGuardDHCPInt 56 } mGuardDHCPIntRelayRemoteText OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Text in case mGuardDHCPIntRelayRemoteInfo.0 is set to text(7)." ::= { mGuardDHCPInt 57 } -- -- External DHCP Server & Relay -- mGuardDHCPExtStart OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2), enabled-relay(3) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable the external DHCP/DHCP Relay Server ?" ::={ mGuardDHCPExt 1 } -- -- External DHCP Server -- mGuardDHCPExtPoolEnable OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable the dynamic DHCP Pool ?" ::={ mGuardDHCPExt 2 } mGuardDHCPExtRangeStart OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Start of ip range provided by the builtin DHCP Server for the external network." ::={ mGuardDHCPExt 3 } mGuardDHCPExtRangeEnd OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "End of ip range provided by the builtin DHCP Server for the external network." ::={ mGuardDHCPExt 4 } mGuardDHCPExtNetmask OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Netmask provided by the builtin DHCP Server for the external network." ::={ mGuardDHCPExt 5 } mGuardDHCPExtGateway OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Default gateway provided by the builtin DHCP Server for the external network." ::={ mGuardDHCPExt 6 } mGuardDHCPExtDnsServer OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "DNS Server provided by the builtin DHCP server." ::={ mGuardDHCPExt 7 } mGuardDHCPExtStaticTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardDHCPExtStaticEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing static MAC-IP address allocations." ::= { mGuardDHCPExt 8 } mGuardDHCPExtStaticEntry OBJECT-TYPE SYNTAX MGuardDHCPExtStaticEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing a single MAC-IP address allocation." INDEX { mGuardDHCPExtStaticIndex } ::= { mGuardDHCPExtStaticTable 1 } MGuardDHCPExtStaticEntry ::= SEQUENCE { mGuardDHCPExtStaticIndex INTEGER, mGuardDHCPExtStaticMAC MacAddress, mGuardDHCPExtStaticIP IpAddress, mGuardDHCPExtStaticRowStatus RowStatus } mGuardDHCPExtStaticIndex OBJECT-TYPE SYNTAX INTEGER (1..250) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify allocation entry." ::= { mGuardDHCPExtStaticEntry 1 } mGuardDHCPExtStaticMAC OBJECT-TYPE SYNTAX MacAddress ACCESS read-write STATUS mandatory DESCRIPTION "The client's MAC address" ::= { mGuardDHCPExtStaticEntry 2 } mGuardDHCPExtStaticIP OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The allocated IP address" ::= { mGuardDHCPExtStaticEntry 3 } mGuardDHCPExtStaticRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardDHCPExtStaticEntry 4 } mGuardDHCPExtBroadcast OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Broadcast address provided by the builtin DHCP server." ::={ mGuardDHCPExt 9 } mGuardDHCPExtWINS OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "WINS provided by the builtin DHCP Server for the external network." ::={ mGuardDHCPExt 10 } mGuardDHCPExtLeaseTime OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Lifetime for DHCP Leases" ::={ mGuardDHCPExt 11 } -- -- External DHCP Relay Server -- mGuardDHCPExtRelayServerTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardDHCPExtRelayServerEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "List of DHCP Servers to relay to." ::= { mGuardDHCPExt 50 } mGuardDHCPExtRelayServerEntry OBJECT-TYPE SYNTAX MGuardDHCPExtRelayServerEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing a DHCP Relay Server IP." INDEX { mGuardDHCPExtRelayServerIndex } ::= { mGuardDHCPExtRelayServerTable 1 } MGuardDHCPExtRelayServerEntry ::= SEQUENCE { mGuardDHCPExtRelayServerIndex INTEGER, mGuardDHCPExtRelayServerIP IpAddress, mGuardDHCPExtRelayRowStatus RowStatus } mGuardDHCPExtRelayServerIndex OBJECT-TYPE SYNTAX INTEGER (1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify relay server entry." ::= { mGuardDHCPExtRelayServerEntry 1 } mGuardDHCPExtRelayServerIP OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The allocated IP address" ::= { mGuardDHCPExtRelayServerEntry 2 } mGuardDHCPExtRelayRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardDHCPExtRelayServerEntry 10 } mGuardDHCPExtRelayMaxHop OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Maximal number of Hops when relaying." ::={ mGuardDHCPExt 51 } mGuardDHCPExtRelayAppend OBJECT-TYPE SYNTAX TruthValue ACCESS read-write STATUS mandatory DESCRIPTION "Whether to append DHCP Relay Agent Information." ::={ mGuardDHCPExt 52 } mGuardDHCPExtRelayAppendLimit OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "When appending DHCP Relay Agent Information would exceed this limit, it is not appended." ::={ mGuardDHCPExt 53 } mGuardDHCPExtRelayCircuitInfo OBJECT-TYPE SYNTAX INTEGER { none(1), if-idx(2), if-name(3), if-mac(4), if-ip(5), sysname(6), text(7), if-prefixed-ip(8), rs2(9) } ACCESS read-write STATUS mandatory DESCRIPTION "What to append as Circuit ID: none: no Cicuit ID if-idx: the system interface index (1 octet) if-name: the systems interface name (ascii) if-mac: the MAC address (6 octets) if-ip: the IP address (4 octets) sysname: the systems hostname text: a text defined in mGuardDHCPExtRelayCircuitText.0 if-prefixed-ip: prefix IP with 0xA1 Sub Remote ID (2+4 octets) rs2: Hirschmann RS2 Sub Circuit Information" ::={ mGuardDHCPExt 54 } mGuardDHCPExtRelayCircuitText OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Text in case mGuardDHCPExtRelayCircuitInfo.0 is set to text(7)." ::= { mGuardDHCPExt 55 } mGuardDHCPExtRelayRemoteInfo OBJECT-TYPE SYNTAX INTEGER { none(1), if-idx(2), if-name(3), if-mac(4), if-ip(5), sysname(6), text(7), if-prefixed-ip(8), rs2(9) } ACCESS read-write STATUS mandatory DESCRIPTION "What to append as Remote ID: none: no Cicuit ID if-idx: the system interface index (1 octet) if-name: the systems interface name (ascii) if-mac: the MAC address (6 octets) if-ip: the IP address (4 octets) sysname: the systems hostname text: a text defined in mGuardDHCPExtRelayRemoteText.0 if-prefixed-ip: prefix IP with 0xA1 Sub Remote ID (2+4 octets) rs2: Hirschmann RS2 Sub Circuit Information" ::={ mGuardDHCPExt 56 } mGuardDHCPExtRelayRemoteText OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Text in case mGuardDHCPExtRelayRemoteInfo.0 is set to text(7)." ::= { mGuardDHCPExt 57 } -- -- Network DNS -- mGuardDNS OBJECT IDENTIFIER ::= { mGuardNetwork 6 } mGuardDNSSearchPath OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Domain search path." ::= { mGuardDNS 1 } mGuardDNSServerType OBJECT-TYPE SYNTAX INTEGER { root(1), provider(2), user(3) } ACCESS read-write STATUS mandatory DESCRIPTION "Type of DNS Servers to query: root: DNS root servers provider: Provider defined DNS Servers (via DHCP,PPPOE) user: User defined DNS Servers" ::={ mGuardDNS 2 } mGuardDNSUserDefinedServerTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardDNSUserDefinedServerEntry ACCESS not-accessible STATUS mandatory DESCRIPTION " A table containing user defined DNS Servers" ::={ mGuardDNS 3 } mGuardDNSUserDefinedServerEntry OBJECT-TYPE SYNTAX MGuardDNSUserDefinedServerEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A mGuardDNSServer entry." INDEX { mGuarddnsServerIndex } ::={ mGuardDNSUserDefinedServerTable 1 } MGuardDNSUserDefinedServerEntry ::= SEQUENCE { mGuarddnsServerIndex INTEGER, mGuarddnsServerIP IpAddress, mGuarddnsServerRowStatus RowStatus } mGuarddnsServerIndex OBJECT-TYPE SYNTAX INTEGER (1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify DNS Server entry." ::= { mGuardDNSUserDefinedServerEntry 1 } mGuarddnsServerIP OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "DNS Server IP address." ::= { mGuardDNSUserDefinedServerEntry 2 } mGuarddnsServerRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardDNSUserDefinedServerEntry 3 } mGuardDNSCacheEnabled OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable or disable built-in DNS cache feature" ::= { mGuardDNS 4 } -- -- NetworkStatus -- mGuardNetworkStatus OBJECT IDENTIFIER ::= { mGuardNetwork 7 } mGuardNetworkStatMode OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "Current network mode of this device." ::= { mGuardNetworkStatus 1 } mGuardNetworkStatExtIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "external IP address of this device." ::= { mGuardNetworkStatus 2 } mGuardNetworkStatGateway OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "Default gateway via the external IP address." ::= { mGuardNetworkStatus 3 } mGuardNetworkStatVPN OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "Statistics about the VPN connections (total/used/up)." ::= { mGuardNetworkStatus 4 } mGuardNetworkStatDynIPReg OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "Statistics about VPN DynIP registration." ::= { mGuardNetworkStatus 5 } mGuardNetworkStatHTTPSRemAccess OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "Status of HTTPS remote access (yes/no)." ::= { mGuardNetworkStatus 6 } mGuardNetworkStatSSHRemoteAccess OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "Status of SSH remote access (yes/no)." ::= { mGuardNetworkStatus 7 } mGuardNetworkSoftwareVersion OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "Current software version." ::= { mGuardNetworkStatus 8 } mGuardNetworkStatUptime OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "Uptime." ::= { mGuardNetworkStatus 9 } mGuardNetworkStatLanguage OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "GAI Language." ::= { mGuardNetworkStatus 10 } -- -- Network Hostname -- mGuardHostname OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The hostname of this system" ::= { mGuardNetwork 8 } mGuardHostnameMode OBJECT-TYPE SYNTAX INTEGER { userDefined(1), providerDefined(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Hostname mode: 1: defined by mGuardHostname, 2: provider defined (e.g. DHCP) " ::= { mGuardNetwork 9 } -- -- Network PPTP -- mGuardPPTP OBJECT IDENTIFIER ::= { mGuardNetwork 10 } mGuardPPTPLogin OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "PPTP login" ::= { mGuardPPTP 1 } mGuardPPTPassword OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "PPTP password" ::= { mGuardPPTP 2 } mGuardPPTPLocalIPMode OBJECT-TYPE SYNTAX INTEGER { static(1), dhcp(2) } ACCESS read-write STATUS mandatory DESCRIPTION "When set to static will use the value from mGuardPPTPLocalIP on it external interface connecting to the PPTP server/modem. Otherwise it it use DHCP." ::= { mGuardPPTP 3 } mGuardPPTPLocalIP OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The external IP of this system when connecting to the PPTP server/modem when mGuardPPTPLocalIPMode is set to static." ::= { mGuardPPTP 4 } mGuardPPTPModemIP OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "The IP of the PPTP server/modem." ::= { mGuardPPTP 5 } mGuardPPTPpppdOptionsTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardPPTPpppdOptionsEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table of options set for the pppd process implementing PPTP." ::= { mGuardPPTP 6 } mGuardPPTPpppdOptionsEntry OBJECT-TYPE SYNTAX MGuardPPTPpppdOptionsEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A single option set for pppd. " INDEX { mGuardPPTPpppdOptionsIndex } ::= { mGuardPPTPpppdOptionsTable 1 } MGuardPPTPpppdOptionsEntry ::= SEQUENCE { mGuardPPTPpppdOptionsIndex INTEGER, mGuardPPTPpppdOptionsValue DisplayString, mGuardPPTPpppdOptionsRowStatus RowStatus } mGuardPPTPpppdOptionsIndex OBJECT-TYPE SYNTAX INTEGER (1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Table index." ::= { mGuardPPTPpppdOptionsEntry 1 } mGuardPPTPpppdOptionsValue OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The pppd option." ::= { mGuardPPTPpppdOptionsEntry 2 } mGuardPPTPpppdOptionsRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "Row Status" ::= { mGuardPPTPpppdOptionsEntry 3 } -- -- mGuardSerial -- mGuardSerial OBJECT IDENTIFIER ::= { mGuardNetwork 11 } mGuardSerialBaud OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Baudrate for the serial line. Possible values are 9600, 19200, 38400, 57600" ::= { mGuardSerial 1 } mGuardSerialHWHandshakeEnable OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable hardware handshake" ::= { mGuardSerial 2 } -- Serial PPP Options mGuardSerialPPP OBJECT IDENTIFIER ::= { mGuardSerial 3 } mGuardSerialPPPEnable OBJECT-TYPE SYNTAX INTEGER { enabled(1), disabled(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Enable PPP" ::= { mGuardSerialPPP 1 } mGuardSerialPPPLogin OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Login for Serial PPP." ::= { mGuardSerialPPP 2 } mGuardSerialPPPPasswd OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Password for Serial PPP." ::= { mGuardSerialPPP 3 } mGuardSerialPPPLocalIP OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Local IP address for PPP." ::= { mGuardSerialPPP 4 } mGuardSerialPPPRemoteIP OBJECT-TYPE SYNTAX IpAddress ACCESS read-write STATUS mandatory DESCRIPTION "Remote IP address for PPP." ::= { mGuardSerialPPP 5 } -- Serial PPP Incoming Firewall mGuardSerialPPPFWIN OBJECT IDENTIFIER ::= { mGuardSerialPPP 6 } mGuardSerialPPPFWINTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardSerialPPPFWINEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing firewall rules for incoming packets." ::= { mGuardSerialPPPFWIN 1 } mGuardSerialPPPFWINEntry OBJECT-TYPE SYNTAX MGuardSerialPPPFWINEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing data of a single rule." INDEX { mGuardSerialPPPFWINruleIndex } ::= { mGuardSerialPPPFWINTable 1 } MGuardSerialPPPFWINEntry ::= SEQUENCE { mGuardSerialPPPFWINruleIndex INTEGER, mGuardSerialPPPFWINsourceIP DisplayString, mGuardSerialPPPFWINdestinationIP DisplayString, mGuardSerialPPPFWINsport DisplayString, mGuardSerialPPPFWINdport DisplayString, mGuardSerialPPPFWINtarget INTEGER, mGuardSerialPPPFWINproto INTEGER, mGuardSerialPPPFWINlog INTEGER, mGuardSerialPPPFWINRowStatus RowStatus, mGuardSerialPPPFWINcomment DisplayString } mGuardSerialPPPFWINruleIndex OBJECT-TYPE SYNTAX INTEGER (1..250) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the rule." ::= { mGuardSerialPPPFWINEntry 1 } mGuardSerialPPPFWINsourceIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address" ::= { mGuardSerialPPPFWINEntry 2 } mGuardSerialPPPFWINdestinationIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address" ::= { mGuardSerialPPPFWINEntry 3 } mGuardSerialPPPFWINsport OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source port" ::= { mGuardSerialPPPFWINEntry 4 } mGuardSerialPPPFWINdport OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's destination port" ::= { mGuardSerialPPPFWINEntry 5 } mGuardSerialPPPFWINtarget OBJECT-TYPE SYNTAX INTEGER { accept(1), reject(2), drop(3) } ACCESS read-write STATUS mandatory DESCRIPTION "The rule's target" ::= { mGuardSerialPPPFWINEntry 6 } mGuardSerialPPPFWINproto OBJECT-TYPE SYNTAX INTEGER { tcp(1), udp(2), icmp(3), all(4) } ACCESS read-write STATUS mandatory DESCRIPTION "The rule's protocol" ::= { mGuardSerialPPPFWINEntry 7 } mGuardSerialPPPFWINlog OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Log packets matching this rule ?" ::= { mGuardSerialPPPFWINEntry 8 } mGuardSerialPPPFWINRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardSerialPPPFWINEntry 9 } mGuardSerialPPPFWINcomment OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Commentary or name for this rule." ::= { mGuardSerialPPPFWINEntry 10 } mGuardSerialPPPFWINLogDefault OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Log entries for undefined incoming connection attempts?" ::= { mGuardSerialPPPFWIN 2 } -- Serial PPP Outgoing Firewall mGuardSerialPPPFWOUT OBJECT IDENTIFIER ::= { mGuardSerialPPP 7 } mGuardSerialPPPFWOUTTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardSerialPPPFWOUTEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing firewall rules for incoming packets." ::= { mGuardSerialPPPFWOUT 1 } mGuardSerialPPPFWOUTEntry OBJECT-TYPE SYNTAX MGuardSerialPPPFWOUTEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing data of a single rule." INDEX { mGuardSerialPPPFWOUTruleIndex } ::= { mGuardSerialPPPFWOUTTable 1 } MGuardSerialPPPFWOUTEntry ::= SEQUENCE { mGuardSerialPPPFWOUTruleIndex INTEGER, mGuardSerialPPPFWOUTsourceIP DisplayString, mGuardSerialPPPFWOUTtargetIP DisplayString, mGuardSerialPPPFWOUTsport DisplayString, mGuardSerialPPPFWOUTdport DisplayString, mGuardSerialPPPFWOUTtarget INTEGER, mGuardSerialPPPFWOUTproto INTEGER, mGuardSerialPPPFWOUTlog INTEGER, mGuardSerialPPPFWOUTRowStatus RowStatus, mGuardSerialPPPFWOUTcomment DisplayString } mGuardSerialPPPFWOUTruleIndex OBJECT-TYPE SYNTAX INTEGER (1..250) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify the rule." ::= { mGuardSerialPPPFWOUTEntry 1 } mGuardSerialPPPFWOUTsourceIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address" ::= { mGuardSerialPPPFWOUTEntry 2 } mGuardSerialPPPFWOUTtargetIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address" ::= { mGuardSerialPPPFWOUTEntry 3 } mGuardSerialPPPFWOUTsport OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source port" ::= { mGuardSerialPPPFWOUTEntry 4 } mGuardSerialPPPFWOUTdport OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's destination port" ::= { mGuardSerialPPPFWOUTEntry 5 } mGuardSerialPPPFWOUTtarget OBJECT-TYPE SYNTAX INTEGER { accept(1), reject(2), drop(3) } ACCESS read-write STATUS mandatory DESCRIPTION "The rule's target" ::= { mGuardSerialPPPFWOUTEntry 6 } mGuardSerialPPPFWOUTproto OBJECT-TYPE SYNTAX INTEGER { tcp(1), udp(2), icmp(3), all(4) } ACCESS read-write STATUS mandatory DESCRIPTION "The rule's protocol" ::= { mGuardSerialPPPFWOUTEntry 7 } mGuardSerialPPPFWOUTlog OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Log packets matching this rule ?" ::= { mGuardSerialPPPFWOUTEntry 8 } mGuardSerialPPPFWOUTRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardSerialPPPFWOUTEntry 9 } mGuardSerialPPPFWOUTcomment OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Commentary or name for this rule." ::= { mGuardSerialPPPFWOUTEntry 10 } mGuardSerialPPPFWOUTLogDefault OBJECT-TYPE SYNTAX INTEGER{ yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION "Log entries for unknown outgoing connection attempts?" ::= { mGuardSerialPPPFWOUT 2 } -- -- ARP Timeout -- mGuardArpTimeout OBJECT-TYPE SYNTAX INTEGER ACCESS read-write STATUS mandatory DESCRIPTION "Global ARP timeout in seconds." ::= { mGuardNetwork 12 } -- -- Passwords -- mGuardPasswords OBJECT IDENTIFIER ::= { mGuardSystem 1 } mGuardRootPassword OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Changes the password for the user root has access to all system resources. Change by setting: " ::= { mGuardPasswords 1 } mGuardAdminPassword OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Changes the password for the user admin who can modify the system configuration, install software updates and initiate a system reboot." ::= { mGuardPasswords 2 } mGuardUserPassword OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Changes the password for the user 'user', who can be used to avoid automatic start of the VPN. This feature is intended to be used in road warrior scenarios." ::= { mGuardPasswords 3 } mGuardUserPwdEnable OBJECT-TYPE SYNTAX TruthValue ACCESS read-write STATUS mandatory DESCRIPTION "Disable VPN until the user is authentified via HTTP? yes, no" ::= { mGuardPasswords 4 } mGuardNetadminPassword OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Changes the password for the user 'netadmin', who can view the systems configuration and modify parts of the configuration when the appropriate access right have been given by user 'admin' or 'root'." ::= { mGuardPasswords 5 } mGuardAuditPassword OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Changes the password for the user 'audit', who can only view the systems configuration." ::= { mGuardPasswords 6 } -- -- HTTPS Remote Access -- mGuardHTTPSRemoteAccess OBJECT IDENTIFIER ::= { mGuardSystem 2 } mGuardHTTPSRemoteEnable OBJECT-TYPE SYNTAX TruthValue ACCESS read-write STATUS mandatory DESCRIPTION " Value to control HTTPS remote access: yes: enabled no: disabled" ::= { mGuardHTTPSRemoteAccess 1 } mGuardHTTPSRemotePort OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Port for HTTPS remote Access (regularly 443), service names allowed." ::= { mGuardHTTPSRemoteAccess 2 } mGuardHTTPSRemoteFWRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardHTTPSRemoteFWRuleEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing firewall rules to allow HTTPS remote access." ::= { mGuardHTTPSRemoteAccess 3 } mGuardHTTPSRemoteFWRuleEntry OBJECT-TYPE SYNTAX MGuardHTTPSRemoteFWRuleEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing a single firewall rule to allow HTTPS remote access." INDEX { mGuardHTTPSFWruleIndex } ::= { mGuardHTTPSRemoteFWRuleTable 1 } MGuardHTTPSRemoteFWRuleEntry ::= SEQUENCE { mGuardHTTPSFWruleIndex INTEGER, mGuardHTTPSFWsourceIP DisplayString, mGuardHTTPSFWinterface INTEGER, mGuardHTTPSFWtarget INTEGER, mGuardHTTPSFWlog INTEGER, mGuardHTTPSFWRowStatus RowStatus, mGuardHTTPSFWcomment DisplayString, mGuardHTTPSFWfromMAC MacAddress } mGuardHTTPSFWruleIndex OBJECT-TYPE SYNTAX INTEGER (1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify rule." ::= { mGuardHTTPSRemoteFWRuleEntry 1 } mGuardHTTPSFWsourceIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address " ::= { mGuardHTTPSRemoteFWRuleEntry 2 } mGuardHTTPSFWinterface OBJECT-TYPE SYNTAX INTEGER { extern(1), intern(2) } ACCESS read-write STATUS mandatory DESCRIPTION "The network interface the rule belongs to (extern/intern)." ::= { mGuardHTTPSRemoteFWRuleEntry 3 } mGuardHTTPSFWtarget OBJECT-TYPE SYNTAX INTEGER { accept(1), reject(2), drop(3) } ACCESS read-write STATUS mandatory DESCRIPTION "The target of the rule (accept,reject,drop)." ::= { mGuardHTTPSRemoteFWRuleEntry 4 } mGuardHTTPSFWlog OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION " Log packets matching this rule ?" ::= { mGuardHTTPSRemoteFWRuleEntry 5 } mGuardHTTPSFWRowStatus OBJECT-TYPE SYNTAX RowStatus ACCESS read-write STATUS mandatory DESCRIPTION "RowStatus" ::= { mGuardHTTPSRemoteFWRuleEntry 6 } mGuardHTTPSFWcomment OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Commentary or name for this rule." ::= { mGuardHTTPSRemoteFWRuleEntry 7 } mGuardHTTPSFWfromMAC OBJECT-TYPE SYNTAX MacAddress ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source MAC address." ::= { mGuardHTTPSRemoteFWRuleEntry 8 } mGuardHTTPSRemoteUUID OBJECT-TYPE SYNTAX DisplayString ACCESS read-only STATUS mandatory DESCRIPTION "Universally Unique IDentifier (UUID, RFC 4122) used for mGuardHTTPSRemoteFWRuleTable logging." ::= { mGuardHTTPSRemoteAccess 4 } -- -- SSH Remote Access -- mGuardSSHRemoteAccess OBJECT IDENTIFIER ::= { mGuardSystem 3 } mGuardSSHRemoteEnable OBJECT-TYPE SYNTAX TruthValue ACCESS read-write STATUS mandatory DESCRIPTION " Value to control SSH remote access: yes: enabled no: disabled" ::= { mGuardSSHRemoteAccess 1 } mGuardSSHRemotePort OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "Port for SSH remote Access (regularly 22), service names allowed." ::= { mGuardSSHRemoteAccess 2 } mGuardSSHRemoteFWRuleTable OBJECT-TYPE SYNTAX SEQUENCE OF MGuardSSHRemoteFWRuleEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "A table containing firewall rules to allow SSH remote access." ::= { mGuardSSHRemoteAccess 3 } mGuardSSHRemoteFWRuleEntry OBJECT-TYPE SYNTAX MGuardSSHRemoteFWRuleEntry ACCESS not-accessible STATUS mandatory DESCRIPTION "An entry containing a single firewall rule to allow SSH remote access." INDEX { mGuardSSHFWruleIndex } ::= { mGuardSSHRemoteFWRuleTable 1 } MGuardSSHRemoteFWRuleEntry ::= SEQUENCE { mGuardSSHFWruleIndex INTEGER, mGuardSSHFWsourceIP DisplayString, mGuardSSHFWinterface INTEGER, mGuardSSHFWtarget INTEGER, mGuardSSHFWlog INTEGER, mGuardSSHFWRowStatus RowStatus, mGuardSSHFWcomment DisplayString, mGuardSSHFWfromMAC MacAddress } mGuardSSHFWruleIndex OBJECT-TYPE SYNTAX INTEGER (1..100) ACCESS not-accessible STATUS mandatory DESCRIPTION "Index to identify rule." ::= { mGuardSSHRemoteFWRuleEntry 1 } mGuardSSHFWsourceIP OBJECT-TYPE SYNTAX DisplayString ACCESS read-write STATUS mandatory DESCRIPTION "The rule's source IP address " ::= { mGuardSSHRemoteFWRuleEntry 2 } mGuardSSHFWinterface OBJECT-TYPE SYNTAX INTEGER { extern(1), intern(2) } ACCESS read-write STATUS mandatory DESCRIPTION "The network interface the rule belongs to (extern/intern)." ::= { mGuardSSHRemoteFWRuleEntry 3 } mGuardSSHFWtarget OBJECT-TYPE SYNTAX INTEGER { accept(1), reject(2), drop(3) } ACCESS read-write STATUS mandatory DESCRIPTION "The target of the rule (accept/reject/drop)." ::= { mGuardSSHRemoteFWRuleEntry 4 } mGuardSSHFWlog OBJECT-TYPE SYNTAX INTEGER { yes(1), no(2) } ACCESS read-write STATUS mandatory DESCRIPTION " Log packets matching this rule ?" ::= { mGuardSSHRemoteFWRuleEntry 5 } mGuardSSHFWRowStatus OBJECT-TYPE S