Notifications emitted by Nortel Networks wireless switches.
AP = Access Point;
AC = Access Controller (wireless switch),
the device that runs a SNMP Agent implementing this MIB.
Copyright 2008 Nortel Networks.
All rights reserved.
This Nortel Networks SNMP Management Information Base Specification
(Specification) embodies Nortel Networks' confidential and
proprietary intellectual property.
This Specification is supplied 'AS IS' and Nortel Networks
makes no warranty, either express or implied, as to the use,
operation, condition, or performance of the Specification.
This trap is sent when RF detection sweep finds a ad-hoc user.
ntwsRFDetectXmtrMacAddr is the MAC address of the ad-hoc user.
ntwsRFDetectListenerListInfo is a display string of a list of
listener information.
ntwsRFDetectRogueDisappearTrap
.1.3.6.1.4.1.45.6.1.5.0.11
This trap is sent when a rogue has disappeared.
Obsoleted by ntwsRFDetectRogueDeviceDisappearTrap.
ntwsClientAuthenticationFailureTrap
.1.3.6.1.4.1.45.6.1.5.0.12
This trap is sent if a client authentication fails.
ntwsClientAuthorizationFailureTrap
.1.3.6.1.4.1.45.6.1.5.0.13
This trap is sent if a client authorization fails.
ntwsClientAssociationFailureTrap
.1.3.6.1.4.1.45.6.1.5.0.14
This trap is sent if a client association fails.
ntwsClientAuthorizationSuccessTrap
.1.3.6.1.4.1.45.6.1.5.0.15
This trap is sent when a client authorizes.
Obsoleted by ntwsClientAuthorizationSuccessTrap4.
ntwsClientDeAssociationTrap
.1.3.6.1.4.1.45.6.1.5.0.16
This trap is sent if a client de-association occurred.
ntwsClientRoamingTrap
.1.3.6.1.4.1.45.6.1.5.0.17
This trap is sent if a client roams from one location to another.
ntwsAutoTuneRadioPowerChangeTrap
.1.3.6.1.4.1.45.6.1.5.0.18
This trap is sent if a radio's power level has changed based
on auto-tune.
ntwsAutoTuneRadioChannelChangeTrap
.1.3.6.1.4.1.45.6.1.5.0.19
This trap is sent if a radio's channel has changed based on auto-tune.
ntwsDeviceOkayTrap
.1.3.6.1.4.1.45.6.1.5.0.2
The device has recovered
ntwsCounterMeasureStartTrap
.1.3.6.1.4.1.45.6.1.5.0.20
This trap is sent when counter measures are started against a rogue.
ntwsRFDetectXmtrMacAddr is the mac address of the rogue we
are doing counter measures against.
ntwsRadioMACAddress identifies the radio performing the countermeasures.
ntwsCounterMeasureStopTrap
.1.3.6.1.4.1.45.6.1.5.0.21
This trap is sent when counter measures are stopped against a rogue.
ntwsRFDetectXmtrMacAddr is the mac address of the rogue we
were doing counter measures against.
ntwsRadioMACAddress identifies the radio performing the countermeasures.
ntwsClientDot1xFailureTrap
.1.3.6.1.4.1.45.6.1.5.0.22
This trap is sent if a client failed 802.1X.
ntwsClientClearedTrap
.1.3.6.1.4.1.45.6.1.5.0.23
This trap is sent when a client session is cleared.
Obsoleted by ntwsClientClearedTrap2.
ntwsClientAuthorizationSuccessTrap2
.1.3.6.1.4.1.45.6.1.5.0.24
This trap is sent when a client authorizes.
Obsoleted by ntwsClientAuthorizationSuccessTrap4.
ntwsRFDetectSpoofedMacAPTrap
.1.3.6.1.4.1.45.6.1.5.0.25
This trap is sent when RF detection finds an AP using
the MAC of the listener.
ntwsRFDetectXmtrMacAddr is the radio MAC address from the beacon.
ntwsRFDetectListenerListInfo is a display string of a list of
listener information.
Obsoleted by ntwsRFDetectDoSTrap and ntwsRFDetectRogueDeviceTrap2.
One of the two traps will be sent depending on the type of
AP MAC spoofing detected.
ntwsRFDetectSpoofedSsidAPTrap
.1.3.6.1.4.1.45.6.1.5.0.26
This trap is sent when RF detection finds an AP using
the SSID of the listener, and the AP is not in the
mobility domain.
ntwsRFDetectXmtrMacAddr is the radio MAC address from the beacon.
ntwsRFDetectListenerListInfo is a display string of a list of
listener information.
Obsoleted by ntwsRFDetectRogueDeviceTrap2
and ntwsRFDetectSuspectDeviceTrap2.
One of the two traps will be sent,
depending on RF detection classification rules.
ntwsRFDetectDoSTrap
.1.3.6.1.4.1.45.6.1.5.0.27
This trap is sent when RF detection finds a denial
of service (DoS) occurring.
ntwsRFDetectDoSType specifies the type of DoS.
ntwsRFDetectXmtrMacAddr is the radio MAC address from the beacon.
ntwsRFDetectListenerListInfo is a display string of a list of
listener information.
ntwsRFDetectClientViaRogueWiredAPTrap
.1.3.6.1.4.1.45.6.1.5.0.28
This trap is sent when a client is detected that connected
via a rogue AP that is attached to a wired port.
ntwsSourceWsIp is the IP address of the AC (switch) with the wired port.
ntwsPortNum is the port on the AC.
ntwsClientVLANid is the VLAN ID of the client's traffic.
ntwsClientVLANtag is the VLAN tag of the client's traffic.
ntwsRFDetectXmtrMacAddr is the MAC address of the client.
ntwsRFDetectListenerListInfo is a display string of a list of
listener information.
Obsoleted by ntwsRFDetectClientViaRogueWiredAPTrap3.
ntwsRFDetectInterferingRogueAPTrap
.1.3.6.1.4.1.45.6.1.5.0.29
This trap is sent when RF detection finds an interfering
rogue AP.
ntwsRFDetectXmtrMacAddr is the radio MAC address from the beacon.
ntwsRFDetectListenerListInfo is a display string of a list of
listener information.
Obsoleted by ntwsRFDetectSuspectDeviceTrap2.
ntwsPoEFailTrap
.1.3.6.1.4.1.45.6.1.5.0.3
PoE has failed on the indicated port
ntwsRFDetectInterferingRogueDisappearTrap
.1.3.6.1.4.1.45.6.1.5.0.30
This trap is sent when an interfering rogue has disappeared.
ntwsRFDetectXmtrMacAddr is the radio MAC address from the beacon.
Obsoleted by ntwsRFDetectSuspectDeviceDisappearTrap.
ntwsRFDetectUnAuthorizedSsidTrap
.1.3.6.1.4.1.45.6.1.5.0.31
This trap is sent when RF detection finds use of
an unauthorized SSID.
ntwsRFDetectXmtrMacAddr is the radio MAC address from the beacon.
ntwsRFDetectListenerListInfo is a display string of a list of
listener information.
Obsoleted by ntwsRFDetectRogueDeviceTrap2
and ntwsRFDetectSuspectDeviceTrap2.
One of the two traps will be sent if the device having an
unauthorized SSID is classified as rogue or suspect because of this.
ntwsRFDetectUnAuthorizedOuiTrap
.1.3.6.1.4.1.45.6.1.5.0.32
This trap is sent when RF detection finds use of
an unauthorized OUI.
ntwsRFDetectXmtrMacAddr is the radio MAC address from the beacon.
ntwsRFDetectListenerListInfo is a display string of a list of
listener information.
Obsoleted by ntwsRFDetectRogueDeviceTrap2
and ntwsRFDetectSuspectDeviceTrap2.
One of the two traps will be sent if the device having an
unauthorized OUI is classified as rogue or suspect because of this.
ntwsRFDetectUnAuthorizedAPTrap
.1.3.6.1.4.1.45.6.1.5.0.33
This trap is sent when RF detection finds operation
of an unauthorized AP.
ntwsRFDetectXmtrMacAddr is the radio MAC address from the beacon.
ntwsRFDetectListenerListInfo is a display string of a list of
listener information.
Obsoleted by ntwsRFDetectRogueDeviceTrap2.
ntwsDAPConnectWarningTrap
.1.3.6.1.4.1.45.6.1.5.0.34
A DAP, tried to connect to the AC.
ntwsDeviceModel provides the model of the DAP.
ntwsDeviceSerNum provides the serial number of the DAP.
ntwsRsaPubKeyFingerPrint provides the computed
fingerprint of the DAP.
ntwsDAPconnectWarningType provides the type
of connect warning.
Replaced by ntwsApNonOperStatusTrap2,
with ntwsApTransition = 'connectFail'.
ntwsRFDetectDoSPortTrap
.1.3.6.1.4.1.45.6.1.5.0.35
This trap is sent when RF detection finds a denial
of service (DoS) occurring. This has port and
AP info instead of 'Listener info'.
ntwsRFDetectDoSType specifies the type of DoS.
ntwsRFDetectXmtrMacAddr is the radio MAC address from the beacon.
ntwsClientAccessType specifies whether wired, AP, or DAP.
ntwsPortNum (for wired or AP), the port that is used.
ntwsDAPNum (for a DAP), the ID of the DAP.
ntwsMpMichaelMICFailure2
.1.3.6.1.4.1.45.6.1.5.0.36
Two Michael MIC failures were seen within 60 seconds of
each other. Object ntwsClientMACAddress is the source
of the first failure, and object ntwsClientMACAddress2
source of the second failure.
Obsoleted by ntwsMichaelMICFailure.
ntwsApNonOperStatusTrap
.1.3.6.1.4.1.45.6.1.5.0.37
This trap is sent when the AP changes state
and the new one is a non-operational state.
Obsoleted by ntwsApNonOperStatusTrap2.
ntwsApOperRadioStatusTrap
.1.3.6.1.4.1.45.6.1.5.0.38
This trap is sent when the Radio changes state.
It also contains aggregate information about the AP
in operational state - security level and service availability.
Obsoleted by ntwsApOperRadioStatusTrap3.
ntwsClientIpAddrChangeTrap
.1.3.6.1.4.1.45.6.1.5.0.39
This trap is sent when a client's IP address
changes. The most likely case for this is when
the client first connects to the network.
ntwsApTimeoutTrap
.1.3.6.1.4.1.45.6.1.5.0.4
The AP entering the AC at port ntwsPortNum with MAC
ntwsRadioMacAddress and of the access type (ap or dap)
has not responded.
Replaced by ntwsApNonOperStatusTrap2,
with ntwsApTransition = 'timeout'.
ntwsClientAssociationSuccessTrap
.1.3.6.1.4.1.45.6.1.5.0.40
This trap is sent if a client association succeeds.
WARNING: DO NOT enable it in normal use.
It may impair switch performance!
Only recommended for debugging network issues.
ntwsClientAuthenticationSuccessTrap
.1.3.6.1.4.1.45.6.1.5.0.41
This trap is sent if a client authentication succeeds.
ntwsClientDeAuthenticationTrap
.1.3.6.1.4.1.45.6.1.5.0.42
This trap is sent if a client de-authentication occured.
ntwsRFDetectBlacklistedTrap
.1.3.6.1.4.1.45.6.1.5.0.43
This trap is sent if an association, re-association or de-association
request (packet) is detected from a blacklisted transmitter
(identified by MAC: 'ntwsRFDetectXmtrMacAddr').
If 'ntwsBlacklistingCause' is 'configured',
then 'ntwsBlacklistingRemainingTime' will be zero, meaning indefinite
time (depending on administrative actions on the Black List).
Otherwise, 'ntwsBlacklistingRemainingTime' will indicate the time
in seconds until this transmitter's requests could be allowed.
ntwsRFDetectClientViaRogueWiredAPTrap2
.1.3.6.1.4.1.45.6.1.5.0.44
This trap is sent when a client is detected that connected
via a rogue AP that is attached to a wired port.
ntwsSourceWsIp is the IP address of the AC (switch)
with the wired port.
ntwsPortNum is the port on the AC.
ntwsClientVLANid is the VLAN ID of the client's traffic.
ntwsClientVLANtag is the VLAN tag of the client's traffic.
ntwsRFDetectXmtrMacAddr is the MAC address of the client.
ntwsRFDetectListenerListInfo is a display string of a list of
listener information.
ntwsRFDetectRogueAPMacAddr is the MAC address of the Rogue AP (wired)
the client is connected to.
Obsoleted by ntwsRFDetectClientViaRogueWiredAPTrap3.
ntwsRFDetectAdhocUserDisappearTrap
.1.3.6.1.4.1.45.6.1.5.0.45
This trap is sent when RF detection sweep finds that
an ad-hoc user disappeared.
ntwsRFDetectXmtrMacAddr is the MAC address of the ad-hoc user.
ntwsApRejectLicenseExceededTrap
.1.3.6.1.4.1.45.6.1.5.0.46
This trap is sent when an AC (wireless switch) receives a packet
from an inactive AP and attaching that AP would make the AC
exceed the maximum (licensed) number of active APs.
ntwsClientDynAuthorChangeSuccessTrap
.1.3.6.1.4.1.45.6.1.5.0.47
This trap is sent when the authorization attributes for a user
are dynamically changed by an authorized dynamic authorization
client.
ntwsClientDynAuthorChangeFailureTrap
.1.3.6.1.4.1.45.6.1.5.0.48
This trap is sent if a change of authorization request sent by
an authorized dynamic authorization client is unsuccessful.
ntwsClientDisconnectTrap
.1.3.6.1.4.1.45.6.1.5.0.49
This trap is sent when a client session is terminated administratively.
ntwsAPBootTrap
.1.3.6.1.4.1.45.6.1.5.0.5
The AP entering the AC at port ntwsPortNum with MAC
ntwsRadioMacAddress and of the access type (ap or dap) has booted.
Replaced by ntwsApNonOperStatusTrap2,
with ntwsApTransition = 'bootSuccess'.
ntwsMobilityDomainFailOverTrap
.1.3.6.1.4.1.45.6.1.5.0.50
This trap is sent when the Mobility Domain fails over
to the secondary seed.
ntwsMobilityDomainFailBackTrap
.1.3.6.1.4.1.45.6.1.5.0.51
This trap is sent when the Mobility Domain fails back
to the primary seed.
ntwsRFDetectRogueDeviceTrap
.1.3.6.1.4.1.45.6.1.5.0.52
This trap is sent when RF detection finds a rogue device.
XmtrMacAddr is the radio MAC address from the beacon.
ListenerListInfo is a display string of a list of
listener information.
ClassificationReason indicates the reason why the device
is classified as rogue.
Obsoleted by ntwsRFDetectRogueDeviceTrap2.
ntwsRFDetectRogueDeviceDisappearTrap
.1.3.6.1.4.1.45.6.1.5.0.53
This trap is sent when a rogue device has disappeared.
This trap obsoletes the ntwsRFDetectRogueDisappearTrap.
ntwsRFDetectSuspectDeviceTrap
.1.3.6.1.4.1.45.6.1.5.0.54
This trap is sent when RF detection finds a suspect device.
ntwsRFDetectXmtrMacAddr is the radio MAC address from the beacon.
ntwsRFDetectListenerListInfo is a display string of a list of
listener information.
ClassificationReason indicates the reason why the device
is classified as suspect.
Obsoleted by ntwsRFDetectSuspectDeviceTrap2.
ntwsRFDetectSuspectDeviceDisappearTrap
.1.3.6.1.4.1.45.6.1.5.0.55
This trap is sent when a suspect device has disappeared.
ntwsRFDetectXmtrMacAddr is the radio MAC address from the beacon.
This trap obsoletes the ntwsRFDetectInterferingRogueDisappearTrap.
ntwsRFDetectClientViaRogueWiredAPTrap3
.1.3.6.1.4.1.45.6.1.5.0.56
This trap is sent when a client is detected that connected
via a rogue AP that is attached to a wired port.
ntwsSourceWsIp is the IP address of the AC (switch)
with the wired port.
ntwsPortNum is the port on the AC.
ntwsClientVLANid is the VLAN ID of the client's traffic.
ntwsClientVLANtag is the VLAN tag of the client's traffic.
ntwsRFDetectXmtrMacAddr is the MAC address of the client.
ntwsRFDetectListenerListInfo is a display string of a list of
listener information.
ntwsRFDetectRogueAPMacAddr is the MAC address of the Rogue AP (wired)
the client is connected to.
ClassificationReason indicates the reason why the AP
is classified as rogue.
This trap obsoletes the ntwsRFDetectClientViaRogueWiredAPTrap and
ntwsRFDetectClientViaRogueWiredAPTrap2.
ntwsRFDetectClassificationChangeTrap
.1.3.6.1.4.1.45.6.1.5.0.57
This trap is sent when RF detection classification rules change.
ntwsConfigurationSavedTrap
.1.3.6.1.4.1.45.6.1.5.0.58
This trap is sent when the running configuration of the switch
is written to a configuration file.
ntwsApNonOperStatusTrap2
.1.3.6.1.4.1.45.6.1.5.0.59
This trap is sent when the AP changes state
and the new one is a non-operational state.
Obsoletes ntwsApNonOperStatusTrap.
ntwsMobilityDomainJoinTrap
.1.3.6.1.4.1.45.6.1.5.0.6
The mobility domain member has received an UP notice from the
remote address.
ntwsApOperRadioStatusTrap2
.1.3.6.1.4.1.45.6.1.5.0.60
This trap is sent when the Radio changes state.
It also contains aggregate information about the AP
in operational state - security level and service availability.
Obsoleted by ntwsApOperRadioStatusTrap3.
ntwsMichaelMICFailure
.1.3.6.1.4.1.45.6.1.5.0.61
Two Michael MIC failures were seen within 60 seconds of each other.
Object ntwsClientMACAddress indicates
the source of the first failure,
and object ntwsClientMACAddress2 indicates
the source of the second failure.
Service is interrupted for 60 seconds on the radio
due to TKIP countermeasures having commenced.
The radio is identified by ntwsApNum and ntwsAPRadioNum.
An alternative way to identify the radio is ntwsRadioMACAddress.
Obsoletes ntwsMpMichaelMICFailure and ntwsMpMichaelMICFailure2.
ntwsClientAuthorizationSuccessTrap3
.1.3.6.1.4.1.45.6.1.5.0.62
This trap is sent when a client authorizes.
If ntwsClientAccessMode = 'ap':
ntwsApNum, ntwsAPRadioNum, ntwsRadioSSID
identify the AP/radio/BSS providing wireless service to this client
at the time this trap was sent.
If ntwsClientAccessMode = 'wired':
ntwsPhysPortNum identifies the physical port on the AC
used by this wired-auth client.
Obsoleted by ntwsClientAuthorizationSuccessTrap4.
ntwsApManagerChangeTrap
.1.3.6.1.4.1.45.6.1.5.0.63
This trap is sent when the AP's secondary link becomes its
primary link.
ntwsClientClearedTrap2
.1.3.6.1.4.1.45.6.1.5.0.64
This trap is sent when a client session is cleared.
Obsoletes ntwsClientClearedTrap.
ntwsMobilityDomainResiliencyStatusTrap
.1.3.6.1.4.1.45.6.1.5.0.65
This trap is sent by a mobility domain seed to announce
changes in resilient capacity status.
ntwsApOperRadioStatusTrap3
.1.3.6.1.4.1.45.6.1.5.0.66
This trap is sent when the Radio changes state.
It also contains aggregate information about the AP
in operational state - security level and service availability.
Obsoletes ntwsApOperRadioStatusTrap
and ntwsApOperRadioStatusTrap2.
ntwsClientAuthorizationSuccessTrap4
.1.3.6.1.4.1.45.6.1.5.0.67
This trap is sent when a client authorizes.
If ntwsClientAccessMode = 'ap':
ntwsApNum, ntwsAPRadioNum, ntwsRadioSSID
identify the AP/radio/BSS providing wireless service to this client
at the time this trap was sent;
ntwsClientRadioType gives the type of radio used by this client.
If ntwsClientAccessMode = 'wired':
ntwsPhysPortNum identifies the physical port on the AC
used by this wired-auth client.
Obsoletes ntwsClientAuthorizationSuccessTrap,
ntwsClientAuthorizationSuccessTrap2,
ntwsClientAuthorizationSuccessTrap3.
ntwsRFDetectRogueDeviceTrap2
.1.3.6.1.4.1.45.6.1.5.0.68
This trap is sent when RF detection finds a rogue device.
ntwsRFDetectXmtrMacAddr is the radio MAC address from the beacon.
ntwsRFDetectXmtrRadioType indicates the Type of Radio
used by the transmitter (rogue device).
ntwsRFDetectXmtrCryptoType indicates the Type of Crypto
used by the transmitter (rogue device).
ntwsRFDetectListenerListInfo is a display string of a list of
listener information.
ntwsRFDetectClassificationReason indicates the reason
why the device is classified as rogue.
Obsoletes ntwsRFDetectRogueAPTrap,
ntwsRFDetectUnAuthorizedAPTrap,
ntwsRFDetectRogueDeviceTrap.
ntwsRFDetectSuspectDeviceTrap2
.1.3.6.1.4.1.45.6.1.5.0.69
This trap is sent when RF detection finds a suspect device.
ntwsRFDetectXmtrMacAddr is the radio MAC address from the beacon.
ntwsRFDetectXmtrRadioType indicates the Type of Radio
used by the transmitter (suspect device).
ntwsRFDetectXmtrCryptoType indicates the Type of Crypto
used by the transmitter (suspect device).
ntwsRFDetectListenerListInfo is a display string of a list of
listener information.
ntwsRFDetectClassificationReason indicates the reason
why the device is classified as suspect.
Obsoletes ntwsRFDetectInterferingRogueAPTrap,
ntwsRFDetectSuspectDeviceTrap.
ntwsMobilityDomainTimeoutTrap
.1.3.6.1.4.1.45.6.1.5.0.7
The mobility domain member has declared the remote address
to be DOWN.
ntwsClusterFailureTrap
.1.3.6.1.4.1.45.6.1.5.0.70
This trap is sent when the cluster configuration failed to apply.
If ntwsClusterFailureReason = 'validation-error':
The validation error is reported by the receiving end
of the configuration updates.
The receiving end can be any AC (switch) in the mobility domain:
member, secondary seed or primary seed.
- Primary seed will be the receiving end of configuration updates
when Primary seed is joining the cluster
and Secondary seed has preempt mode enabled.
- Both Secondary seed and member will be at the receiving end
when Primary seed is active.
ntwsMpMichaelMICFailure
.1.3.6.1.4.1.45.6.1.5.0.8
Two Michael MIC failures were seen within 60 seconds of each other.
Obsoleted by ntwsMichaelMICFailure.
ntwsRFDetectRogueAPTrap
.1.3.6.1.4.1.45.6.1.5.0.9
This trap is sent when RF detection finds a rogue AP.
XmtrMacAddr is the radio MAC address from the beacon.
ListenerListInfo is a display string of a list of
listener information.
Obsoleted by ntwsRFDetectRogueDeviceTrap2.