Microsoft IAS and Novell ZENworks Network Access Control IAS Plug-in

With this method, the switch is configured with the IAS server IP address as the RADIUS server host. When the switch performs the RADIUS authentication, IAS authenticates the user. If successful, IAS then calls the Novell ZENworks Network Access Control plug-in, which asks Novell ZENworks Network Access Control for the health status of the endpoint. You can configure up to six Novell ZENworks Network Access Control server URLs. The plug-in reads the list of servers over and over (iterates) attempting to connect to one of them. Once a connection is made, the Novell ZENworks Network Access Control plug-in uses that server URL until it is no longer available, at which point it iterates over the list of servers again. If necessary, the Novell ZENworks Network Access Control plug-in overwrites the RADIUS attributes to specify the VLAN to place the endpoint into. IAS then returns the results to the switch.

Proxying RADIUS requests to an existing RADIUS server

With this method, the switch is configured with the Novell ZENworks Network Access Control IP address as the RADIUS server host. When the switch performs the RADIUS authentication against the Novell ZENworks Network Access Control server, Novell ZENworks Network Access Control proxies the request to another RADIUS server. As long as that server supports the appropriate authentication methods used by the client it should allow and authenticate the proxied requests. On successful authentication, when the end RADIUS server returns the proxied request Novell ZENworks Network Access Control overrides the RADIUS attributes which specify to the switch which VLAN to place the endpoint in if necessary. Novell ZENworks Network Access Control then returns the authentication results to the switch.

Using the built-in Novell ZENworks Network Access Control RADIUS server

With this method, all authentication takes place on the Novell ZENworks Network Access Control server. The switch is configured with the Novell ZENworks Network Access Control IP address as the RADIUS server host. Novell ZENworks Network Access Control performs the authentication based on the FreeRADIUS configuration, inserts RADIUS attributes specifying into which VLAN to place the endpoint, and returns the result to the switch.