Table of Contents
Advertisement
! *** Port Mirroring ***
!
port-mirroring mode XrxOrXtx monitor-port 9 mirror-port-X 12
!
Creating Custom Expect Scripts
Expect is a tool that uses simple scripts to automate interactive applications.
Novell ZENworks Network Access Control utilizes expect scripts when communicating with
802.1X devices. You can add 802.1X devices in the Novell ZENworks Network Access Control user
interface (Home>>System configuration>>Quarantining menu option>>Add
802.1X device). There are 11 pre-defined devices, and one generic device. You can use the
default expect script values, modify them, or enter new values. The expect scripts used are as
follows:
Initialization script — This script is used to log in to the device, enter enable mode and set up
the state necessary to execute the re-authentication command. It is executed the first time a
connection to the device is opened or if the connection to the device is reset.
Re-authentication script — This script is used to perform endpoint re-authentication. It is
executed once for each endpoint re-authentication while the connection to the device remains
active (until the connection goes bad or the idle time inactivity timeout is reached).
Exit script — This script is used to exit the console. It is executed when the idle time timeout
is reached.
When testing configuration settings from the Novell ZENworks Network Access Control user
interface, all three scripts are executed once in sequence and the connection is closed. If any output
is returned by a command sent in the re-authentication script, it is logged and returned to the user. If
an expect command times out the current expect buffer is logged and returned to the user.
As an example, the following figures show the initial scripts used for a Nortel device in the Novell
ZENworks Network Access Control user interface.
Nortel Initialization Script
expect Enter Ctrl-Y to begin.
send -noreturn \031
expect -ifset USERNAME Username:
send -ifset USERNAME ${USERNAME}
expect -ifset PASSWORD Password:
send -ifset PASSWORD ${PASSWORD}
expect press <Return> or <Enter> to select option.
send -noreturn c
expect >
send enable
expect -ifset ENABLE_USERNAME Username:
send -ifset ENABLE_USERNAME ${USERNAME}
expect -ifset ENABLE_PASSWORD Password:
send -ifset ENABLE_PASSWORD ${ENABLE_PASSWORD}
expect #
send configure terminal
expect (config)#
802.1X Quarantine Method 279
Advertisement
Table of Contents
Related Manuals for Novell ZENWORKS NETWORK ACCESS CONTROL 5.0 - 09-22-2008
Related Products for Novell ZENWORKS NETWORK ACCESS CONTROL 5.0 - 09-22-2008
- NOVELL ZENWORKS NETWORK ACCESS CONTROL 5.0 - INSTALLATION GUIDE 09-22-2008
- Novell 3.6 05-2008
- Novell Access Manager 3.1 SP 1
- Novell Access Manager 3.1 SP 2
- NOVELL ACCESS MANAGER 3.1 SP1 - AGENT GUIDE
- NOVELL ACCESS MANAGER 3.1 SP1 - IDENTITY SERVER
- NOVELL ACCESS MANAGER 3.1 SP1 - S 11-20-2009
- NOVELL ACCESS MANAGER 3.1 SP1 - SSL VPN SERVER GUIDE 03-17-2010
- NOVELL ACCESS MANAGER 3.1 SP2 - J2EE AGENT GUIDE 2010
- NOVELL ACCESS MANAGER 3.1 SP2 - README 2010
- NOVELL ACCESS MANAGER 3.1 SP2 - SSL VPN USER GUIDE 2010
- Novell Access Manager 3.1 SP2 Beta 1
- NOVELL ACCESS MANAGER 3.1 SP2 BETA 1 - SCENARIOS 2009
- Novell Account Management 2.1
- NOVELL ADMINSTUDIO 9.5
- NOVELL APPARMOR - AND