Table of Contents
Advertisement
13.2.2 Configuring Novell ZENworks Network Access Control
To configure Novell ZENworks Network Access Control:
Home window>>System configuration>>Select an enforcement cluster>>Quarantining
1 In the Quarantine method area, select the 802.1X radio button.
2 In the Basic 802.1X settings area, select the remote Endpoint detection
location radio button.
3 Click ok.
Command line window
NOTE: Perform the following steps on each ES in your system.
4 Log in as root to the Novell ZENworks Network Access Control ES using SSH or directly
with a keyboard.
5 Enter the following command:
egrep DeviceActivityCapture /usr/local/nac/properties/nac-es.properties
The expected results are:
Compliance.DeviceActivityCapture.RunningRemotely=true
It can take a minute or two to contact
results are different.
NOTE: It can take a minute or two after changing the property in the user interface for the
change to propagate to all ESs.
6 Edit the configuration file:
6a Open the following file with a text editor such as vi:
/etc/syslog-ng/syslog-ng.conf
6b In the ### SOURCE ENTRIES HERE ### area, add the following line:
source rdac
6c In the ### DESTINATION ENTRIES HERE ### area, add the following line:
destination d_dac { program("/usr/local/nac/bin/syslog-to-dac.py"); };
6d In the ### LOG ENTRIES HERE ### area, add the following line:
log { source(rdac); filter(f_mesg); destination(d_dac); };
6e Save and exit the file.
6f Enter the following at the command line to restart the service:
service syslog-ng restart
7 Add the iptables firewall rule to allow this syslog traffic:
7a Stop iptables by entering the following at the command line:
service nac-es stop
fw_control stop
7b Open the following file with a text editor such as vi:
308 Novell ZENworks Network Access Control Users Guide
Novell Support (http://www.novell.com/support)
{ tcp(); };
if your
Advertisement
Table of Contents
