After seaching the forums for a NetScreen VSA file to use with CiscoSecure 3.0 I had to depend on making one utilizing this Cisco doc..
http://www.cisco.com/univercd/cc/td/doc/product/access/acs_soft/csacs4nt/acs31/acsuser/ae.htm#1981
I've tested this using CiscoSecure 3.0 (3.0(1) Build 40) for NT/2K and it works great. It should work on 3.1 also. It adds NetScreen VSA(Vendor Specific Attributes) for Radius to the admin console. I only use it for remote firewall auth but I made it to conform to all of the NetScreen VSA's available.
Using this file as is will allow multi-user authentication to NS-Admin-Privileges and authentication for all others.
This is a good template to start with for configuring your NS to to Radius with your ACS server.
Rob Gartley
----- BEGIN FILE -----
[User Defined Vendor]
Name=NetScreen
IETF Code=3224
VSA 1=NS-Admin-Privilege
VSA 2=NS-VSYS-Name
VSA 3=NS-User-Group
VSA 4=NS-Primary-DNS
VSA 5=NS-Secondary-DNS
VSA 6=NS-Primary-WINS
VSA 7=NS-Secondary-WINS
[NS-Admin-Privilege]
Type=INTEGER
Profile=MULTI OUT
Enums=Admin Access Rights
[NS-VSYS-Name]
Type=STRING
Profile=OUT
[NS-User-Group]
Type=STRING
Profile=OUT
[NS-Primary-DNS]
Type=IPADDR
Profile=OUT
[NS-Secondary-DNS]
Type=IPADDR
Profile=OUT
[NS-Primary-WINS]
Type=IPADDR
Profile=OUT
[NS-Secondary-WINS]
Type=IPADDR
Profile=OUT
[Admin Access Rights]
1=Root Admin
2=All VSYS Root Admin
3=VSYS Admin (Requires VSA #2 VSYS Name be entered)
4=Read-Only Admin
5=Read-Only VSYS Admin (Requires VSA #2 VSYS Name be entered)
----- END FILE -----