The first thing to say is probably dont use the 3.3 external authenticator for Novell because this has gone in 4.0. You need to use the Generic LDAP authenticator instead - this will make future ACS upgrades easier.
The best thing is to get this working for plain PAP authentications first. You can use radtest (in the acs utils directory) to perform test RADIUS authentications.
Once you have the ability to authenticate novell users via pap working, the next step is to get 802.1x setup. For this you'll have to use the painfully complicated EAP config pages. Basically you can really only look at PEAP GTC (originally intended for token/one time passwords but works with any clear text password)
Clients... you cant AFAIK use the standard windows 802.1x client because it only supports PEAP v0 with MSCHAP and LDAP doesnt support MSCHAP.
Therefore you'll need the Cisco 802.1x supplicant (or other that supports PEAP v1 + EAP-GTC.
Apols for this being complicated... but it is! There are a lot of inter-dependencies on supplicant + eap type + backend database.
Your best hope is for a Cisco TME to give you some help on the fine detail.
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...