1.4 Relationship to Other Protocols

The VSAs specified in this document rely on and are transported within the RADIUS protocol described in [RFC2865].

Protocols between the client and the Network Access Protection (NAP) server (for example, PPP [RFC1661], 802.1x [IEEE802.1X], and Health Certificate Enrollment [MS-HCEP]) relate to the Microsoft VSAs in the following ways:

Unless otherwise noted, RADIUS attributes are sent only between a RADIUS client and a RADIUS server. However, some Microsoft RADIUS VSAs can be transported over the protocols between the endpoint and the NAS in addition to being transported over RADIUS. For example, the enrollment protocol transports the MS-AFW-Zone attribute, as specified in [MS-HCEP] section 2.2.2.2.
The Microsoft RADIUS VSAs can affect the operation of the protocols between the endpoint and the NAS. For example, the MS-Quarantine-Grace-Time attribute sets a limit on the time that a client can remain connected through a particular NAS, regardless of the protocol between the client and the NAS.

Additional resources