1 Dec
2012
1 Dec
'12
4:44 p.m.
Hi, Apologizes if this question is to "newbie", but i recently thought about Radius security when using proxy. Considering we are using an EAP-TTLS method, based on LDAP authentication inside inner-tunnel (finally with PAP auth a the end). When a client tries an auth, encryption is done by the server only, encoding datas into a TLS tunnels initiated by the server. So login and password are "hidden" into this tunnel. But when using this method through a proxy way, wher eis data encryption ? Ex : First i a direct connexion : Client (EAP-TTLS) => Tunnel (TLS) => Radius Server Then with proxy : Client (EAP-TTLS) => ? => Proxy Radius Server => ? => Radius BR,