13 Oct
2019
13 Oct
'19
6:50 a.m.
In systems like eduroam is expected that yes, the local wireless infrastructure (or usually just the controller's) can talk to the RADIUS server, just add is the case for broadband routers we they can all talk to. But on the internet public facing side is expected that the RADIUS server only has remote access to/from the national radius proxy servers for that federation. Obviously that changes with RADSEC but then it's all better encrypted so ... For local attacks, most wireless vendors have pretty good controls to stop/limit attacks (eg password ones) in the EAP authentication channel alan