Proxy AAA behavior

mansi jain mansi2kjain at gmail.com
Mon Feb 21 15:43:25 CET 2011


Hi,

this is a general question on the AAA proxy behavior

Support I have following network

NAS <---------shared secret A -------> AAA proxy <---------shared secret
B---------> AAA server
      <--------------------------------shared secret C 
------------------------------> 


I want to know when the AAA server responds to an access request received
from NAS via AAA proxy, it shall encrypt the MSK, EMSK and other keys using
the shared secret B(between proxy and sever) or it shall use secret C
(between NAS and server).
As I know that the message authenticator is changed by AAA proxy in the
radius messages so that messages between NAS and proxy are authenticated
using secret A  while messages between proxy and server uses secret B. 
But does this hold true for the keys also since then the proxy will have to
decrypt and encrypt all the keys in Access accept again.

Can anyone please clear my doubt regarding this.

TIA,
mansi

-- 
View this message in context: http://freeradius.1045715.n5.nabble.com/Proxy-AAA-behavior-tp3394232p3394232.html
Sent from the FreeRadius - User mailing list archive at Nabble.com.



More information about the Freeradius-Users mailing list