About Radius security
A.L.M.Buxey at lboro.ac.uk
Sat Dec 1 23:10:01 CET 2012
> But when using this method through a proxy way, wher eis data encryption ?
the TLS tunnel is set up with the remote server - the traffic being passed
through all the interim proxies. so the client only trusts the remote server (ie
the server they authenticate against) - all the traffic is encapsulated within the
TLS tunnel (which is transferred in RADIUS packets). so long as the client is configured
to trust only the CA of the remote RADIUS server and the CommonName of the remote
RADIUS server, you have the PKI assurance.
More information about the Freeradius-Users