Hi, this is a general question on the AAA proxy behavior
Support I have following network NAS <---------shared secret A -------> AAA proxy <---------shared secret B---------> AAA server <--------------------------------shared secret C ------------------------------> I want to know when the AAA server responds to an access request received from NAS via AAA proxy, it shall encrypt the MSK, EMSK and other keys using the shared secret B(between proxy and sever) or it shall use secret C (between NAS and server). As I know that the message authenticator is changed by AAA proxy in the radius messages so that messages between NAS and proxy are authenticated using secret A while messages between proxy and server uses secret B. But does this hold true for the keys also since then the proxy will have to decrypt and encrypt all the keys in Access accept again. Can anyone please clear my doubt regarding this. TIA, mansi -- View this message in context: http://freeradius.1045715.n5.nabble.com/Proxy-AAA-behavior-tp3394232p3394232.html Sent from the FreeRadius - User mailing list archive at Nabble.com. - List info/subscribe/unsubscribe? See http://www.freeradius.org/list/users.html