eap-24----Page:3
1  2  3  4 

The “Lying NAS Problem”AAA Issue #399 NASA NASB RADIUS Proxy RADIUS Server Problem: NASA can forge NAS-IP-Address, NAS-IPv6-Address, NAS-Identifier, Called-Station-Id, Calling-Station-Id attributes. RADIUS proxy only checks source address against RADIUS shared secret; RADIUS server has no way to verify. Solution: Require Proxy or Server to verify NAS Identification attributes; further verification possible in EAP methods.

PPT Version