EAP-TTLS proxiing the tunneled request fails
Ekkehard Burkon
eb at tnib.de
Fri Jun 21 16:35:23 CEST 2019
Hi,
I spent a bit of time on this but can't get it to work.
My goal is to have a freeradius server handle EAP authentication with the EAP typ being EAP-TTLS. The data from the tunneled request should be proxied
to an other radius server.
I got as far as that. The proxy gets the request and answers it accordingly. But to me it looks like freeradius does not put enough info into that request
and then looses track of things. The info sent to the AP is a plain accept with no EAP-Message and Message-Authenticator attribute.
Accordingly the whole thing does not work. (The EAP-TLS stuff is working)
I include the config. I tried to keep just the necessary stuff and a debug output from one request.
Would somone be willing to help me a bit with this?
Thank you
Ekkehard
sites-enabled/default:
server default {
listen {
type = auth
ipaddr = *
port = 1812
}
authorize {
eap {
ok = return
updated = return
}
}
authenticate {
eap
}
post-auth {
Post-Auth-Type REJECT {
attr_filter.access_reject
linelog_send_reject
}
}
}
sites-enabled/eap-inner:
server eap-inner {
authorize {
update control {
Proxy-To-Realm := "NPS"
}
}
authenticate {
eap
}
post-proxy {
eap
}
}
proxy.conf:
home_server ad_nps1 {
ipaddr = 10.0.0.21
secret = biscplus
status_check = status-server
response_window = 5
check_interval = 10
check_timeout = 5
}
home_server_pool bis_ad {
type = keyed-balance
home_server = ad_nps1
}
realm NPS {
auth_pool = bis_ad
nostrip
}
mods-enabled/eap:
eap {
default_eap_type = ttls
timer_expire = 60
max_sessions = ${max_requests}
tls-config tls-common {
certificate_file = ${certdir}/radius3.crt
private_key_file = ${certdir}/radius3.key
# private_key_password = 12345678
ca_file = ${cadir}/BIS-ROOT-1.pem
fragment_size = 1024
ocsp {
enable = yes
override_cert_url = no
use_nonce = yes
}
}
tls {
tls = tls-common
virtual_server = check-eap-tls
}
ttls {
tls = tls-common
default_eap_type = mschapv2
copy_request_to_tunnel = yes
use_tunneled_reply = yes
proxy_tunneled_request_as_eap = yes
virtual_server = "eap-inner"
}
}
Im testing with eapol here is the debug output from freeradius:
(0) Received Access-Request Id 0 from 127.0.0.1:38193 to 127.0.0.1:1812 length 174
(0) User-Name = "anonymous at admin.bis-school.com"
(0) NAS-IP-Address = 127.0.0.1
(0) Calling-Station-Id = "02-00-00-00-00-01"
(0) Framed-MTU = 1400
(0) NAS-Port-Type = Wireless-802.11
(0) Service-Type = Framed-User
(0) Connect-Info = "CONNECT 11Mbps 802.11b"
(0) EAP-Message = 0x02e3002301616e6f6e796d6f75734061646d696e2e6269732d7363686f6f6c2e636f6d
(0) Message-Authenticator = 0x90f2882e640a53847b562bcdd8d88046
(0) # Executing section authorize from file /etc/freeradius/3.0/sites-enabled/default
(0) authorize {
(0) eap: Peer sent EAP Response (code 2) ID 227 length 35
(0) eap: EAP-Identity reply, returning 'ok' so we can short-circuit the rest of authorize
(0) [eap] = ok
(0) } # authorize = ok
(0) Found Auth-Type = eap
(0) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
(0) authenticate {
(0) eap: Peer sent packet with method EAP Identity (1)
(0) eap: Calling submodule eap_ttls to process data
(0) eap_ttls: Initiating new EAP-TLS session
(0) eap_ttls: [eaptls start] = request
(0) eap: Sending EAP Request (code 1) ID 228 length 6
(0) eap: EAP session adding &reply:State = 0xbdbe794dbd5a6c9b
(0) [eap] = handled
(0) } # authenticate = handled
(0) Using Post-Auth-Type Challenge
(0) Post-Auth-Type sub-section not found. Ignoring.
(0) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
(0) Sent Access-Challenge Id 0 from 127.0.0.1:1812 to 127.0.0.1:38193 length 0
(0) EAP-Message = 0x01e400061520
(0) Message-Authenticator = 0x00000000000000000000000000000000
(0) State = 0xbdbe794dbd5a6c9b1371e49bfa915200
(0) Finished request
Waking up in 4.9 seconds.
(1) Received Access-Request Id 1 from 127.0.0.1:38193 to 127.0.0.1:1812 length 335
(1) User-Name = "anonymous at admin.bis-school.com"
(1) NAS-IP-Address = 127.0.0.1
(1) Calling-Station-Id = "02-00-00-00-00-01"
(1) Framed-MTU = 1400
(1) NAS-Port-Type = Wireless-802.11
(1) Service-Type = Framed-User
(1) Connect-Info = "CONNECT 11Mbps 802.11b"
(1) EAP-Message = 0x02e400b2150016030100a7010000a30303e90f8da43470e52c2afaa380c820e5a50c293ac3050b815924910aec99ae5410000038c02cc030009fcca9cca8ccaac02bc02f009ec024c028006bc023c0270067c00ac0140039c009c0130033009d009c003d003c0035002f00ff01000042000b0004030001
(1) State = 0xbdbe794dbd5a6c9b1371e49bfa915200
(1) Message-Authenticator = 0x4938ad10c3b7d3495950fa889670e64e
(1) session-state: No cached attributes
(1) # Executing section authorize from file /etc/freeradius/3.0/sites-enabled/default
(1) authorize {
(1) eap: Peer sent EAP Response (code 2) ID 228 length 178
(1) eap: Continuing tunnel setup
(1) [eap] = ok
(1) } # authorize = ok
(1) Found Auth-Type = eap
(1) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
(1) authenticate {
(1) eap: Expiring EAP session with state 0xbdbe794dbd5a6c9b
(1) eap: Finished EAP session with state 0xbdbe794dbd5a6c9b
(1) eap: Previous EAP request found for state 0xbdbe794dbd5a6c9b, released from the list
(1) eap: Peer sent packet with method EAP TTLS (21)
(1) eap: Calling submodule eap_ttls to process data
(1) eap_ttls: Authenticate
(1) eap_ttls: Continuing EAP-TLS
(1) eap_ttls: Got final TLS record fragment (172 bytes)
(1) eap_ttls: WARNING: Total received TLS record fragments (172 bytes), does not equal indicated TLS record length (0 bytes)
(1) eap_ttls: [eaptls verify] = ok
(1) eap_ttls: Done initial handshake
(1) eap_ttls: (other): before SSL initialization
(1) eap_ttls: TLS_accept: before SSL initialization
(1) eap_ttls: TLS_accept: before SSL initialization
(1) eap_ttls: <<< recv TLS 1.2 [length 00a7]
(1) eap_ttls: TLS_accept: SSLv3/TLS read client hello
(1) eap_ttls: >>> send TLS 1.2 [length 003d]
(1) eap_ttls: TLS_accept: SSLv3/TLS write server hello
(1) eap_ttls: >>> send TLS 1.2 [length 097a]
(1) eap_ttls: TLS_accept: SSLv3/TLS write certificate
(1) eap_ttls: >>> send TLS 1.2 [length 014d]
(1) eap_ttls: TLS_accept: SSLv3/TLS write key exchange
(1) eap_ttls: >>> send TLS 1.2 [length 0004]
(1) eap_ttls: TLS_accept: SSLv3/TLS write server done
(1) eap_ttls: TLS_accept: Need to read more data: SSLv3/TLS write server done
(1) eap_ttls: In SSL Handshake Phase
(1) eap_ttls: In SSL Accept mode
(1) eap_ttls: [eaptls process] = handled
(1) eap: Sending EAP Request (code 1) ID 229 length 1014
(1) eap: EAP session adding &reply:State = 0xbdbe794dbc5b6c9b
(1) [eap] = handled
(1) } # authenticate = handled
(1) Using Post-Auth-Type Challenge
(1) Post-Auth-Type sub-section not found. Ignoring.
(1) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
(1) Sent Access-Challenge Id 1 from 127.0.0.1:1812 to 127.0.0.1:38193 length 0
(1) EAP-Message = 0x01e503f615c000000b1c160303003d02000039030354a1c912b7f4ffec22fbff6a7f9f77e8ef4c67e6b6bc2e97d069f79fe3e1c7f300c030000011ff01000100000b00040300010200170000160303097a0b0009760009730005b0308205ac30820494a003020102020a1b9b4d9f000000000004300d06
(1) Message-Authenticator = 0x00000000000000000000000000000000
(1) State = 0xbdbe794dbc5b6c9b1371e49bfa915200
(1) Finished request
Waking up in 4.9 seconds.
(2) Received Access-Request Id 2 from 127.0.0.1:38193 to 127.0.0.1:1812 length 163
(2) User-Name = "anonymous at admin.bis-school.com"
(2) NAS-IP-Address = 127.0.0.1
(2) Calling-Station-Id = "02-00-00-00-00-01"
(2) Framed-MTU = 1400
(2) NAS-Port-Type = Wireless-802.11
(2) Service-Type = Framed-User
(2) Connect-Info = "CONNECT 11Mbps 802.11b"
(2) EAP-Message = 0x02e500061500
(2) State = 0xbdbe794dbc5b6c9b1371e49bfa915200
(2) Message-Authenticator = 0x80b05a75c57103e50a0d4ca23f52ecdc
(2) session-state: No cached attributes
(2) # Executing section authorize from file /etc/freeradius/3.0/sites-enabled/default
(2) authorize {
(2) eap: Peer sent EAP Response (code 2) ID 229 length 6
(2) eap: Continuing tunnel setup
(2) [eap] = ok
(2) } # authorize = ok
(2) Found Auth-Type = eap
(2) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
(2) authenticate {
(2) eap: Expiring EAP session with state 0xbdbe794dbc5b6c9b
(2) eap: Finished EAP session with state 0xbdbe794dbc5b6c9b
(2) eap: Previous EAP request found for state 0xbdbe794dbc5b6c9b, released from the list
(2) eap: Peer sent packet with method EAP TTLS (21)
(2) eap: Calling submodule eap_ttls to process data
(2) eap_ttls: Authenticate
(2) eap_ttls: Continuing EAP-TLS
(2) eap_ttls: Peer ACKed our handshake fragment
(2) eap_ttls: [eaptls verify] = request
(2) eap_ttls: [eaptls process] = handled
(2) eap: Sending EAP Request (code 1) ID 230 length 1014
(2) eap: EAP session adding &reply:State = 0xbdbe794dbf586c9b
(2) [eap] = handled
(2) } # authenticate = handled
(2) Using Post-Auth-Type Challenge
(2) Post-Auth-Type sub-section not found. Ignoring.
(2) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
(2) Sent Access-Challenge Id 2 from 127.0.0.1:1812 to 127.0.0.1:38193 length 0
(2) EAP-Message = 0x01e603f615c000000b1c2b060105050730028681ae6c6461703a2f2f2f434e3d4249532d41442d43412d524f4f542d312c434e3d4149412c434e3d5075626c69632532304b657925323053657276696365732c434e3d53657276696365732c434e3d436f6e66696775726174696f6e2c44433d61646d69
(2) Message-Authenticator = 0x00000000000000000000000000000000
(2) State = 0xbdbe794dbf586c9b1371e49bfa915200
(2) Finished request
Waking up in 4.9 seconds.
(3) Received Access-Request Id 3 from 127.0.0.1:38193 to 127.0.0.1:1812 length 163
(3) User-Name = "anonymous at admin.bis-school.com"
(3) NAS-IP-Address = 127.0.0.1
(3) Calling-Station-Id = "02-00-00-00-00-01"
(3) Framed-MTU = 1400
(3) NAS-Port-Type = Wireless-802.11
(3) Service-Type = Framed-User
(3) Connect-Info = "CONNECT 11Mbps 802.11b"
(3) EAP-Message = 0x02e600061500
(3) State = 0xbdbe794dbf586c9b1371e49bfa915200
(3) Message-Authenticator = 0xbc676bdb840006d114c4d5534e697668
(3) session-state: No cached attributes
(3) # Executing section authorize from file /etc/freeradius/3.0/sites-enabled/default
(3) authorize {
(3) eap: Peer sent EAP Response (code 2) ID 230 length 6
(3) eap: Continuing tunnel setup
(3) [eap] = ok
(3) } # authorize = ok
(3) Found Auth-Type = eap
(3) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
(3) authenticate {
(3) eap: Expiring EAP session with state 0xbdbe794dbf586c9b
(3) eap: Finished EAP session with state 0xbdbe794dbf586c9b
(3) eap: Previous EAP request found for state 0xbdbe794dbf586c9b, released from the list
(3) eap: Peer sent packet with method EAP TTLS (21)
(3) eap: Calling submodule eap_ttls to process data
(3) eap_ttls: Authenticate
(3) eap_ttls: Continuing EAP-TLS
(3) eap_ttls: Peer ACKed our handshake fragment
(3) eap_ttls: [eaptls verify] = request
(3) eap_ttls: [eaptls process] = handled
(3) eap: Sending EAP Request (code 1) ID 231 length 846
(3) eap: EAP session adding &reply:State = 0xbdbe794dbe596c9b
(3) [eap] = handled
(3) } # authenticate = handled
(3) Using Post-Auth-Type Challenge
(3) Post-Auth-Type sub-section not found. Ignoring.
(3) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
(3) Sent Access-Challenge Id 3 from 127.0.0.1:1812 to 127.0.0.1:38193 length 0
(3) EAP-Message = 0x01e7034e158000000b1c1f7cf0bc75d77cef8ab1e0b0d70191863666447688049d6a7b1370086e925c81e494c817e89e76fbb35b20f9dd06a9a3edea94d217cb02c06c49165a619bf474d673c14496ade687ac8eeb28fb22dc57c02faeb327ad534fbd530430d48ceb3067670310f50203010001a36930
(3) Message-Authenticator = 0x00000000000000000000000000000000
(3) State = 0xbdbe794dbe596c9b1371e49bfa915200
(3) Finished request
Waking up in 4.9 seconds.
(4) Received Access-Request Id 4 from 127.0.0.1:38193 to 127.0.0.1:1812 length 289
(4) User-Name = "anonymous at admin.bis-school.com"
(4) NAS-IP-Address = 127.0.0.1
(4) Calling-Station-Id = "02-00-00-00-00-01"
(4) Framed-MTU = 1400
(4) NAS-Port-Type = Wireless-802.11
(4) Service-Type = Framed-User
(4) Connect-Info = "CONNECT 11Mbps 802.11b"
(4) EAP-Message = 0x02e7008415001603030046100000424104297d569882c17684c3dc575059bea02a61f3ccf021334a9ece982c33ed5796948b42fbc1e19db50b55234a58e24364f2cd6d3a87f0b6ae0bcdf5aee053d61cde1403030001011603030028b248fc46d27b63d070e1cffbdac668845d9ef5b05c90fb9f7a8540
(4) State = 0xbdbe794dbe596c9b1371e49bfa915200
(4) Message-Authenticator = 0x81790218229b4d6b27a2b1d421eadae2
(4) session-state: No cached attributes
(4) # Executing section authorize from file /etc/freeradius/3.0/sites-enabled/default
(4) authorize {
(4) eap: Peer sent EAP Response (code 2) ID 231 length 132
(4) eap: Continuing tunnel setup
(4) [eap] = ok
(4) } # authorize = ok
(4) Found Auth-Type = eap
(4) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
(4) authenticate {
(4) eap: Expiring EAP session with state 0xbdbe794dbe596c9b
(4) eap: Finished EAP session with state 0xbdbe794dbe596c9b
(4) eap: Previous EAP request found for state 0xbdbe794dbe596c9b, released from the list
(4) eap: Peer sent packet with method EAP TTLS (21)
(4) eap: Calling submodule eap_ttls to process data
(4) eap_ttls: Authenticate
(4) eap_ttls: Continuing EAP-TLS
(4) eap_ttls: [eaptls verify] = ok
(4) eap_ttls: Done initial handshake
(4) eap_ttls: TLS_accept: SSLv3/TLS write server done
(4) eap_ttls: <<< recv TLS 1.2 [length 0046]
(4) eap_ttls: TLS_accept: SSLv3/TLS read client key exchange
(4) eap_ttls: TLS_accept: SSLv3/TLS read change cipher spec
(4) eap_ttls: <<< recv TLS 1.2 [length 0010]
(4) eap_ttls: TLS_accept: SSLv3/TLS read finished
(4) eap_ttls: >>> send TLS 1.2 [length 0001]
(4) eap_ttls: TLS_accept: SSLv3/TLS write change cipher spec
(4) eap_ttls: >>> send TLS 1.2 [length 0010]
(4) eap_ttls: TLS_accept: SSLv3/TLS write finished
(4) eap_ttls: (other): SSL negotiation finished successfully
(4) eap_ttls: SSL Connection Established
(4) eap_ttls: [eaptls process] = handled
(4) eap: Sending EAP Request (code 1) ID 232 length 61
(4) eap: EAP session adding &reply:State = 0xbdbe794db9566c9b
(4) [eap] = handled
(4) } # authenticate = handled
(4) Using Post-Auth-Type Challenge
(4) Post-Auth-Type sub-section not found. Ignoring.
(4) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
(4) Sent Access-Challenge Id 4 from 127.0.0.1:1812 to 127.0.0.1:38193 length 0
(4) EAP-Message = 0x01e8003d1580000000331403030001011603030028bfbb1165dab6d3ad067fd077e0b86fe6b330caa641fd7cf9d71fd3dfa7b7eadf624b79c8c4540ecd
(4) Message-Authenticator = 0x00000000000000000000000000000000
(4) State = 0xbdbe794db9566c9b1371e49bfa915200
(4) Finished request
Waking up in 4.9 seconds.
(5) Received Access-Request Id 5 from 127.0.0.1:38193 to 127.0.0.1:1812 length 252
(5) User-Name = "anonymous at admin.bis-school.com"
(5) NAS-IP-Address = 127.0.0.1
(5) Calling-Station-Id = "02-00-00-00-00-01"
(5) Framed-MTU = 1400
(5) NAS-Port-Type = Wireless-802.11
(5) Service-Type = Framed-User
(5) Connect-Info = "CONNECT 11Mbps 802.11b"
(5) EAP-Message = 0x02e8005f15001703030054b248fc46d27b63d18e71ab2e68197c93122eb1f823fa8da0434c2d0edc8b721d9cdf48ddbce73bc70c4972173f0f3be19ae64431f975dae8effdb0968999b9713f74d23b61fef09f910913280e446ce0a43e7465
(5) State = 0xbdbe794db9566c9b1371e49bfa915200
(5) Message-Authenticator = 0x1e1efc4e85e5088d06e33b64894a3579
(5) session-state: No cached attributes
(5) # Executing section authorize from file /etc/freeradius/3.0/sites-enabled/default
(5) authorize {
(5) eap: Peer sent EAP Response (code 2) ID 232 length 95
(5) eap: Continuing tunnel setup
(5) [eap] = ok
(5) } # authorize = ok
(5) Found Auth-Type = eap
(5) # Executing group from file /etc/freeradius/3.0/sites-enabled/default
(5) authenticate {
(5) eap: Expiring EAP session with state 0xbdbe794db9566c9b
(5) eap: Finished EAP session with state 0xbdbe794db9566c9b
(5) eap: Previous EAP request found for state 0xbdbe794db9566c9b, released from the list
(5) eap: Peer sent packet with method EAP TTLS (21)
(5) eap: Calling submodule eap_ttls to process data
(5) eap_ttls: Authenticate
(5) eap_ttls: Continuing EAP-TLS
(5) eap_ttls: [eaptls verify] = ok
(5) eap_ttls: Done initial handshake
(5) eap_ttls: [eaptls process] = ok
(5) eap_ttls: Session established. Proceeding to decode tunneled attributes
(5) eap_ttls: Got tunneled request
(5) eap_ttls: User-Name = "eburkon at admin.bis-school.com"
(5) eap_ttls: User-Password = "dumbo888"
(5) eap_ttls: FreeRADIUS-Proxied-To = 127.0.0.1
(5) eap_ttls: Sending tunneled request
(5) Virtual server eap-inner received request
(5) User-Name = "eburkon at admin.bis-school.com"
(5) User-Password = "dumbo888"
(5) FreeRADIUS-Proxied-To = 127.0.0.1
(5) NAS-IP-Address = 127.0.0.1
(5) Calling-Station-Id = "02-00-00-00-00-01"
(5) Framed-MTU = 1400
(5) NAS-Port-Type = Wireless-802.11
(5) Service-Type = Framed-User
(5) Connect-Info = "CONNECT 11Mbps 802.11b"
(5) server eap-inner {
(5) # Executing section authorize from file /etc/freeradius/3.0/sites-enabled/eap-inner
(5) authorize {
(5) update control {
(5) Proxy-To-Realm := "NPS"
(5) } # update control = noop
(5) } # authorize = noop
(5) } # server eap-inner
(5) Virtual server sending reply
(5) eap_ttls: Tunneled authentication will be proxied to NPS
(5) eap: WARNING: Tunneled session will be proxied. Not doing EAP
(5) [eap] = handled
(5) } # authenticate = handled
(5) Starting proxy to home server 10.0.0.21 port 1812
(5) Proxying request to home server 10.0.0.21 port 1812 timeout 5.000000
(5) Sent Access-Request Id 1 from 0.0.0.0:38924 to 10.0.0.21:1812 length 156
(5) User-Name = "eburkon at admin.bis-school.com"
(5) User-Password = "dumbo888"
(5) NAS-IP-Address = 127.0.0.1
(5) Calling-Station-Id = "02-00-00-00-00-01"
(5) Framed-MTU = 1400
(5) NAS-Port-Type = Wireless-802.11
(5) Service-Type = Framed-User
(5) Connect-Info = "CONNECT 11Mbps 802.11b"
(5) Message-Authenticator := 0x00
(5) Proxy-State = 0x35
Waking up in 0.3 seconds.
(5) Marking home server 10.0.0.21 port 1812 alive
(5) Clearing existing &reply: attributes
(5) Received Access-Accept Id 1 from 10.0.0.21:1812 to 10.9.0.204:38924 length 146
(5) Proxy-State = 0x35
(5) Filter-Id = "fallback"
(5) Framed-Protocol = PPP
(5) Reply-Message = "Ohmei"
(5) Service-Type = Framed-User
(5) Class = 0x83c3078e00000137000102000a00001500000000f566755d44f84d2101d5264eda20537f0000000000002e18
(5) MS-Link-Utilization-Threshold = 50
(5) MS-Link-Drop-Time-Limit = 120
(5) MS-MPPE-Encryption-Policy = Encryption-Required
(5) MS-MPPE-Encryption-Types = 14
(5) Found Auth-Type = eap
(5) Found Auth-Type = Accept
(5) ERROR: Warning: Found 2 auth-types on request for user 'anonymous at admin.bis-school.com'
(5) Auth-Type = Accept, accepting the user
(5) # Executing section post-auth from file /etc/freeradius/3.0/sites-enabled/default
(5) Sent Access-Accept Id 5 from 127.0.0.1:1812 to 127.0.0.1:38193 length 0
(5) Filter-Id = "fallback"
(5) Framed-Protocol = PPP
(5) Reply-Message = "Ohmei"
(5) Service-Type = Framed-User
(5) Class = 0x83c3078e00000137000102000a00001500000000f566755d44f84d2101d5264eda20537f0000000000002e18
(5) MS-Link-Utilization-Threshold = 50
(5) MS-Link-Drop-Time-Limit = 120
(5) MS-MPPE-Encryption-Policy = Encryption-Required
(5) MS-MPPE-Encryption-Types = 14
(5) Finished request
Waking up in 4.9 seconds.
: Trusted Network GmbH
: Max-Planck-Str. 1
: D-85716 Unterschleissheim
: Telefon: 089 / 54 80 163 - 0
: Telefax: 089 / 54 80 163 - 222
: Web: http://www.tnib.de<http://www.tnib.de/>
: Geschaeftsfuehrer: Joerg Staedele, Stefan Kinner
: Sitz der Gesellschaft: Unterschleissheim
: Registergericht: AG Muenchen HRB 108 388
Die Informationspflichten zum Datenschutz, insbesondere zur Rechtsgrundlage zur Mandantenkommunikation,
finden Sie unter https://www.trusted-network.de/datenschutz
More information about the Freeradius-Users
mailing list