| *** alamarca has quit (Ping timeout: 248 seconds) | 05:25 | |
| *** alamarca (~alamarca@201.246.76.78) has joined #wikid | 05:39 | |
| *** Paul__ (559f5502@gateway/web/freenode/ip.85.159.85.2) has joined #wikid | 10:04 | |
| *** Paul__ has parted #wikid (None) | 10:05 | |
| *** alamarca has quit (Quit: Saliendo) | 12:55 | |
| *** alamarca (~alamarca@201.246.76.78) has joined #wikid | 13:12 | |
| *** alamarca has quit (Ping timeout: 240 seconds) | 13:17 | |
| *** nowen (~nowen@98.66.164.120) has joined #wikid | 14:11 | |
| *** Scott___ (4080b9c4@gateway/web/freenode/ip.64.128.185.196) has joined #wikid | 14:27 | |
| Scott___ | Are the tokens that this uses a physical token, or is it like a software? | 14:28 |
|---|---|---|
| *** Scott___ has quit (Client Quit) | 14:30 | |
| *** aktnz (52b014f2@gateway/web/freenode/ip.82.176.20.242) has joined #wikid | 17:30 | |
| aktnz | good evening from Terneuzen, the Netherlands | 17:30 |
| nowen | good afternoon from Atlanta, Ga, USA | 17:31 |
| aktnz | A couple of days ago I installed the Wikid Strong authentication server and I must admit it works really great. So I ordered a couple of licenses (home use). Can you tell me in what way they are delivered ?? | 17:34 |
| nowen | hehe, well, we actually haven't set up the license/certificate system yet, it is in the works. | 17:34 |
| nowen | so what you have is a production cert | 17:35 |
| aktnz | Ah OK :), does this license expire at some time ?? | 17:36 |
| nowen | legally it is a 1 year subscription. the intermediate CA is good for 3. localhost is 1 | 17:37 |
| aktnz | Are there any other customers in the Netherlands or Benelux - countries as far as you know ?? | 17:39 |
| nowen | yes, definitely. | 17:40 |
| nowen | is the Dutch translation working ok? | 17:44 |
| aktnz | Well I work for the "gemeente Terneuzen" (local governement) and I am sure a lot of "collegues" might be interested in Wikid !! | 17:44 |
| aktnz | I installed in the default language. Is a Dutch translation available ?? | 17:45 |
| aktnz | Atlanta that is in the southern part of the USA, or am I wrong ? Wel, Terneuzen is a small town in the south-western part of the Netherlands, close to the Beigium border. Some "nice" cities in our neighborhood are Antwerp (50 km), Brussels (100 km), Paris (350 km), Amsterdam (200 km). | 17:49 |
| nowen | aktnz: there should be a Dutch option in the token client | 17:52 |
| nowen | yes, Atlanta is in the South. Sounds like you're in the center of a lot of activity :) | 17:52 |
| aktnz | definitely :) By the way the android - client works like a charm !!!! | 17:58 |
| aktnz | Really great stuff !! | 18:02 |
| nowen | oh really? I think the UI could use some work | 18:09 |
| nowen | but it is quite handy | 18:21 |
| nowen | aktnz: I mean there should be a Dutch option in the PC token, not the android | 18:22 |
| aktnz | OK, should it be possible to use wikid with strongswan (ipsec) ? | 18:27 |
| nowen | if you can use a username/password combo to login and the server supports radius, or pam and thus pam-radius, then it should work | 18:30 |
| nowen | I would love to have some documentation on that if it works | 18:30 |
| aktnz | strongswan supports eap, radius or xauth (username/password). Looks good, I guess ........ | 18:36 |
| aktnz | http://wiki.strongswan.org/projects/strongswan/wiki/EapRadius | 18:38 |
| nowen | cool | 18:39 |
| aktnz | Well, I'll start "playing" with it the next couple of days......... | 18:39 |
| nowen | yeah, let me know how it goes | 18:39 |
| nowen | I think when I looked at it, there was no radius support | 18:39 |
| *** alamarca (~alamarca@201.246.76.78) has joined #wikid | 18:40 | |
| aktnz | Maybe you looked at OpenSwan in stead of StrongSwan. The last one is absolutely much better. | 18:40 |
| alamarca | hi | 18:40 |
| nowen | oh that could be | 18:40 |
| nowen | hi alamarca | 18:40 |
| *** alamarca has quit () | 18:45 | |
| *** alamarca (~alamarca@201.246.76.78) has joined #wikid | 18:53 | |
| aktnz | @nowen: I will keep you informed about wikid - ipsec. Configuring ipsec is not the easiest task but I will give it a try :) | 18:55 |
| *** alamarca has quit (Remote host closed the connection) | 18:56 | |
| nowen | hehe, no, not easy, or I would have documented it already:-) | 18:56 |
| *** alamarca (~alamarca@201.246.76.78) has joined #wikid | 18:56 | |
| aktnz | @nowen, I must leave now. See you later :) | 19:07 |
| nowen | later ;) | 19:07 |
| *** aktnz has quit (Quit: Page closed) | 19:08 | |
| *** alamarca has quit (Read error: Connection reset by peer) | 19:47 | |
| *** alamarca_ (~alamarca@201.246.76.78) has joined #wikid | 19:47 | |
| *** alamarca_ has quit (Client Quit) | 19:47 | |
| *** alamarca (~alamarca@201.246.76.78) has joined #wikid | 19:48 | |
| *** alamarca has quit () | 20:13 | |
| *** alamarca (~alamarca@201.246.76.78) has joined #wikid | 20:17 | |
| *** alamarca has quit () | 20:46 | |
| *** alamarca (~alamarca@201.246.76.78) has joined #wikid | 20:48 | |
| *** wpg (83cc9101@gateway/web/freenode/ip.131.204.145.1) has joined #wikid | 20:52 | |
| wpg | yo, anyone here know if Wikid can be configured to do 2-factor auth with Cisco ASA, & AD? | 20:53 |
| wpg | I have read some of the docs on the wikid website, but they look kind of outdated | 20:53 |
| nowen | wpg: yes | 20:56 |
| nowen | should be no problem | 20:56 |
| nowen | just use radius | 20:56 |
| nowen | you will want to use either IAS or NPS to route the auth requests through AD | 20:56 |
| wpg | I saw in the Cisco Concetrator doc - it mentioned opening a web browser to test, and that threw me off.. | 20:57 |
| wpg | most of our clients use the Cisco any-connect vpn client | 20:58 |
| nowen | yeah, it could be referencing the web ssl vpn | 20:58 |
| nowen | but the back is all that matters | 20:58 |
| wpg | I assume I could use FreeRADIUS instead of IAS? | 20:58 |
| nowen | is you want to use AD for authorization, then you have to use ias. if you don't care about checking ad groups, then you can have the cisco talk straight to the WiKID box | 20:59 |
| wpg | what if I had the FreeRADIUS server talking to the AD servers? ie.. either via ldap or as part of the domain? | 21:00 |
| nowen | that should work fine too | 21:00 |
| nowen | we have a doc on freeradius/openldap that should also work | 21:01 |
| nowen | hadn't thought of that - freeradius can check authz to AD via LDAP> | 21:01 |
| nowen | ? | 21:01 |
| wpg | yeah, that's how we do our wireless auth on our campus | 21:02 |
| nowen | makes perfect sense, just hadn't thought of it | 21:02 |
| wpg | for testing, should I be able to do this using the community edition? | 21:02 |
| nowen | the community edition does not support radius | 21:03 |
| wpg | arghh | 21:03 |
| nowen | you can test with enterprise, we're pretty lax about the 30 day limit. Also, if you program and know freeradius, then maybe you can write a module | 21:04 |
| wpg | ok, thanks for the help | 21:05 |
| nowen | np | 21:06 |
| nowen | wpg: http://www.wikidsystems.com/community-version/support/wikid-support-center/faq/whats-the-difference-between-the-community-release-and-enterprise-release/?searchterm=what%20is%20the%20difference | 21:14 |
| wpg | thanks! | 21:26 |
| wpg | do you guys have any .edu clients? | 21:26 |
| nowen | yes, and we're working on some more | 21:26 |
| * nowen >_> | 21:27 | |
| wpg | can you tell me who some of them are? | 21:27 |
| nowen | in general our users don't like anyone knowing what systems they run. I can forward some via email, if they agree | 21:28 |
| nowen | mostly, we get .edus that need PCI compliance | 21:28 |
| wpg | yep - that's us | 21:29 |
| alamarca | ... | 21:29 |
| nowen | there's a good sampling of .edus in here now :) | 21:30 |
| wpg | anyone? | 21:30 |
| nowen | shy people. | 21:31 |
| nowen | hehe | 21:31 |
| alamarca | bye | 21:31 |
| wpg | are you in ATL Nick? | 21:33 |
| nowen | yes | 21:33 |
| wpg | sweet | 21:33 |
| nowen | are you going to SELF by any chance? | 21:33 |
| wpg | sorry - what do you mean? | 21:34 |
| nowen | Southeast Linux Fest | 21:34 |
| nowen | it's in Spartanburg | 21:35 |
| wpg | when is it? | 21:35 |
| nowen | http://www.southeastlinuxfest.org/ June 10-12, 2011 | 21:35 |
| wpg | Probably not, why do you ask? | 21:36 |
| nowen | saw you were in Auburn. I'll be there | 21:36 |
| wpg | yeah, that would be cool though.. | 21:36 |
| nowen | it's a pretty good linux fest | 21:37 |
| wpg | I would like to meet you | 21:37 |
| nowen | not that i have been to many | 21:37 |
| wpg | are you on AIM? | 21:37 |
| nowen | no | 21:37 |
| wpg | email? | 21:37 |
| wpg | :) | 21:37 |
| nowen | nowen at wikidsystems.com | 21:37 |
| wpg | thanks.. | 21:38 |
| nowen | np | 21:38 |
| wpg | where in ATL is you company? | 21:38 |
| nowen | midtown. the Earthlink building on 17th | 21:38 |
| wpg | here is mine - gouldwp-at-auburn.edu | 21:39 |
| wpg | I will try the enterprise trial | 21:39 |
| wpg | I see it has a RADIUS server built in | 21:40 |
| nowen | yes | 21:40 |
| nowen | don't worry about spam. | 21:40 |
| wpg | coming from FreeRADIUS how does is compare (sorry for the 20 questions) | 21:40 |
| nowen | it's not really a radius server. it is just a listener. | 21:41 |
| wpg | ahh | 21:41 |
| wpg | gotcha | 21:41 |
| nowen | I would not replace freeradius with it | 21:41 |
| nowen | we can return attributes etc | 21:41 |
| wpg | ok well, if I have more questions once I get my hands dirty, I might hit you up if you don't mind. thanks againfor your help. It was nice chatting w/ you. | 21:42 |
| nowen | same here! enjoy | 21:43 |
| wpg | war eagle! ;) | 21:43 |
| nowen | hehe, I went to UVa undergrad and UGa grad school | 21:43 |
| wpg | :) | 21:44 |
| nowen | and I live in the land of Ga Tech | 21:45 |
| wpg | we were just up there a few weeks ago on Tech's campus for a IPv6 meeting | 21:46 |
| wpg | cya | 21:46 |
| nowen | hmm, what does that say about IPv6 that people have to have meetings about it? :) | 21:46 |
| nowen | later | 21:47 |
| wpg | yeah - no doubt | 21:47 |
| wpg | and still have no clue about it | 21:47 |
| wpg | heh | 21:47 |
| wpg | hehe | 21:47 |
| nowen | lol | 21:47 |
| wpg | gotta go - will be talking w/ you | 21:48 |
| *** wpg has quit (Quit: Page closed) | 21:48 | |
| *** nowen has parted #wikid (None) | 22:23 | |
| *** sakhi has quit (Ping timeout: 258 seconds) | 22:36 | |
| *** alamarca has quit (Ping timeout: 264 seconds) | 23:10 | |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!