| *** nowen (~nowen@adsl-74-176-212-133.asm.bellsouth.net) has joined #wikid | 13:18 | |
| *** CoolAcid has quit (Quit: Leaving) | 14:14 | |
| *** nowen has quit (Quit: Leaving.) | 15:44 | |
| *** nowen (~nowen@adsl-74-176-212-133.asm.bellsouth.net) has joined #wikid | 16:58 | |
| *** helpme (4b955111@gateway/web/freenode/ip.75.149.81.17) has joined #wikid | 18:57 | |
| helpme | hello | 18:57 |
|---|---|---|
| nowen | hi | 18:57 |
| helpme | Im having trouble accessing the webpage for WiKID | 18:58 |
| nowen | hmm | 18:58 |
| nowen | you mean the web interface for the server or our webpage? | 18:58 |
| helpme | Sorry yes, meant the web interface for the server | 18:58 |
| nowen | how did you install? package or iso? | 18:59 |
| helpme | package | 18:59 |
| nowen | what os? | 18:59 |
| helpme | debian | 18:59 |
| nowen | are you seeing any errors? | 18:59 |
| helpme | No errors when starting it | 19:00 |
| nowen | are there any errors in /opt/WiKID/tomcat/logs/catalina.out? | 19:00 |
| helpme | when trying to access the web interface | 19:00 |
| helpme | let me check | 19:00 |
| nowen | is anything listening on 443? | 19:00 |
| helpme | No errors in log file | 19:01 |
| helpme | let me check 443 | 19:01 |
| helpme | nope. nothing listening on 43 | 19:03 |
| helpme | 443 | 19:03 |
| helpme | Are you still there? | 19:06 |
| nowen | yes | 19:07 |
| nowen | what about 80? | 19:07 |
| nowen | what version of java are you running? | 19:08 |
| helpme | 1.6.0.8 | 19:08 |
| helpme | Nothing listening on port 80 either | 19:09 |
| nowen | is selinux enabled? | 19:10 |
| nowen | is there nothing at all in catalina.out? | 19:10 |
| helpme | no there is | 19:11 |
| helpme | just no errors | 19:11 |
| helpme | how do i check to see if selinux is enable | 19:11 |
| helpme | i used selinuxenabled & | 19:11 |
| nowen | not sure on debian. you might try setenforce | 19:11 |
| helpme | setenforce didnt work.. | 19:12 |
| helpme | let me check something | 19:12 |
| helpme | i'm installing selinux | 19:13 |
| nowen | oh, no. don't do that | 19:14 |
| nowen | unless it is something you want | 19:14 |
| nowen | and know how to use | 19:14 |
| helpme | oh ok | 19:14 |
| helpme | nevermind then | 19:14 |
| nowen | can you post your catalina.out to pastebin.org? | 19:15 |
| *** helpme_ (4b955111@gateway/web/freenode/ip.75.149.81.17) has joined #wikid | 19:15 | |
| helpme_ | Sorry about that | 19:16 |
| helpme_ | Would daloradius cause conflicts? | 19:16 |
| nowen | not yet and probably not, depends on what ports it is using | 19:16 |
| nowen | can you post your catalina.out to pastebin.org? | 19:16 |
| helpme_ | yes | 19:17 |
| helpme_ | one min | 19:17 |
| *** helpme has quit (Ping timeout: 245 seconds) | 19:18 | |
| helpme_ | locate is not finding it.. what was the path again? | 19:20 |
| nowen | /opt/WiKID/tomcat/logs/catalina.out | 19:20 |
| helpme_ | nm found it but thanks =) | 19:20 |
| helpme_ | a: | 19:21 |
| helpme_ | Actually i did get some errors | 19:23 |
| helpme_ | didnt notice them before | 19:23 |
| helpme_ | http://pastebin.com/6tHV9iUF | 19:24 |
| nowen | run 'netstat -anp | grep 80' | 19:24 |
| helpme_ | ok | 19:25 |
| helpme_ | want me to pastebin tat? | 19:25 |
| helpme_ | that | 19:25 |
| helpme_ | tcp | 19:27 |
| helpme_ | 6 | 19:27 |
| helpme_ | is what is listening | 19:27 |
| helpme_ | on port 80 | 19:27 |
| nowen | whatever it is you need to kill it | 19:27 |
| helpme_ | trying to kill tcp6.. | 19:30 |
| nowen | yeah, that's not the process. | 19:31 |
| nowen | that's just saying that it is running on IPv6 | 19:31 |
| nowen | are you wed to debain? our iso is much easier | 19:31 |
| helpme_ | Not exactly. I just have everything set up and working right now. Does freeradius already come installed? | 19:34 |
| nowen | you have everything set up on one box? | 19:34 |
| helpme_ | Yes | 19:35 |
| helpme_ | I was trying daloradius and decided to give WiKID a shot | 19:35 |
| nowen | you know that wikid is not a radius server, right? it is a two-factor auth server | 19:35 |
| helpme_ | Yes | 19:36 |
| nowen | we typically recommend that you not run WiKID on a server with a bunch of other stuff on it | 19:36 |
| helpme_ | I guess I can try to the .iso and see how it works since that is what I wanted to do iniitally | 19:36 |
| helpme_ | But i understand that completely | 19:36 |
| nowen | the iso is based on centos | 19:36 |
| helpme_ | Thanks for your help =) | 19:36 |
| nowen | but it has everything ready to go | 19:37 |
| helpme_ | has great video tutorials | 19:37 |
| helpme_ | We just want the AAA | 19:37 |
| nowen | we only do one of the As | 19:38 |
| helpme_ | I know | 19:38 |
| helpme_ | Radius can take care of the rest righ | 19:38 |
| nowen | what are you securing? | 19:38 |
| *** nowen has parted #wikid (None) | 19:38 | |
| *** helpme_ has quit (Quit: Page closed) | 19:39 | |
| *** nowen (~nowen@adsl-74-176-212-133.asm.bellsouth.net) has joined #wikid | 19:39 | |
| nowen | sorry - ctrl-w in the wrong window | 19:39 |
| *** Andrew__ (c010ccd7@gateway/web/freenode/ip.192.16.204.215) has joined #wikid | 21:34 | |
| nowen | hi | 21:35 |
| Andrew__ | Hi there | 21:37 |
| Andrew__ | I'm having a bit of difficulty setting up the radius server to talk to the wikid server | 21:37 |
| Andrew__ | I've double checked the setting a few times now and keep getting the access-reject response from the radius server when trying to use wikid tokens | 21:38 |
| Andrew__ | the radius server verifies the username against ldap and responds but since I started testing the wikid tokens it always responds Access-Reject | 21:39 |
| nowen | what is the error message in the WiKIDAdmin logs? | 21:39 |
| Andrew__ | which logs | 21:40 |
| nowen | the logs in the web interface. click the link on the top right side "Logs" | 21:40 |
| nowen | and set the log level to debug and hit 'filter; | 21:41 |
| Andrew__ | this is from the latest attempt: | 21:43 |
| Andrew__ | trace com.mchange.v2.resourcepool.BasicResourcePool@4e2892b [managed: 3, unused: 2, excluded: 0] (e.g. com.mchange.v2.c3p0.impl.NewPooledConnection@5fa5e5e) | 21:43 |
| nowen | nah, that's nothin | 21:43 |
| nowen | g | 21:43 |
| nowen | try this: https://www.wikidsystems.com/support/wikid-support-center/troubleshooting-faq/how-can-i-set-radius-logging-to-debug-how-can-i-see-if-wikid-is-getting-the-radius-requests | 21:44 |
| nowen | also: is the user enabled? | 21:44 |
| Andrew__ | yes just added it and restarted | 21:46 |
| nowen | restarted WiKID? | 21:46 |
| nowen | one thing that offer happens is that WiKID doesn't recognize the IP address of the network client. you get the Unknown NAS error | 21:52 |
| Andrew__ | it's showing starting IPC thread | 21:55 |
| nowen | yeah, that's nothing. Can you try to login again? | 22:08 |
| nowen | you want something that says Access-Reject | 22:17 |
| nowen | perhaps the radius packets aren't getting to WiKID? | 22:19 |
| nowen | if the last thing you see in the logs is the OTP going out, then the server is not getting the request | 22:26 |
| nowen | Andrew__: anything? | 23:06 |
| nowen | ok - time for me to go. I'll be back tomorrow. | 23:18 |
| *** nowen has quit (Quit: Leaving.) | 23:18 | |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!