| *** Rsh (52a898bc@gateway/web/freenode/ip.82.168.152.188) has joined #wikid | 13:06 | |
| *** Rsh has parted #wikid (None) | 13:07 | |
| *** Rensharma (52a898bc@gateway/web/freenode/ip.82.168.152.188) has joined #wikid | 13:08 | |
| *** nowen (~nowen@99-174-93-102.lightspeed.tukrga.sbcglobal.net) has joined #wikid | 13:11 | |
| *** nowen has quit (Quit: Leaving.) | 13:43 | |
| *** nowen (~nowen@99-174-93-102.lightspeed.tukrga.sbcglobal.net) has joined #wikid | 13:45 | |
| *** nowen has quit (Ping timeout: 268 seconds) | 19:05 | |
| *** nowen (~nowen@99-174-93-102.lightspeed.tukrga.sbcglobal.net) has joined #wikid | 19:07 | |
| *** Ssamantha (~Ssamantha@50-88-95-126.res.bhn.net) has joined #wikid | 20:08 | |
| Ssamantha | Hello anyone around? | 20:09 |
|---|---|---|
| nowen | sure | 20:09 |
| Ssamantha | Does WIKID server function as RADIUS server or just talks to RADIUS? | 20:09 |
| nowen | really, the latter. | 20:09 |
| nowen | what are you trying to do? | 20:10 |
| Ssamantha | COnfigure 2 factor for vpn wifi and xenapp fundamentals | 20:10 |
| nowen | well, you can have all of those point to WiKID, but it is best to run it through a radius server | 20:11 |
| nowen | do you have one? are you partial to cisco, windows or freeradius? | 20:11 |
| Ssamantha | What is benefit of going through RADIUS? How would you be able to avoid RADIUS with Xenapp? | 20:11 |
| Ssamantha | Do not have a RADIUS server yet | 20:11 |
| nowen | Radius gives you one point to disable your users, which is a big deal. you can also do authorization at your directory and then auth at wikid | 20:12 |
| nowen | are you running AD? | 20:12 |
| Ssamantha | NO these are very small independent physician offices that need regulatory compliance | 20:13 |
| nowen | ahh | 20:13 |
| Ssamantha | Typical one db server 5-10 users | 20:13 |
| nowen | so, is xenapp running at these offices? | 20:13 |
| Ssamantha | Yes at a few | 20:14 |
| nowen | you can have them all talk radius directly to wikid | 20:14 |
| Ssamantha | Static password port 443 forwarded , simple stuff | 20:14 |
| Ssamantha | Ok so WIKID functions sort of like a RADIUS server? | 20:14 |
| Ssamantha | CAn I point directly to WIKID server instead of RADIUS | 20:15 |
| nowen | sort of. it is really an auth server that talks radius | 20:15 |
| nowen | yes | 20:15 |
| Ssamantha | Super. that is what I was hoping. Are you a user or admin | 20:16 |
| nowen | I work for WiKID | 20:16 |
| Ssamantha | So is it possible to aggregate all of these independent offices/users to one cloud based WIKID server. | 20:17 |
| Ssamantha | Private Cloud | 20:17 |
| nowen | I would think so. | 20:17 |
| nowen | seems like you might want one big xenapp server, etc | 20:17 |
| Ssamantha | What ports would have to be open to access WIKID server in that scenario? | 20:18 |
| nowen | the tokens use port 80. the admin is 443 | 20:18 |
| Ssamantha | Wish I could but each office is a completely independent business entity. | 20:18 |
| nowen | if you use radius between your cloud and the offices, you will need to tunnel it. radius is not encrpyted | 20:18 |
| Ssamantha | Got it so will need WIKID server at each office. Xeanpp uses 443 is it possible to configure WIKID smrtphone app and server for alternate port? | 20:20 |
| nowen | the WiKIDAdmin interfaces uses 443. the token use port 80. You can change the admin interface port, but not the tokens | 20:21 |
| nowen | you can proxy them to a different port if you have that capability, but we can't re-write the token clients | 20:21 |
| Ssamantha | Right ok | 20:22 |
| Ssamantha | I downloaded the appliance ISO and will set up to test. Thanks for all the info. | 20:22 |
| nowen | great | 20:23 |
| Ssamantha | Iin Virtual Box which Linus distro should I choose? | 20:49 |
| nowen | redhat 32 | 20:49 |
| Ssamantha | Thanks | 20:49 |
| nowen | np | 20:49 |
| Ssamantha | Run as live CD or install to a vxd | 20:50 |
| nowen | install | 20:50 |
| Ssamantha | ok | 20:50 |
| Ssamantha | Install boot stuck on NET: Registered protocol family 2 | 20:58 |
| Ssamantha | Any boot flags I should pass? | 20:58 |
| nowen | hmm. did you Enable IO apic? | 20:58 |
| Ssamantha | Will check | 20:59 |
| nowen | usually that happens automatically | 20:59 |
| Ssamantha | Yea i used default Vbox params | 20:59 |
| nowen | is this an AMD host? | 20:59 |
| Ssamantha | Yes | 20:59 |
| nowen | hmm, google thinks it is the IO apic. check it under Settings/System | 21:00 |
| Ssamantha | Yep found it rebooting now | 21:01 |
| Ssamantha | Yea thats was it | 21:01 |
| Ssamantha | Username:WiKIDAdmin (mixed-case) | 21:10 |
| Ssamantha | Password:2Factor?? | 21:10 |
| Ssamantha | Is that console login as well? | 21:10 |
| nowen | the console login is root/wikid | 21:16 |
| Ssamantha | ok | 21:19 |
| nowen | once you are logged in as root, you can follow this doc: http://www.wikidsystems.com/support/wikid-support-center/manual/how-to-install-the-wikid-strong-authentication-server/referencemanual-all-pages | 21:20 |
| nowen | i see you got your cert | 22:02 |
| Ssamantha | Yes working on it got interrupted | 22:18 |
| Ssamantha | Lot of new concepts. I am generally knowledgable re public private key encryption but need some study. | 22:19 |
| Ssamantha | Any good primers? | 22:19 |
| nowen | http://www.wikidsystems.com/learn-more/how-it-works | 22:19 |
| Ssamantha | As relates to WIKID | 22:19 |
| nowen | and http://www.wikidsystems.com/learn-more/white-papers | 22:19 |
| Ssamantha | Will read, Thanks | 22:20 |
| nowen | essentially, we use the keys to encrypt PINs one way and OTP back. Most tokens use shared secrets | 22:20 |
| nowen | time for me to head out. Are you at a goodish spot? | 22:20 |
| Ssamantha | Yea I have a lot of reading to do and will probably take back up on Monday, Thanks again and have a good weekend. | 22:21 |
| nowen | you too! | 22:21 |
| *** nowen has quit (Quit: Leaving.) | 22:21 | |
| *** Ssamantha has quit () | 22:34 | |
Generated by irclog2html.py 2.11.0 by Marius Gedminas - find it at mg.pov.lt!