Six years ago on this day, April 15, 2004, Dark Horse Wireless first opened its doors to customers in Belmont, OH. Growing steadily by word of mouth it has become the largest privately owned ISP in Belmont County. While it continues to grow even to this day, I thought it would be nice to show where it all began with some images of the construction of Dark Horse Tower.
The Cisco 7970G IP Phone is by far one of the nicest VoIP Phones i have ever used. However, getting it to work outside the standard Cisco Call Manager environment with Asterisk can be a challenge. After weeks of testing various configurations and tweaking settings on both the phone and Asterisk, i was able to finally get a working configuration that works for both local network connections and NAT as well.
Zenoss recently released the latest update to its popular monitoring and management platform. Version 2.1.3 is mainly a maintenance release but fixes numerous bugs that affected the UI and underlying modeling. The upgrade on Dark Horse Networks’ Zenoss install worked flawlessly thanks to their simple RPM distribution.
Complete release notes for 2.1.3 can be found here: Release Notes
So I finally took the plunge and decided to implement TACACS+ at Dark Horse Networks as well as for my personal network. TACACS+ stands for “Terminal Access Controller Access-Control System” and can be used to authenticate users to Unix systems and more importantly Cisco equipment. This will remove the need to have user accounts on each individual device and provide central unified authentication.
In addition to authentication of users it also allows for authorizing a given user to different levels of access. For example: Alice may only have access to view the current configuration of a router, while Bob has access to change the configuration.
Finally, TACACS provides accounting. This allows central logging of all commands a user executes for auditing purposes. That way if “someone” happens to destroy your configuration on a device, you know who to hunt down.
Just to note… In case you are wondering what the difference is between TACACS and TACACS+, TACACS+ is a completely new protocol and is not compatible with the older TACACS protocol. TACACS+ was created by Cisco Systems. The specific implementation I will be using is usually referred to as “tac_plus” and is also the name of the daemon.