Cisco 7970G + Asterisk

The Cisco 7970G IP Phone is by far one of the nicest VoIP Phones i have ever used. However, getting it to work outside the standard Cisco Call Manager environment with Asterisk can be a challenge. After weeks of testing various configurations and tweaking settings on both the phone and Asterisk, i was able to finally get a working configuration that works for both local network connections and NAT as well.

(more…)

TACACS+

So I finally took the plunge and decided to implement TACACS+ at Dark Horse Networks as well as for my personal network. TACACS+ stands for “Terminal Access Controller Access-Control System” and can be used to authenticate users to Unix systems and more importantly Cisco equipment. This will remove the need to have user accounts on each individual device and provide central unified authentication.

In addition to authentication of users it also allows for authorizing a given user to different levels of access. For example: Alice may only have access to view the current configuration of a router, while Bob has access to change the configuration.

Finally, TACACS provides accounting. This allows central logging of all commands a user executes for auditing purposes. That way if “someone” happens to destroy your configuration on a device, you know who to hunt down.

Just to note… In case you are wondering what the difference is between TACACS and TACACS+, TACACS+ is a completely new protocol and is not compatible with the older TACACS protocol. TACACS+ was created by Cisco Systems. The specific implementation I will be using is usually referred to as “tac_plus” and is also the name of the daemon.

(more…)