This feature is not providing voice prompts as a security measure. On Wed, Jan 19, 2011 at 7:40 AM, Rama Krishnam Raju Pakalapati < [email protected]> wrote:
> I have upgraded the sipxecs version on server to 4.4.0 and working on the > authorization code feature. The scenario i am working on it is as follows > > 1) Created a user 6000 and allowed *Local/Voice Mail/Toll Free/* dialing > permissions > 2) Configured Linksys GW to connect towards the PSTN n/w with dial > permission as* International/Long Distance/STD* > 3) Configured authorization code procedure *81 and pin code with > *International/Long > Distance/STD*/ > > The use case is user(6000) should dial the authorization code procedure to > reach the PSTN n/w by dialing the *81 + PIN + PSTN number..which didn't > work..I am getting the 403 Permission Required error on the sipXproxy.logs > indicating the dial permission for *International/Long Distance/STD* are > required. > The question here is since user 6000 doesn't have these permissions and auth > code has these permissions, so these permission should inherit towards the > user (6000) during the auth code procedure dialing. > > No. The permissions are for "userless" permissions, and hence should be tested from the PSTN. Testing it from the inside is perhaps not a good test case, as it is designed to be used from outside the network. And also i would like suggest the procedure for the auth code dialing as > follows > > 1) User dials *81, then IVR should prompt saying "please enter the PIN > code" > 2) Once the users dial the correct PIN code, user should get a dial tone, > so that user will now to dial out the PSTN number > 3) If the users enter the wrong PIN code, the call should be disconnected > with the error tone > > I hope this procedure is common across the PBX systems and users would be > able adjust to this procedure. > I think it is common to want to maintain a level of security if using a DISA feature set, and one way to protect it is without voice prompts. (i.e., the user has to know the sequence). > > Thanks & Best Regards > /ramudu > > _______________________________________________ > sipx-users mailing list > [email protected] > List Archive: http://list.sipfoundry.org/archive/sipx-users/ > -- ====================== Tony Graziano, Manager Telephone: 434.984.8430 sip: [email protected] Fax: 434.326.5325 Email: [email protected] LAN/Telephony/Security and Control Systems Helpdesk: Telephone: 434.984.8426 sip: [email protected] Helpdesk Contract Customers: http://support.myitdepartment.net <http://support.myitdepartment.net>Blog: http://blog.myitdepartment.net Linked-In Profile: http://www.linkedin.com/pub/tony-graziano/14/4a6/7a4
_______________________________________________ sipx-users mailing list [email protected] List Archive: http://list.sipfoundry.org/archive/sipx-users/
