11-29-2022 07:38 PM
Hi,
I am trying to restrict internal extensions to call outside with from 2 truck lines i have done below configuration, but the issue i face is whenever i apply specific Corlist it restricts complete access to trunk. i wanted to do in below way level wise access as.
dial-peer cor list Level4
member Local
member NWD
member Int
member UAN
member Toll
member Local-BR
member internal
member Mobile-GSM
!
dial-peer cor list lvl3
member Mobile
member Local
member NWD
member UAN
member Toll
member internal
!
dial-peer cor list lvl2
member Local
member NWD
member UAN
member Toll
member internal
!
dial-peer cor list lvl1
member internal
dial-peer cor list Master1
member Mobile
member Local
member NWD
member Int
member UAN
member Toll
member internal
dial-peer cor list All
member All
now applying that on dial-peer
dial-peer voice 2000 voip
corlist outgoing Master1
translation-profile outgoing remove_prefix
destination-pattern 7.T
session protocol sipv2
session target ipv4:43.242.100.1
no voice-class sip early-offer forced
dtmf-relay sip-notify rtp-nte
codec g711ulaw
no vad
dial-peer voice 4000 voip
corlist outgoing All
translation-profile outgoing remove_prefix
destination-pattern .T
session protocol sipv2
session target ipv4:10.200.173.221
no voice-class sip early-offer forced
dtmf-relay sip-notify rtp-nte
codec g711ulaw
clid network-number 2138704444
no vad
now applying on extensions
ephone-dn 1 dual-line
number 201
label 201
description CEO
name CEO
corlist incoming Master
corlist outgoing lvl4
ephone-dn 16 dual-line
number 216
label 216
description Board Room
name Meeting Room
corlist outgoing lvl1
corlist incoming Master
Please let me know if i am doing it in correct way, or missing something.
11-29-2022 10:50 PM - edited 11-30-2022 08:09 AM
No directory number is a member of the cor list All and as you have that as a criteria for dial peer 4000 no one is allowed to use it. And as far as I can tell you’re using an inbound cor list on the directory numbers that doesn’t exist, you have it set to Master, whereas the cor list is named Master1.
For details on how to configure COR please see this document. Configuring Class of Restrictions (COR)
11-30-2022 06:43 AM
To add to what @Roger Kallberg said, I believe what you are attempting with dial-peer 4000 is to have no restrictions on it for outgoing calls. The way to do that is to not have a COR list on it in the outgoing direction. Unlike CUCM where the no CSS assigned means you have access to no partitions, in COR having no CORLIST assigned means there are no restrictions.
Maren
11-30-2022 10:33 PM
name mentioned in cor list as
Local, Mobile, Mobile-GSM, NWD, UAN,
are these keywords or do we need to define the pattern, if any pattern (would be thankful if you let me know).
The target we want to achieve is , block outgoing calls for specific DNs and allow for specific DNs, which would be applied on the outgoing SIP-Trunk 2000 and 4000.
Thanks again for your time.
12-01-2022 04:01 AM - edited 12-01-2022 04:04 AM
A simplified explanation is that cor custom is equal to a partition in CM and a cor list is equal to a CSS in CM. A cor custom is just a name that you define for later use in a cor list. Cor lists can be used in the inbound and outbound direction and they contain the name(s) that you define with cor custom. The inbound direction sets what the caller has access to and the outbound direction sets what the caller have to have access to for being able to make the call. There is no concept of explicitly granting all cor custom to a cor list by using a specific key word, like you seem to have it in your example with the All key word. That said what you can do to accomplish this is to have no cor list set in either the inbound or outbound direction as that will explicitly allow all calls. How COR works is quite clearly described in the document that I shared with you. Did you read that?
To make your configuration much simpler I would suggest that you do something along with this.
dial-peer cor custom
name 2000
name 4000
dial-peer cor list 2000
member 2000
!
dial-peer cor list 4000
member 4000
!
dial-peer cor list NotRestricted
member 2000
member 4000
!
dial-peer cor list Restricted
member 4000
dial-peer voice 2000 voip
corlist outgoing 2000
translation-profile outgoing remove_prefix
destination-pattern 7.T
session protocol sipv2
session target ipv4:43.242.100.1
no voice-class sip early-offer forced
dtmf-relay sip-notify rtp-nte
codec g711ulaw
no vad
!
dial-peer voice 4000 voip
corlist outgoing 4000
translation-profile outgoing remove_prefix
destination-pattern .T
session protocol sipv2
session target ipv4:10.200.173.221
no voice-class sip early-offer forced
dtmf-relay sip-notify rtp-nte
codec g711ulaw
clid network-number 2138704444
no vad
ephone-dn 1 dual-line
number 201
label 201
description CEO
name CEO
corlist incoming NotRestricted
!
ephone-dn 16 dual-line
number 216
label 216
description Board Room
name Meeting Room
corlist incoming Restricted
This will restrict access to dial peer 2000 to the cor list NotRestricted that has both cor custom name 2000 and 4000 as members. For dial peer 4000 both the cor list Restricted and NotRestricted grants access as the cor custom name 4000 is a member of both of these.
12-03-2022 08:45 AM
@akhundbilal Any update on this? Did you get it to work as per how you had envisioned it?
12-03-2022 10:58 PM
@Roger KallbergThanks , I tired your recommendation , but unfortunately that did not work.
Let me share how i configured it.
it was very nice you followed up.
12-04-2022 12:23 AM
Please share your configuration. If you followed what I shared it should have worked per your outline.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide