Re: Restric Phone Number

emily · ‎08-01-2002

Dear All:

I would to used ACS 3.0 NT to restric remote user Phone Number, for example "Only" permit 555-1234 phone number with username "Jack" and other deny , as bellow is my config step

Share Profile Components-->Network Access Restricions-->Add-->Selct define CLI/DNIS access restrict (Permit calling)

AAA Client : All AAA Clients

Port: *

CLI:*

DNIS:5551234

and apply to "Jack" account . that's config result to user "jack" couldn't be login(Jack Phone number is 5551234) , If i chang DNIS:5551234 to DNS:* that's login "OK" , But that can't restric Phone Number , Could you tell me where is wrong with me

Pls in advice

aaa authentication login default group tacacs+ local

aaa authentication ppp default if-needed group tacacs+

aaa authorization exec default group tacacs+ local

aaa authorization network default group tacacs+

aaa accounting exec default start-stop group tacacs+

aaa accounting network default start-stop group tacacs+

!

interface Group-Async0

ip unnumbered FastEthernet0/0

encapsulation ppp

async mode interactive

peer default ip address pool async

ppp authentication chap

group-range 33 40

!

tacacs-server host 10.10.10.10

tacacs-server key 123456789

!

line 33 40

exec-timeout 0 0

modem InOut

modem autoconfigure discovery

transport input all

autoselect during-login

autoselect ppp

flowcontrol hardware

tepatel · ‎08-01-2002

In your config DNIS allowed is 5551234.

With that ACS should have exact same DNIS (not Jack's Caller ID or CLI) to compare with to allow the call to go thru..If number of digits are less etc..call will be blocked. Just verify the exact DNIS..

You can try using 555* as DNIS..

What kind of line is coming on the router.. PRI/BRI/T1???