To use a PIN code to authorize calls (like FAC codes in CUCM). In CME use Call Blocking and Override funtionality. Have a look;
Call blocking to prevent unauthorized use of phones is implemented by matching a pattern of specified digits during a specified time of day and day of week or date. Up to 32 patterns of digits can be specified. Call blocking is supported on IP phones only and not on analog foreign exchange station (FXS) phones.
When a user attempts to place a call to digits that match a pattern that has been specified for call blocking during a time period that has been defined for call blocking, a fast busy signal is played for approximately 10 seconds. The call is then terminated, and the line is placed back in on-hook status.
Call blocking applies to all IP phones in a Cisco CME system, although individual IP phones can be exempted from all call blocking.
Individual phone users can be allowed to override call blocking associated with designated time periods by entering **personal identification numbers (PINs)** that have been assigned to their phones.
For IP phones that support soft keys, such as the Cisco IP Phone 7940G and the Cisco IP Phone 7960G, the call-blocking override feature allows individual phone users to override the call blocking that has been defined for designated time periods. The system administrator must first assign a personal identification number (PIN) to any phone that will be allowed to override call blocking.
Then, to override call blocking, the phone user presses the Login soft key on the phone and enters the PIN that is associated with the phone. Note that logging in to a phone with a PIN only allows the user to override call blocking that is associated with particular time periods. Blocking patterns that are created with the 7-24 keyword in the after-hours block pattern command are in effect 7 days a week, 24 hours a day, and they cannot be overridden by using a PIN.
When PINs are configured for call-blocking override, they are cleared at a specific time of day or after phones have been idle for a specific amount of time. The time of day and amount of time can be set by the system administrator.
From this good CME doc;
There is also this 3rd party product;
Hope this helps!
Call-block override = Failed :-(
The IOS is : c2800nm-advipservicesk9-mz.124-22.YB.bin
This is the conf
sdspfarm units 5
sdspfarm tag 1 MTP_001
em logout 0:0 0:0 0:0
ip source-address 10.74.4.1 port 2000
auto assign 12 to 12
system message Welcome To PAMF
cnf-file location flash:
load 7960-7940 P00308000500.loads
max-conferences 8 gain -6
multicast moh 18.104.22.168 port 16384
web admin system name CORALL password Amazon
after-hours block pattern 1 100
after-hours day Sun 00:00 23:30
after-hours day Mon 12:30 13:30
after-hours day Tue 12:30 13:30
after-hours day Wed 12:30 15:00
after-hours day Thu 12:30 13:30
after-hours day Fri 12:30 13:30
after-hours day Sat 00:00 23:30
after-hours override-code 7890
dial-peer voice 1000 voip
session target ipv4:22.214.171.124
incoming called-number 100
some months ago I found the following solution in Netpro (I guess) for UC500 but it works fine for CME also and if you need to define users.
try to check the link where I got the info
Can UC500/CME be configured to prompt a caller for a PIN before placing a call?
Yes, this is possible using a built-in script on the UC500. This feature is called Forced Access Code (FAC) or Auth Codes and UC500 supports a very simple implementation of it. This is how it works:
1) IP Phone user dials a particular pattern (international destination, for example)
2) If this destination is enabled for FAC, the user will hear a voice prompt asking for an Account number and PIN
3) The user enters the Account/PIN pair. If valid, the call proceeds, if not the call is dropped.
1) Obtain the application package from our FTP location. The package contains two audio files that need to be moved to the UC500 flash:
2) Copy the individual audio files to the UC500, using TFTP for example.
3) Enter the following commands in configuration mode, to load and activate the script (in this example the Account and PIN are three digits long):
param uid-len 3
param pin-len 3
4) Create usernames for authentication. Notice that the username/password will represent the Account and PIN that the caller will have to dial to be successfully authenticated. You can create multiple usernames and then hand those out to select personnel that will be allowed to place premium calls. In this example both Account and PIN are three digits long. The system supports a maximum of 16 digits for codes:
aaa authentication login h323 local
aaa authorization exec h323 local
aaa authorization network h323 local
username 123 password 123
username 321 password 321
5) Create a dial-peer for each pattern that you want cover using this application. Start with index 2500. In this example, only one dial-peer is shown with 9011.T as the pattern, which is the International prefix in the US. Notice that the pattern is preceded by an access code (9) that could vary per implementation:
dial-peer voice 2500 voip
description International Calls
session target ipv4:10.1.1.1
incoming called-number 9011.T
dial-peer voice 2501 pots
description International Calls POTS
corlist outgoing International
I've put the config but the CLI ask me where is the file script.
Can someone give me the TCL file for this FAC??
2/ The Call block Override doesn't work, I'm still blocked
I'm using CUCME7.0
Hi Antra the only files you need to load in flash are the audio file, I attach them.
if you applied CLI commands
param uid-len 3
param pin-len 3
you activate the necessary application, you have only to complete the procedure I recommend you.
If you can upgrade to CME 8.5, you can use FAC as a natively supported feature:
Hope it helps, please rate if it does.