Is there a way to stop users from being able to transfer a call or forward their phone to an outside(ie PSTN) extension? There are several toll fraud risks in allowing users to do this.
Thanks for any help.
you can define CSS specifically for the forward procedure, so that you can control where the user is allowed to fwd his line. This is idependant of the CSS of the line.
Can't verify this at this moment since I'm not near a test CM but if I recall right, just set the Forward All's calling search space to a restricted CSS and leave the destination blank. (You can find this on the Line configuration. This should do what you want to do...
We use this on our VG-200. Due to a special configuration which probably does not apply to your environment, you can leave out the 4th line.
access-list 105 permit icmp any any
access-list 105 permit tcp any any eq telnet
access-list 105 permit udp any any eq tftp
access-list 105 deny ip any host 10.102.1.206
access-list 105 permit ip any any
ip access-group 105 out
Pardon my ignorance but I don't see how that access-list would have any impact whatsoever.
How does setting up an acces-list that basically allows all ip, except to one host, have anything to do with filtering transfers of voice calls through a gateway?
as of the 3.2.2C release you can still not restrict call transfer physicaly on the cisco call manager. Maybe in SeaView ...........
If you wish to prevent toll fraud, you can implement a PIN (personal identification number) system that'll authenticate a user first before allowing a long distance call to go through. Since the PIN is unique for each user, any calls made using the PIN will be directly traceable to the user irregardless of whether the call was made using forwarded/transfer sessions or not.
Ive been looking into implementing a PIN system to authenticate users before long distance calls can be placed. Might you be able to point me to any resources or make any recommendations as to the most efficient way to go about implementing a PIN system?