Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
7849
Views
25
Helpful
29
Replies

Extension is not a valid entry

Go to solution
William Hoover
Level 1
Level 1

‎09-13-2011 09:48 AM - edited ‎03-19-2019 03:35 AM

We have some extensions that you cannot connect to from outside calls. When a outside call comes in and the caller tries to connect to certain extensions they get a message that the extension is not a valid entry. I do know that the extensions that get this error do not have voice mail enabled. Is a voice mail box required for an outside call to be routed to an internal DN? How can I allow calls to be routed to these DNs without a voice mail box?

Thanks!

Bill

2 people had this problem
Labels:
29 Replies 29

Go to solution
Bradford Magnani
Cisco Employee
Cisco Employee
In response to William Hoover

‎09-15-2011 06:39 AM

Yep, that's correct, to prevent toll fraud.

0 Helpful

Go to solution
William Hoover
Level 1
Level 1
In response to Bradford Magnani

‎09-15-2011 06:41 AM

How do I do that? 

Thanks Brad

Bill

0 Helpful

Go to solution
Rob Huffman
Hall of Fame
Hall of Fame

‎09-14-2011 10:45 AM

Hi Bill,

Just a guess here .....but I would look at the greeting (setting, allow calls etc.) on the "Opening Greeting" Call Handler instead of the CSDR AA

Cheers!

Rob

0 Helpful

Go to solution
William Hoover
Level 1
Level 1
In response to Rob Huffman

‎09-14-2011 11:07 AM

Ya just to CMA I set it for all of the Handlers previously, I double checked the "Opening Greeting" handler and it is still set to "Allow tranfers to number not associated with.." already. It worked fine yesterday when I tested it and no one else admits to making any changes to the system. It looks the same as when I left it.

The restrictions look correct right?

What should I have under the DN settings for Voice Mail profile? I tried none/sys default, NoVoiceMail and our custom one ATT did when they did the install.

0 Helpful

Go to solution
Rob Huffman
Hall of Fame
Hall of Fame

‎09-14-2011 11:31 AM

Hi Bill,

It took me a minute to figure out CMA

The restriction tables look just fine to me and I actually did some testing on this

today just to be sure. Is it possible that a different greeting like the Alternate or Closed

is being used while you are testing? The allow calls ...would need to be set on these

greetings as well.

As for the VM profile, you kind of lost me there. Are you referring to the profile that would be

set on the phones that don't have VM? I would think that "none" should be just fine.

Cheers!

Rob

0 Helpful

Go to solution
William Hoover
Level 1
Level 1
In response to Rob Huffman

‎09-14-2011 11:55 AM

Ya all handlers have it set to allow all on all greetings.

OK so if I remove the checkbox on the "*" field of the Default System Transfer restriction table the calls will go through, of course I cannot leave it that way as it might open a security hole.  I tried changing the order and setting one of the patterns that matched the DN I was dialing to be number 11 (right above the *) but it did not work.

Ya VM setting question was for those DNs that dont have VM.

0 Helpful

Go to solution
Rob Huffman
Hall of Fame
Hall of Fame

‎09-14-2011 12:14 PM

Hi Bill,

The Pattern matching works top down I believe from 1 to 12 in your case.

Just curious what DN you are trying to call in your testing?

Cheers!

Rob

0 Helpful

Go to solution
William Hoover
Level 1
Level 1
In response to Rob Huffman

‎09-14-2011 12:24 PM

DN I am trying is 6527 and 7758, I should not allow all by removing the checkmark on field 12 (*) correct? Shouldn't having those other patterns defined as not blocked take care of that?

0 Helpful

Go to solution
Rob Huffman
Hall of Fame
Hall of Fame

‎09-14-2011 01:21 PM

Hey Bill,

Well something is messed up with our testing for sure

Our system is currently set to block all transfers (from the main CH) to numbers

without VM. So I tried to call 6777 from the main CH this AM and got the;

"You cannot be transferred to this number, please check the number and try again".

Which is good as this number 6777 has no VM associated. Then I went to the default

system transfer restriction table and added 6??? - Allow as table entry 0.

When I tried my test after this I was able to route to 6777 without issue. This is with the

last entry in the table as * - blocked. So I'm not sure why it doesn't work this way for

your tests???

As for the security risk, if your ports that connect to Unity do not have a Long Distance CSS

your already covered 

Cheers!

Rob

0 Helpful

Go to solution
William Hoover
Level 1
Level 1
In response to Rob Huffman

‎09-15-2011 06:30 AM

Ya like I said it worked initially. I am going to remove all of the enries from my restriction table and then just try one explicitly for a particular DN and go from there. How can I check what CSS's I have available to the Unity server?

Thanks again!

Bill

0 Helpful

Go to solution
William Hoover
Level 1
Level 1
In response to William Hoover

‎09-15-2011 06:44 AM

So I went ahead and removed all of the new entries I had created from my Default System Transfer table and then added one that matched exactly to a DN that I have with no VM and I still get the same message

"You cannot be transferred to this number, please check the number and try again".

Any other suggestions?

0 Helpful

Go to solution
Rob Huffman
Hall of Fame
Hall of Fame

‎09-15-2011 06:50 AM

Hi Bill,

That's an excellent idea

If you look in Communications Manager via;

Voicemail > Cisco Voicemail Port > Find and List

and then click on one of the ports you will see what Calling

Search Space has been assigned. The chances are very good that

the CSS will be an internal only one. If that's the case you are good to

go as far as the final pattern * - Allow goes. To be very sure I would

look at each and every VM port to ensure there are no holes that would

expose you to Toll fraud.

The only other thing that I can think of is that your testing from the first day

was somehow different than the subsequent tests. Using a different DN/phone

internal vs external calls or something along those lines.

Cheers!

Rob

0 Helpful

Go to solution
William Hoover
Level 1
Level 1
In response to Rob Huffman

‎09-15-2011 07:09 AM

OK so I looked at the ports and they are set to use CSS-Voicemail

It is set to use the following partitions

PT-Blocked-Telescam

PT-PhoneDN

PT-Centrex

PT-VM-Pilot

PT-Local

PT-LD

I tried dialing in and then dialing out but got "call cannot be completed as dialed"

Are there any patterns I should try dialing that are known to work on unsecure systsems?

Thanks again

Bill

0 Helpful

Go to solution
Rob Huffman
Hall of Fame
Hall of Fame

‎09-15-2011 07:29 AM

Hi Bill,

If these are the selected partitions I would be worried about

PT-LD as that sounds like your Long Distance access. After

you change the pattern to *- Allow try dialing local, LD, 1-900

etc. etc.

You may really only need PT-PhoneDN and PT-VM-Pilot as

selected partitions in CSS-Voicemail and perhaps PT-Local.

Cheers!

Rob

PS:don't forget to use your dial acces code 9 or whatever you use when testing

0 Helpful

Go to solution
William Hoover
Level 1
Level 1
In response to Rob Huffman

‎09-15-2011 07:39 AM

I tried a bunch of combinations with the PTs set as they are. Nothing seems to work, dialing 9 which is our outside line access code puts you into the search directory by name menu. Now if I could just figure out how to search the call logs I could check for fraudulent calls, but thats another thread 

0 Helpful
Customers Also Viewed These Support Documents