I apologise if this has been asked & answered before, however, I find the forum search rather unhelpful!

I've successfully set up a "one-ringy-dingy" to enable me to dial in remotely & have my asterisk hang up the call, ring me back, ask for a PIN & provide me with a VIOP dialtone.

I would like to be able to authenticate the call by CLID as well as by PIN. ie. I want asterisk to only call back & ask for the PIN if it recognises the CLID of the caller.

Is this possible?

Below are the relevant entries in extensions_custom.conf

[custom-sip-in]
exten => 1234567,1,NoOp(Incoming call from Sip #1234567)
exten => 1234567,2,Congestion
exten => 1234567,3,Hangup
exten => h,1,SetCIDNum(${CALLERIDNUM:0})
exten => h,2,System(echo channel: SIP/spa mobile/${CALLERIDNUM} > /tmp/${CALLERIDNUM})
exten => h,3,System(echo context: custom-disa-callout >> /tmp/${CALLERIDNUM})
exten => h,4,System(echo extension: ${CALLERIDNUM} >> /tmp/${CALLERIDNUM})
exten => h,5,System(echo priority: 1 >> /tmp/${CALLERIDNUM})
exten => h,6,System(echo callerid: 012345678 >> /tmp/${CALLERIDNUM}) ; Your CallerID for your SIP account goes here
exten => h,7,System(echo sleep 8 > /tmp/${CALLERIDNUM}.2)
exten => h,8,System(echo cp /tmp/${CALLERIDNUM} /var/spool/asterisk/outgoing >> /tmp/${CALLERIDNUM}.2)
exten => h,9,System(chmod 775 /tmp/${CALLERIDNUM}.2)
exten => h,10,System(/tmp/${CALLERIDNUM}.2)
exten => h,11,Hangup()

[custom-disa-callout]
exten => s,1,Playback(enter_pin)
exten => s,2,Authenticate(987654)
exten => s,3,Background(pls-wait-connect-call)
exten => s,4,DISA(no-password|from-internal)

[custom-sip-in]
exten => 1234567,1,NoOp(Incoming call from Sip #1234567)
exten => 1234567,2,Congestion
exten => 1234567,3,Hangup
exten => h,1,SetCIDNum(${CALLERIDNUM:0})
exten => h,2,GotoIf($["x${CALLERIDNUM}x" = "xOK_CID1x"]?100)
exten => h,3,GotoIf($["x${CALLERIDNUM}x" = "xOK_CID2x"]?100)
exten => h,4,GotoIf($["x${CALLERIDNUM}x" = "xOK_CID3x"]?100)
exten => h,5,GotoIf($["x${CALLERIDNUM}x" = "xOK_CID4x"]?100)
:
exten => h,98,GotoIf($["x${CALLERIDNUM}x" = "xOK_CID97x"]?100)
exten => h,99,Goto(999)
exten => h,100,System(echo channel: SIP/spa mobile/${CALLERIDNUM} > /tmp/${CALLERIDNUM})
exten => h,101,System(echo context: custom-disa-callout >> /tmp/${CALLERIDNUM})
exten => h,102,System(echo extension: ${CALLERIDNUM} >> /tmp/${CALLERIDNUM})
exten => h,103,System(echo priority: 1 >> /tmp/${CALLERIDNUM})
exten => h,104,System(echo callerid: 012345678 >> /tmp/${CALLERIDNUM}) ; Your CallerID for your SIP account goes here
exten => h,105,System(echo sleep 8 > /tmp/${CALLERIDNUM}.2)
exten => h,106,System(echo cp /tmp/${CALLERIDNUM} /var/spool/asterisk/outgoing >> /tmp/${CALLERIDNUM}.2)
exten => h,107,System(chmod 775 /tmp/${CALLERIDNUM}.2)
exten => h,108,System(/tmp/${CALLERIDNUM}.2)
exten => h,109,Goto(999)
exten => h,999,Hangup()

[custom-disa-callout]
exten => s,1,Playback(enter_pin)
exten => s,2,Authenticate(987654)
exten => s,3,Background(pls-wait-connect-call)
exten => s,4,DISA(no-password|from-internal)

Fill in the OK_CID1...OK_CID97 with callerID numbers (or sip:uris) you want authorized to use your ring back. This version wil support up to 97 authorized entries. Anymore and it would be best to put it into the Asterisk database (Astdb) system instead (actually, anything more than 10 should be in the Astdb).

If the CID did not match one of your authorized numbers, then Asterisk will fall to priority 99 which tells it to goto priority 999 which hangs up the line.

See ya...

d.c.

Thank you very much for the informative reply.

What does the : (colon) mean between h,5 and h,98? (Edit: Just DITTO?)

When you say "Fill in the OK_CID1...OK_CID97 with callerID numbers ", which bit do I replace with the numbers I want to authorize? I presume the CID1x bit

I've tried replacing the CID1x bit & the whole entry between the " " and cannot get it to work - I never get a call back from an authorised number.

Yes, the ':' was my ditto denotation. They should not be explicitly in the dialplan.
If you have 5 numbers:

1. 1114321
2. 2221234
3. 3330000
4. 4449999
5. 5551212

Then your diaplan should include:
exten => h,1,SetCIDNum(${CALLERIDNUM:0})
exten => h,2,GotoIf($["x${CALLERIDNUM}x" = "x1114321x"]?100)
exten => h,3,GotoIf($["x${CALLERIDNUM}x" = "x2221234x"]?100)
exten => h,4,GotoIf($["x${CALLERIDNUM}x" = "x3330000x"]?100)
exten => h,5,GotoIf($["x${CALLERIDNUM}x" = "x4449999x"]?100)
exten => h,6,GotoIf($["x${CALLERIDNUM}x" = "x5551212x"]?100)
exten => h,7,Goto(999)
exten => h,100,System(echo channel: SIP/spa mobile/${CALLERIDNUM} > /tmp/${CALLERIDNUM})

If you have problems, get access to an Asterisk console (either start asterisk from the command line or use "asterisk -r"). Set verbose level to 5 ("set verbose 5" at the Asterisk CLI) and debug to 2 ("set debug 2" at the Asterisk CLI). Then call again. You should have a verbose debugging log of the dialplan steps Asterisk executed. If you can't interprete them, then post the results here.

See ya...

d.c.

Ah. I would have missed putting an x either side of the number. Thank you, it is now working perfectly.

Another question, I hope you can answer - How do I get the call back to respect the dial rules for the chosen trunk? At the moment, it is dialling exactly the CLID of the remote number, ignoring all the dial rules - I have prefixes configured on the trunk & certain number ranges barred.

exten => s,4,DISA(no-password|from-internal)

The second parameter for the DISA() command specifies the context Asterisk should use. Currently, you have it set for the context from-internal. If you want to limit what numbers the authenticated person can dial, then create a different context with different dialplans. Look at the description of DISA() on the voip-info.org wiki http://www.voip-info.org/wiki/view/Asterisk+cmd+DISA.

You could even setup DISA() to look into a file for the PIN|context so you could have different PINs for different access levels.

See ya...

d.c.

Once again, I am imprerssed with the service levels here!

I think I didn't make myself clear. I'm happy with the from-internal context as I want to be able to ring out on any of my trunks, once I've received the callback.

It's the trunk that's being used for the actual callback (line h,100)that is ignoring all the dial rules. (before any authentication even occurs)

That's because you are telling Asterisk to specifically create a SIP channel. You completely bypass any dial rules you might have established.

You might be able to do what you want using a Local channel. I haven't tried using a Local channel in a call-file before.

might look like:
Or whatever context besides the from-internal that would have your dial rules you want followed.

More info about Local channels:
http://www.voip-info.org/wiki/view/A...Local+channels

See ya...

d.c.

chandave, thank you for your help so far - it's almost perfect.

I think now the only thing I'm wanting to tweak is...............

As you know, the callback is being dialled directly to the trunk which is set up in line h.100. I would like to use a (different) particular trunk which requires the international format for dialling. What I need to do, somewhere in line h,1 I think, is strip off the leading zero in the remote number and add 0044 before sending it to the trunk. Is this possible?

Thanks again.