Blind transfer to outbound route doesn't work because of dial patterns

Hello community, sorry if it’s a duplicate but I couldn’t find this exact problem.

Setup is the following - I have a small office with extensions and only one of them (1100) can dial external number.
I have an outbound route with Dial Pattern ./1100.

It works fine except the following scenario:
A calls 1100 and asks to go to external number.
1100 does a blind transfer (via button on a phone).
Call is dropped for A.

I’ve investigated it and it seems that during Blind transfer A is checked against Dial Pattern and surely it fails.

As a workaround I’ve added extensions_custom.conf and it works:
exten => _X.,1,ExecIf(“${CONTEXT}”=“from-internal-xfer”?Set(__TRANSFER_CONTEXT=custom-test_transfer))
exten => _X.,1,Set(CALLERID(num)=1100)

But for me it looks insecure - A can call B and ask Blind transfer to external and it will be allowed.

It’s a quite simple setup and I can’t get why it doesn’t work for me.

My system is FreePBX

It’s not insecure, it’s how transfers work. A called B and since B can make outbound calls, B is making the outbound call…they could then Blind or Attended transfer A to the destination. So in both scenarios, the extension making the outbound call is B and since B has permission to make outbound calls, they work.

Perhaps you should have the person at extension 1100 not transfer calls to the outside from other members in the team. Since that seems to be a no-no in the company policy. This is an HR issue not a tech issue.

1 Like

Let me clarify the case.
1100 is allowed to make external call and the team is allowed but only via 1100. So 1100 person decide if other user can make the particular call or not.
The external calls not via 1100 are forbidden by the policy and by Dial Pattern of the outbound route.

So my concern is that with the mentioned workaround they can make such calls. Say, 1101 calls 1102 and the last one make transfer to external number. It will work because of “_X.,1,Set(CALLERID(num)=1100)”.

Is there other way to configure this scenario (1101 calls 1100, 1100 blind transfer it to external)?
Or, if not, is there a way to replace hardcoded 1100 in custom-test_transfer to the original callerid?

How are Blind Transfers being completed by the users? What are they doing to do Blind Transfers?

What Blaze means is what does the button on the phone do in technical terms.

Actually, no. I wanted to know how it was being done i.e. a button on the phone or feature codes. Blind/Attended transfers can be done either way.

OP has already said it is a button on the phone, but the button could be programmed with the feature code, rather than sending REFER.

I understand what the OP original said, I was asking for more information. I was asking what they do to do the blind transfers. Some phones may have Blind as the default, they may not. Some phones offer up both options as buttons on the phone. Are they pressing Transfer then dialling and pressing Transfer again? Are they Pressing Transfer then dialling and hanging up? Both of those complete the transfer and can even turn an Attended transfer into a Blind transfer depending on when the user completes the transfer.

The use of feature codes to still happen despite there being a button. This has to be addressed both ways.

As it was mentioned it’s a hardware button not Feature Code. 1100 presses Transfer button, enters external number and presses Transfer again. At this point of time 1100 is excluded from the call so it just hangs up.

From SIP POV 1100 sends REFER to Asterisk which sends UPDATE to caller.

I haven’t found “proper” solution but I’ve improved the workaround at least from security POV:

exten => _X.,1,Set(CALLERID(num)=${CUT(DIALEDPEERNUMBER,/,1)})

So the original extension B is checked against Dial Pattern of outbound route.
Posting it just for the history.

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.