We use cookies on our website to ensure we provide you with the best experience on our website. By using our website, you agree to the use of cookies for analytics and personalized content.This website uses cookies. More Information
It seems like your browser didn't download the required fonts. Please revise your security settings and try again.
Barracuda Phone System

How do I configure Authentication Based (Pin) Outbound Call Restrictions on My Barracuda Phone System?

  • Type: Knowledgebase
  • Date changed: 6 months ago

Solution #00006062

All Barracuda Phone Systems, firmware versions 2.6 and later.


In some scenarios, you may want to configure a route for outbound calling, but restrict the route to certain users on the system. Adding an authenticated route will allow you to require a pin to make calls from any phone or user that matches a given route.

The authenticate requirment is applied after any other routing rules or matches, meaning that it will check phone, group, and site restrictions. Once the system determines that the route can be used, the system will ask for a pin number to continue the call. The system will then compare the pin entered with the voice mail pin of the user to whom the phone is assigned. This design leads to three restrictions which apply to the use of this feature:
  1. Unassigned Phones will not be allowed to route calls using Authentication PINs as there is no user which can be used for the pin comparison.
  2. When using the sites feature to route calls through another Barracuda Phone System, the call must be authenticated before routing to the other site. This is because authentication can be done to local accounts only.
  3. Using IP-Based Authentication for remote devices supercedes the route authentication check. Due to this, these sites cannot be restricted by pin.

Adding an Authenticated Route for Outbound Calling:

Outbound call authentication is added by modifying the outbound route type to include an authentication requirement. Adding this requirement to a route is fairly simple, and can be accomplished in a few steps.
  1. Navigate to Providers > Call Routing and click on Manage Types.
  2. Select the Desired Route from the left side of the Call Types Window.
  3. Modify the Match Condition to include the string ;authenticate=true at the end of the string. (See examples below)
  4. Click Apply Changes to save.

Important Note - String modification requires that the Match condition includes a capture. Please refer to the examples below for reference.

Outbound Authentication route examples:

The following example strings below show before and after examples of the modification:

Before    After                                                                   
^\d{10}$      ^(\d{10})$:::$1;authenticate=true      
The string did not include a capture so we modify to add capture and replay

^1?([2-9]\d{2}[2-9]\d{6})$:::1$1    ^1?([2-9]\d{2}[2-9]\d{6})$:::1$1;authenticate=true
The string was already a capture so we only add authentication to the end

^1?(\d{10}$:::1$1;npi=1;ton=0    ^1?(\d{10}$:::1$1;npi=1;ton=0;authenticate=true
The authenticate string should always be the last inclusion in the string

^(011\d{8,18})$    ^(011\d{8,18})$;authenticate=true
The string did not include a capture so we modify to add capture and replay

Link to this page: