access group identifier; data in regular expression form about: permitted phones, network devices ip, network devices ports; time brackets
can be multiply entries in one group
- time brackets format if time not set - it means any time time format:
^ ^ ^ ^ ^
| | | | +- day of week (0 - 6)
| | | +-- month of year (1 - 12)
| | +--- day of month (1 - 31)
| +---- hour of day (0 - 24)
+----- minute of hour (0 - 60)
* * * * 0,6 - access only on Sat and Sun
* 20-8 * * 0,6 - access only on Sat and Sun from 20 to 8
10-20,40-50 * * * 1-3,0,6 - more complex example.
Access from phone 322322 from any nas and any port
| phone | nas | port | time
d+322322\/d+ |
Access from any phone from nas 192.168.1.5 to any port
| phone | nas | port | time
.* |
Access from any phone, any nas and from Asy1
.* | .* | ^Asy1$ |
-----------------
Access from any phone from nas 192.168.2.10 from Async1 and from any nas from Async3
.* | ^192.168.2.10$ | ^Asy1$ |
.* | .* | ^Asy3$ | ---------------------
if you wish create several usernames for several destination phone numbers you can use target masks on phone. for example, i have two modem pools - one on phone 320101, other on 8200, and i use next masks: for 8-200: ^8d+\/421232\:d+ for 32-01-01: ^8d+\/4212320101$
you should know, that if you use analog access server like cisco 2511 or so on, then phone will be "async/"
also you should know the phone, which your NAS get from E1, you can see it on Cisco equipment with command: debug isdn q931 (if you have E1 connection to telephone switch)
phone | nas | port | time ---+------+--------+-----
.* | ^10.1.1.1$ | ^FXO.*|^ISDN.* | -----------------------