Now if you want to explain COR restrictions in more detail I would be a very happy man.
Ok. Here's my shot at it.
Class of Restriction (COR) defines what a device/port can do via ARS access.
When a call is made that routes VIA ARS, the digits dialed are analyzed to find a match. (This is your ARS Digits Dialed Form)
When a match is found it is point to a route. (can be a route list also but that just means it's pointed to more than one route)
Within that route (ARS Routes form) it references the COR form to see if the device accessing the route is restricted.
For an example we'll use COR 11 from the COR form.
In COR 11 you'll see a listing of numbers that should look something like "1-10,16-64".
If the device or port that is making the call has a COR that falls within that range it is
restricted from making the call.
So the only devices that can access that route are devices/ports/trunks that have a COR in the range of 11 through 15 assigned.
Everything else is restricted.
When the MAX Digits form came into play, it allowed even greater restrictions by limiting how many digits a device can dial at all.
This form isn't generally necessary if ARS is set up correctly but I'll use it where restrictions are weak or to just add another layer of security to the system. In my opinion, COR of 1 should always be restricted to only dialing internal extensions. So I'll use the Max Digits form to restrict COR 1 to only being able to dial internal extension.
Ralph