Solved

Is it possible to have a VPN connection manually permitted on each connection attempt?

Posted on 2008-10-13
2
293 Views
Last Modified: 2010-04-09
We are looking to install Cisco ASA devices for a customer, and they have the following requirement: they want to enable VPN connections from a supplier - but they want to be able to manually agree to the connection on each occasion.  For example:

1. Supplier attempts VPN connection.
2. Cisco ASA receives connection attempt and notifies customer (local to the ASA) of the attempt in some way.
3. Customer agrees to the connection.
4. Supplier is permitted to connect (for one time only).

Is this possible using a Cisco ASA device, and if so, how?

Thanks in advance!
0
Comment
Question by:David Haycox
2 Comments
 
LVL 3

Accepted Solution

by:
JasonTracy earned 250 total points
ID: 22703082
The solution I use is to have VPN setup to use Active Directory accounts for authentication.  When I want 3rd parties to have access, I create a VPN account in AD that expires at the end of business that day.  When they need access on another day, I extend their expiration date again.

0
 
LVL 16

Assisted Solution

by:btassure
btassure earned 250 total points
ID: 22706099
Agreed. You could also set up an email system so the customer is alerted when the supplier wants to connect. The customer can then just go into ASDM and enable the VPN (it is just a tick box). You can create users in ASDM with specific access rights to that sort of thing.
0

Featured Post

What Security Threats Are You Missing?

Enhance your security with threat intelligence from the web. Get trending threat insights on hackers, exploits, and suspicious IP addresses delivered to your inbox with our free Cyber Daily.

Join & Write a Comment

Short answer to this question: there is no effective WiFi manager in iOS devices as seen in Windows WiFi or Macbook OSx WiFi management, but this article will try and provide some amicable solutions to better suite your needs.
If you're not part of the solution, you're part of the problem.   Tips on how to secure IoT devices, even the dumbest ones, so they can't be used as part of a DDoS botnet.  Use PRTG Network Monitor as one of the building blocks, to detect unusual…
Here's a very brief overview of the methods PRTG Network Monitor (https://www.paessler.com/prtg) offers for monitoring bandwidth, to help you decide which methods you´d like to investigate in more detail.  The methods are covered in more detail in o…
In this tutorial you'll learn about bandwidth monitoring with flows and packet sniffing with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're interested in additional methods for monitoring bandwidt…

758 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

22 Experts available now in Live!

Get 1:1 Help Now