Solved

Is it possible to have a VPN connection manually permitted on each connection attempt?

Posted on 2008-10-13
2
306 Views
Last Modified: 2010-04-09
We are looking to install Cisco ASA devices for a customer, and they have the following requirement: they want to enable VPN connections from a supplier - but they want to be able to manually agree to the connection on each occasion.  For example:

1. Supplier attempts VPN connection.
2. Cisco ASA receives connection attempt and notifies customer (local to the ASA) of the attempt in some way.
3. Customer agrees to the connection.
4. Supplier is permitted to connect (for one time only).

Is this possible using a Cisco ASA device, and if so, how?

Thanks in advance!
0
Comment
Question by:David Haycox
[X]
Welcome to Experts Exchange

Add your voice to the tech community where 5M+ people just like you are talking about what matters.

  • Help others & share knowledge
  • Earn cash & points
  • Learn & ask questions
2 Comments
 
LVL 3

Accepted Solution

by:
JasonTracy earned 250 total points
ID: 22703082
The solution I use is to have VPN setup to use Active Directory accounts for authentication.  When I want 3rd parties to have access, I create a VPN account in AD that expires at the end of business that day.  When they need access on another day, I extend their expiration date again.

0
 
LVL 16

Assisted Solution

by:btassure
btassure earned 250 total points
ID: 22706099
Agreed. You could also set up an email system so the customer is alerted when the supplier wants to connect. The customer can then just go into ASDM and enable the VPN (it is just a tick box). You can create users in ASDM with specific access rights to that sort of thing.
0

Featured Post

Ready to trade in that old firewall?

Whether you need to trade-up to a shiny new Firebox or just ready to upgrade from whatever appliance you're using now, WatchGuard has the right appliance for you! Find your perfect Firebox today with appliance sizing tool!

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

This article is a collection of issues that people face from time to time and possible solutions to those issues. I hope you enjoy reading it.
There’s a movement in Information Technology (IT), and while it’s hard to define, it is gaining momentum. Some call it “stream-lined IT;” others call it “thin-model IT.”
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…
Michael from AdRem Software explains how to view the most utilized and worst performing nodes in your network, by accessing the Top Charts view in NetCrunch network monitor (https://www.adremsoft.com/). Top Charts is a view in which you can set seve…
Suggested Courses

631 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question