Is it possible to have a VPN connection manually permitted on each connection attempt?

We are looking to install Cisco ASA devices for a customer, and they have the following requirement: they want to enable VPN connections from a supplier - but they want to be able to manually agree to the connection on each occasion.  For example:

1. Supplier attempts VPN connection.
2. Cisco ASA receives connection attempt and notifies customer (local to the ASA) of the attempt in some way.
3. Customer agrees to the connection.
4. Supplier is permitted to connect (for one time only).

Is this possible using a Cisco ASA device, and if so, how?

Thanks in advance!
David HaycoxAsked:
Who is Participating?
JasonTracyConnect With a Mentor Commented:
The solution I use is to have VPN setup to use Active Directory accounts for authentication.  When I want 3rd parties to have access, I create a VPN account in AD that expires at the end of business that day.  When they need access on another day, I extend their expiration date again.

btassureConnect With a Mentor Commented:
Agreed. You could also set up an email system so the customer is alerted when the supplier wants to connect. The customer can then just go into ASDM and enable the VPN (it is just a tick box). You can create users in ASDM with specific access rights to that sort of thing.
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.