• Status: Solved
  • Priority: Medium
  • Security: Public
  • Views: 319
  • Last Modified:

Is it possible to have a VPN connection manually permitted on each connection attempt?

We are looking to install Cisco ASA devices for a customer, and they have the following requirement: they want to enable VPN connections from a supplier - but they want to be able to manually agree to the connection on each occasion.  For example:

1. Supplier attempts VPN connection.
2. Cisco ASA receives connection attempt and notifies customer (local to the ASA) of the attempt in some way.
3. Customer agrees to the connection.
4. Supplier is permitted to connect (for one time only).

Is this possible using a Cisco ASA device, and if so, how?

Thanks in advance!
0
David Haycox
Asked:
David Haycox
2 Solutions
 
JasonTracyCommented:
The solution I use is to have VPN setup to use Active Directory accounts for authentication.  When I want 3rd parties to have access, I create a VPN account in AD that expires at the end of business that day.  When they need access on another day, I extend their expiration date again.

0
 
btassureCommented:
Agreed. You could also set up an email system so the customer is alerted when the supplier wants to connect. The customer can then just go into ASDM and enable the VPN (it is just a tick box). You can create users in ASDM with specific access rights to that sort of thing.
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

Join & Write a Comment

Featured Post

Prepare for an Exciting Career in Cybersecurity

Help prevent cyber-threats and provide solutions to safeguard our global digital economy. Earn your MS in Cybersecurity. WGU’s MSCSIA degree program curriculum features two internationally recognized certifications from the EC-Council at no additional time or cost.

Tackle projects and never again get stuck behind a technical roadblock.
Join Now