Solved

Is it possible to have a VPN connection manually permitted on each connection attempt?

Posted on 2008-10-13
2
294 Views
Last Modified: 2010-04-09
We are looking to install Cisco ASA devices for a customer, and they have the following requirement: they want to enable VPN connections from a supplier - but they want to be able to manually agree to the connection on each occasion.  For example:

1. Supplier attempts VPN connection.
2. Cisco ASA receives connection attempt and notifies customer (local to the ASA) of the attempt in some way.
3. Customer agrees to the connection.
4. Supplier is permitted to connect (for one time only).

Is this possible using a Cisco ASA device, and if so, how?

Thanks in advance!
0
Comment
Question by:David Haycox
2 Comments
 
LVL 3

Accepted Solution

by:
JasonTracy earned 250 total points
ID: 22703082
The solution I use is to have VPN setup to use Active Directory accounts for authentication.  When I want 3rd parties to have access, I create a VPN account in AD that expires at the end of business that day.  When they need access on another day, I extend their expiration date again.

0
 
LVL 16

Assisted Solution

by:btassure
btassure earned 250 total points
ID: 22706099
Agreed. You could also set up an email system so the customer is alerted when the supplier wants to connect. The customer can then just go into ASDM and enable the VPN (it is just a tick box). You can create users in ASDM with specific access rights to that sort of thing.
0

Featured Post

Control application downtime with dependency maps

Visualize the interdependencies between application components better with Applications Manager's automated application discovery and dependency mapping feature. Resolve performance issues faster by quickly isolating problematic components.

Question has a verified solution.

If you are experiencing a similar issue, please ask a related question

Suggested Solutions

Join Greg Farro and Ethan Banks from Packet Pushers (http://packetpushers.net/podcast/podcasts/pq-show-93-smart-network-monitoring-paessler-sponsored/) and Greg Ross from Paessler (https://www.paessler.com/prtg) for a discussion about smart network …
ADCs have gained traction within the last decade, largely due to increased demand for legacy load balancing appliances to handle more advanced application delivery requirements and improve application performance.
After creating this article (http://www.experts-exchange.com/articles/23699/Setup-Mikrotik-routers-with-OSPF.html), I decided to make a video (no audio) to show you how to configure the routers and run some trace routes and pings between the 7 sites…
This video gives you a great overview about bandwidth monitoring with SNMP and WMI with our network monitoring solution PRTG Network Monitor (https://www.paessler.com/prtg). If you're looking for how to monitor bandwidth using netflow or packet s…

914 members asked questions and received personalized solutions in the past 7 days.

Join the community of 500,000 technology professionals and ask your questions.

Join & Ask a Question

Need Help in Real-Time?

Connect with top rated Experts

21 Experts available now in Live!

Get 1:1 Help Now