Approve remote access#

The Approve remote access feature introduces an additional level of security on the remote device, because it allows you to access the remote desktop or open a VPN channel only with the explicit permission of a user who has direct access to the computer.

Important

Device installer permissions are required to enable or disable the Approve remote access feature. For more information, see Managing permissions.

To enable the Approve remote access feature on a device

  1. Select a device from the tree view or the map view

  2. On the Device access pane, select Approve remote access.

This process must be done on a per-device basis, it is not applied globally to all devices in the domain.

Using the Approve remote access feature

When Approve remote access is enabled on a device, and you attempt to start a VPN connection or a remote desktop session through FactoryTalk Remote Access, an authorization window appears on the remote device showing the username and IP address of the incoming user connection. The operator of the remote device can then allow or deny access to the device.

If access is denied, a FactoryTalk Remote Access notification will inform you that the connection request was denied.

If the operator agrees and accepts the incoming connection, the Connected users pane will appear in the device desktop displaying all users connected to the device and their IP addresses. Disconnect an active connection by clicking the Drop connection trash icon next to the username in the Connected users list.

Tip

The Connected users pane can be resized and moved around the desktop as needed.