VPN Sessions Manager Role

The VPN Sessions Manager role is designed for administrators monitoring remote access VPN connections, not site to site VPN connections.

Users with the VPN Sessions Manager role can do the following:

• View any page or any setting in CDO.

• Search and filter the contents of any page.

• Compare device configurations, view the change log, and see RA VPN mappings.

• View every warning regarding any setting or object on any page.

• Generate, refresh, and revoke their own API tokens. Note that if a VPN Sessions Manager user revokes their own token, they cannot recreate it.

• Contact support through our interface and export a change log.

• Terminate existing RA VPN sessions.

VPN Sessions Manager users cannot do the following:

• Create, update, configure, or delete anything on any page.

• Onboard devices.

• Step-through the tasks needed to create something like an object or a policy, but not be able to save it.

• Create CDO user records.

• Change user role.

• Attach or detach access rules to a policy.