Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
553
Views
0
Helpful
2
Replies

DUO Auth Proxy failover

SHABEEB KUNHIPOCKER
Level 3
Level 3

‎03-24-2024 10:18 AM

We have integrated our ISE with two DUO authentication proxies (for tacacs access to our switches). We configured a radius token object and added the DUO auth proxies primary and secondary. The timeout configured is 60 seconds with 3 attempts. When test by stopping the DUO auth proxy service on the primary server, the secondary does work but the user is experiencing delay in getting the push notification. 

Is this the correct setup or there is any recommended failover design when we have multiple duo auth proxy servers?.

0 Helpful
2 Replies 2

Ken Stieers
VIP
VIP

‎03-24-2024 12:50 PM

You could do it via a load balancer.
Or shorter timeout and fewer failures before fail over...

0 Helpful

Pulkit Mittal
Spotlight
Spotlight

‎03-24-2024 07:49 PM

From duo perspective, the design is okay, however, I would suggest checking with duo support for delay. The duo log file can tell you exactly how much the delay is and what could be the potential reason for it.

If you find this useful, please mark it helpful and accept the solution. 

0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents