DUO PROXY - HA

piter1789 · ‎01-04-2026

I want to enable DUO PROXY in the HA mode.
How should I do this correctly?
I've set up a second machine identical to the first, and my "cloud" and "sso" security settings are the same.

How should this be displayed in the "Authentication Proxy Dashboard" section? Should there be two proxies available, or should the "hostname" change depending on which proxy is available?

Philip D'Ath · ‎01-04-2026

In the "Authentication Proxy Dashboard" I see a listing for each server.

Under Applications/SSO Settings/External Authentication
I have one entry called "Active Directory". Inside there, I have a listing for each AD controller. Each server seems to have the same "rikey" under SSO settings.

Ken Stieers · ‎01-04-2026

Both proxies should appear in the dashboard.

HA for Duo Auth Proxy is about how the traffic gets to the proxies. They don't really know about each other, they don't save state or pass connections between one another like ASA/FTD does.

Most applications/appliances that would use the proxy allow configuration of multiple endpoints (i.e. firewalls that let you configure more than one radius/ldap server.), so typically you just configure that to point at both of your proxies.

You could also use a load balancer... but typically you don't need to because the appliances don't need it...

piter1789 · ‎01-05-2026

Thank you, I was more interested in configuration Duo Auth Proxy to connect to the cloud (SSO, CLOUD sections) and how it behaves... because it's not obvious to me.

DuoKristina · ‎01-07-2026

you might want to read through this if you didn't already: https://help.duo.com/s/article/authentication-proxy-availability

> I've set up a second machine identical to the first, and my "cloud" and "sso" security settings are the same.

if you used different hostnames for your two machines then you should see both of them in the dashboard. If you used the same hostname then you probably see something weird.

Duo, not DUO.