Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1105
Views
4
Helpful
1
Replies

Posture authorization with ISE and MFA with DUO

trcolber
Cisco Employee
Cisco Employee

‎03-08-2018 10:21 AM

If DUO is configured as a Radius token server in ISE and handles the initial MFA, is it possible to do posture in authorization against ISE?

1 Reply 1

hslai
Cisco Employee
Cisco Employee

‎03-08-2018 06:26 PM

With a RADIUS token server that providing OTP, I would expect it to prompt again during the re-authentication after CoA triggered by posture compliance. With MFA such as Duo, one needs to take care that all factors by the RADIUS server completed within the RADIUS server timeout, which at most 120 seconds. Other than that, it should work.

Customers Also Viewed These Support Documents