Policy & Access Control

DUO + Apple MacOS Sequoia - Firewall is not enabled but it is

Having an issue with DUO desktop, think its related to the MacOS beta for Sequoia. Any idea when this will be updated?https://developer.apple.com/documentation/macos-release-notes/macos-15-release-notesApplication FirewallDeprecationsApplication Fire...

CJI new MFA compliancy

I just wanted to know if there were other organizations that are facing similar issues with the MFA requirement for CJI assessing devices. https://www.police1.com/cybersecurity/3-ways-to-meet-the-new-cjis-mfa-requirementsWe have a department trying t...

Remember me - Checkbox Ticked by Default?

We have many staff members logging in to Duo, and many don’t remember they need to select the “Remember me for 4 hours” button. It would be great if this was on by default.

Authentication Method (Block countries)

Is there a way to block countries using the authentication method? For example I am able to block countries if the device IP shows in a country (that is not US, Canada, or India), but I want to block if the device IP is in say, the US, Canada, or In...

Resolved! Protecting RDP - Hardware Token without Automatic Phone Call

I'm protecting RDP in my office and some users are using hardware tokens, the rest use Duo Mobile. For the users with tokens, I'm trying to set them up to use phone call authentication in the event they leave their token at home. I have everything ...

Resolved! DUO Custom Policy Question

I am trying to create a policy so when admin accounts login to a windows computer, since they have elevated privileges, MFA is required, but when all other users login, it's not required. We already have them required to login over VPN. When I create...

Risk Based Profile - Details

Hi, I was wondering if someone can explain the Risk based profile acceptance (allowed) and timeframe; I'll explain, in doing Immpossible travel testing the first time I dit it was testing from a VPN through Norway after just logging in from Canada....

MFA twice to MFA once per laptop location

Morning All:I am deploying laptops with MFA to log into the laptop as a security protection. I want to remove the current need to MFA into the Remote Server. Primarily this causes frustration on the part of the end user. I am unable to locate a se...

trusted endpoint using guid

Hi All, Needs to configure trusted endpoint on windows/mac os user machine using guid. Can anyone know how to do it or share any relevant document

Resolved! Duo Device Health - Port Allocation Fails Silently

Hi team, the Duo Device Health application (v2.14.0) on Windows 10 Enterprise (10.0.19042.1110) might fail to allocate the listening TCP port in the range 5310x if Hyper-V (and perhaps Docker) is installed - with no indication that anything has faile...

Resolved! Remembered Devices Policy> Add Trusted Networks

I'm searching for details on how adding trusted networks to the remembered devices policy will affect the authentication process. Does it disable mfa when on these networks? It says "always allow authentications on remembered devices", and I'm just...

DUO MFA for ASA Admin/management

We have an old Cisco ASA (5508) which has Duo configured for AnyConnect VPN, but using local accounts ONLY for Admin/Management. We are moving to a new FirePower device (in ASA mode) and want to enable some sort of SSO or MFA for Administrators using...

RDP via Network Gateway - multiple Gateways?

We have multiple, disconnected networks where we have the DNG installed. We’ve been using the RDP functionality for a while in beta and want to expand it to other networks now that it’s in GA. But I don’t see a way to add another gateway to the Heal...

Resolved! Cisco ISE an DUO Radius Attributes back to ISE

hi,we wants to secure our authentication for administrative access to network devices with Cisco ISE and DUO. I configured every step like it was writen in this post from NSPASOV and it works fine!https://community.cisco.com/t5/security-knowledge-bas...

Resolved! NetExtender with admin bypass code

Hello, I'm having a difficult time getting anything other than a Duo Mobile Push notification or placing the VPN user in bypass mode to work with NetExtender VPN. The VPN functions normally with the password field containing only a password, but when...

Policy & Access Control

Forum Posts

DUO + Apple MacOS Sequoia - Firewall is not enabled but it is

CJI new MFA compliancy

Remember me - Checkbox Ticked by Default?

Authentication Method (Block countries)

Resolved! Protecting RDP - Hardware Token without Automatic Phone Call

Resolved! DUO Custom Policy Question

Risk Based Profile - Details

MFA twice to MFA once per laptop location

trusted endpoint using guid

Resolved! Duo Device Health - Port Allocation Fails Silently

Resolved! Remembered Devices Policy> Add Trusted Networks

DUO MFA for ASA Admin/management

RDP via Network Gateway - multiple Gateways?

Resolved! Cisco ISE an DUO Radius Attributes back to ISE

Resolved! NetExtender with admin bypass code

On-Demand Webinar: B&M Security Transformation with Cisco XDR

Congratulations to the Event Top Contributors Class of 2024!

Knowledge Hub: Cisco Technology for Securing the Enterprise

Cisco + Splunk: It's a new day for your data.

Announcing Resources That Guide You to Success

Risk Based Profile - Details

Local admin account with duo

Trust Assessment Factors

Report source IP from Kemp Loadbalancer

Trusted Endpoint for Linux

Protecting RDP - Hardware Token without Automatic Phone Call

DUO Custom Policy Question

Remembered Devices Policy> Add Trusted Networks

Cisco ISE an DUO Radius Attributes back to ISE

NetExtender with admin bypass code