Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
255
Views
0
Helpful
1
Replies

Cisco Duo + WSA (secure web appliance) Dashboard login with LDAP

rameshkumarnakka
Level 1
Level 1

‎06-11-2025 11:42 AM

 

Team,

Has anyone tried or successfully implemented DUO MFA protection for the Cisco WSA dashboard login using LDAP?

Since there is no native integration between DUO and WSA, and no official documentation is available, I attempted to use the generic LDAP Proxy application from DUO. I configured the AuthProxy as an LDAP server in WSA, but unfortunately, authentication is not working — it keeps showing "invalid credentials."

Interestingly, when we added the AuthProxy in WSA and tested connectivity and queries using the test option, it was successful. However, actual dashboard login attempts are failing.

Any expert suggestions or insights would be greatly appreciated.

Regards,
Ramesh

0 Helpful
1 Reply 1

DuoKristina
Cisco Employee
Cisco Employee

‎06-11-2025 12:04 PM

These Duo KB articles might help you troubleshoot:

https://help.duo.com/s/article/1126

https://help.duo.com/s/article/2953

For LDAP setups in particular: The Duo proxy's default assumption is that the authenticating device/application will connect, bind as the service account and do the lookup, then bind as the end-user in the same connection.

Some devices/applications will open a new connection for every bind, which needs a config adjustment in authproxy.cfg. If you see that happening in your authproxy.log, take a look at https://help.duo.com/s/article/4989.

Duo, not DUO.
0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents