Client is using DUO Cloud as the Primary Authentication source using Duo Auth Proxy. So, 2FA is happening before the actual authentication with ISE. We have put [duo_only_client] in authproxy.cfg. This process is working fine if we put push in the Password-1, end user receives a Push notification and he is able to proceed further. But when he types Passcode in Password-1, he receives a Push notification and the judgement is made using Push and not Passcode.
Where should we make changes for this setup to accept passcode?
[radius_server_auto50]
ikey=xxxxxxx
skey=xxxxxxxx
api_host=xxxxxxxx
radius_ip_2=xx.xx.xx.xxx
radius_secret_2=radiussecretXXX
client=duo_only_client
port=18126
failmode=safe
[duo_only_client]