Heads Up :
The post you are writing will appear in a public forum. Please ensure all content is appropriate for public consumption. Review the employee guidelines for the community here.
Has anyone set up their DNG to protect the DNG admin page? I attempted to do this, as it feels weird that I only have to VPN in to modify the DNG (VPN replacement). Since the admin page listens on 8443, which is only reachable internally, I have to...
Hi all,
We currently use the Auth Proxy for FortiClient VPN logins, and admin logins for FortiGate, Juniper, and ForeScout. Ruckus is the last piece of network gear that I was trying to get on RADIUS auth with MFA, so I was hoping to see if anyone h...
If your SIEM ingests data from the Duo Admin API, the Enrollment data should be in there (user + application + IP + phone number or WebAuthn ID). We ingest this data into Blumira (alerts) and Chronicle (dashboards) to ensure no rogue devices get adde...
Any user with unstable internet is likely going to have an annoying experience, but I don’t think there’s any great solution to this if you’re stuck with RADIUS. If your VPN provider supports SAML, migrating to SSO for VPN login is a more elegant way...
Do you have a user in Duo named Administrator? We have MFA turned on for the Administrator account for our Domain Controllers, however I guess this may technically be a Domain User account and not a local account.
There isn’t really a migration guide that I’ve found, as you need to swap over each service individually. You federated all your apps to the DAG, so now you need to go modify them to federate to Duo SSO, same as If you were swapping to AAD or Okta or...
The only thing we expect of normal end users is to use Duo Push and/or Yubikeys for a single MFA per day. We don’t get much push back there and the tech users appreciate how much faster Duo is than generic TOTP app codes. We only apply the stringent ...
