I would like to know if it's possible to configure two factor authentication for Cisco AnyConnect on a Cisco Router.

I have found the following guide for configurating AnyConnect on a router here:

http://www.cisco.com/c/en/us/support/docs/routers/3800-series-integrated-services-routers/110608-ssl-ios-00.html

And the relevant configuration here:

aaa authentication login ciscocp_vpn_xauth_ml_1 local
ip local pool IP_Pool 192.168.1.10 192.168.1.15
interface Virtual-Template1
exit
default interface Virtual-Template1
interface Virtual-Template1
no shutdown
ip unnumbered FastEthernet0/0
exit
webvpn gateway gateway_1
ip address 10.105.130.149 port 443
http-redirect port 80
inservice
ssl trustpoint TP-self-signed-1878971148
exit
webvpn context Test
aaa authentication list ciscocp_vpn_xauth_ml_1
gateway gateway_1
virtual-template 1
max-users 1000
inservice
secondary-color white
title-color #FF9900
text-color black
policy group policy_1
svc split include 10.106.44.0 255.255.255.0
svc keep-client-installed
functions svc-enabled
svc address-pool IP_Pool netmask 255.255.255.255
svc default-domain cisco.com
svc dns-server primary 10.106.44.10
svc wins-server primary 10.106.44.12
exit
default-group-policy policy_1
exit
! IP address / user account command
username user1 privilege 1 secret 0 *********

I have also found an ASA-specific configuration guide for two-factor authentication here:

https://duo.com/docs/cisco

But I can't find any article that links the two together (Router configuration AND two-factor authentication).

It seems like it should be possible, but if anyone can steer me in the right direction this, it would be much appreciated.