Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
985
Views
5
Helpful
2
Replies

FTD VPN - AnyConnect MFA and Start Before Login

cfitzgerald
Level 1
Level 1

‎06-24-2020 08:00 PM

I have been tasked with integrating AzureAD Cloud Multi-Factor Authentication (MFA) with our AnyConnect VPN authentication process. Please note we only have FTD OS firewalls. Guidance for this scenario on FTD OS does not seem to exist.

The AzureAD MFA process requires that a browser be invoked so that the user can complete the MFA process.

  • I know that the AC 4.6 embedded web browser does not work for Start Before Login (SBL)
  • But can AC invoke the native OS browser during SBL?

Thank you in advance.

3 people had this problem
Labels:
0 Helpful
2 Replies 2

DrewKling
Level 1
Level 1

‎10-23-2020 10:44 AM

I am wondering the same thing, have you found an answer to this?

0 Helpful

Marvin Rhoads
Hall of Fame
Hall of Fame

‎10-25-2020 03:32 AM

FTD 6.7 will introduce support for SAML-based authentication, often used with Azure AD. I have not had the opportunity to test the beta with SBL but the version should be publicly available soon and hopefully we will have some trailblazers test it out.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents