01-14-2022 04:43 PM
Hi my name is Ivan.
Can you help me to integrate FTD VPN RA AnyConnect with DUO?. I would like to authenticate with Active Directory and like a secondary method with DUO but whitout doble method of authentication.
In another words, VPN Any Connect just ask us for account AD and the secondary method by passcode DUO.
Is that possible?. Or perhaps always I should use 2 methods?
Can you help me to check the configuration in dashboard DUO and in the file cfg of proxy server?
Regards, Ivan.
01-15-2022 12:15 AM
@ivan.martin yes this possible and straight forward. The end users receive an automatic push for 2FA after submitting their primary credentials to AD using the AnyConnect Client.
This link explains that scenario, this website also has links to the detailed steps to configure.
https://duo.com/docs/cisco#cisco-identity-services-engine-with-anyconnect
01-15-2022 03:51 PM
Hi Rob. Is a bit confuse because the documentation doesn't explain the case with ISE and FTD. I would like to see the config file of proxy authentication server, what doest it mention? (ad client, radius client, radius server auto?)
I don't understand which part should we protect?
Do you have any documentation with this scenary?
Regards, Ivan.
03-23-2022 08:40 AM
Hi Ivan,
Yes, this is possible.
Please check out the following demonstrations as there are a few ways to achieve this.
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: