01-14-2022 04:43 PM
Hi my name is Ivan.
Can you help me to integrate FTD VPN RA AnyConnect with DUO?. I would like to authenticate with Active Directory and like a secondary method with DUO but whitout doble method of authentication.
In another words, VPN Any Connect just ask us for account AD and the secondary method by passcode DUO.
Is that possible?. Or perhaps always I should use 2 methods?
Can you help me to check the configuration in dashboard DUO and in the file cfg of proxy server?
Regards, Ivan.
01-15-2022 12:15 AM
@ivan.martin yes this possible and straight forward. The end users receive an automatic push for 2FA after submitting their primary credentials to AD using the AnyConnect Client.
This link explains that scenario, this website also has links to the detailed steps to configure.
https://duo.com/docs/cisco#cisco-identity-services-engine-with-anyconnect
01-15-2022 03:51 PM
Hi Rob. Is a bit confuse because the documentation doesn't explain the case with ISE and FTD. I would like to see the config file of proxy authentication server, what doest it mention? (ad client, radius client, radius server auto?)
I don't understand which part should we protect?
Do you have any documentation with this scenary?
Regards, Ivan.
03-23-2022 08:40 AM
Hi Ivan,
Yes, this is possible.
Please check out the following demonstrations as there are a few ways to achieve this.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide