Note:If RADIUS Duo Auth Proxy Manager runs on the same Active Directory host machine, Network Policy Server (NPS) Roles must be uninstalled/deleted, if both RADIUS services run, they can conflict and impact performance. Windows server is pre-configured with Active Directory Domain services. Duo test user for secondary authentication.Active Directory Admin: This is used as the directory account to allow the Duo Auth Proxy to bind to the Active Directory server for primary authentication. Duo authentication proxy receives authentication response.Secondary authentication via Duo Security’s service.Duo Authentication Proxy connection established to Duo Security over TCP port 443.Primary authentication uses Active Directory or RADIUS.Cisco ISE sends authentication request to the Duo Authentication Proxy.Primary authentication initiated to Cisco ISE.This document describes how to configure Duo push integration with Active Directory (AD) and Cisco Identity Service Engine (ISE) as Two-Factor Authentication for An圜onnect clients that connect to Cisco Adaptive Security Appliance (ASA). If your network is live, ensure that you understand the potential impact of any command. All of the devices used in this document started with a cleared (default) configuration. The information in this document was created from the devices in a specific lab environment. The information in this document is based on these software and hardware versions: Prerequisites RequirementsĬisco recommends that you have knowledge of these topics: This document describes Duo push integration with AD and ISE as Two-Factor Authentication for An圜onnect clients connected to ASA.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |