Allow iOS users to self-test

lkeyes1 · ‎04-06-2021

We’re in the process of reauthorizing users to use DUO for our VPN. We have previously set them up to use LDAP…but ran into a timeout problem with Sophos VPN. We’re now using RADIUS which has a timeout parameter, and now want to have our users re-use their existing DUO setup for their phones.

Is there a way for an end user to test whether DUO is active and working on their phone by themselves? I’m trying to avoid having them contact me (the administrator) and me having to issue a push to the phone from the admin page.

colin_medfisch · ‎04-06-2021

Hey @lkeyes,

Do you happen to have the Duo Self-Service Portal enabled on any of your Duo-protected applications?

If so, users can log into those applications to access the self-service portal. Since Duo Push activation is done on a per-account basis and not a per-application, if they can log into other applications, they should be good to go for new RADIUS integration. If for some reason they cannot use Duo Push, they can always log in with a different method and reactivate their device.

As far as our RADIUS integrations go, make sure you have the timeout set to 60 seconds and you should be set.

If you run into any timeout issues, let us know, or feel free to reach out to our Technical Support Engineers via support@duo.com.

Thanks!
Colin

lkeyes1 · ‎04-07-2021

Excellent thanks! And I I appreciate the suggestion for the 60 seconds.

lkeyes1 · ‎04-09-2021

Ok…thinking a little further about this; We don’t really have other applications set up for DUO (yet). What would be ideal might be an application that simply goes to the brings the user to the Self-Service portal and allows the user to deliver a push and that then goes to a web page which says “success”…or something similar. That would verify that at least the phone piece is set up correctly or that the user has a correctly configured token.