AWS 2 factor set up


We are currently testing out duo for 2 step authentication on our AWS client VPN client and AWS workspaces. So for I have got it to work mostly using a RADIUS server to proxy authentication. I am using authentication proxy for Windows.

Something similar to the below article.

  1. If I wanted to bypass a user from 2 step authentication I see in duo you can set that setting for that user. When I bring up my VPN client in this case Openvpn, and try to log in, It still asks for a MFA code. Does a bypass code need to be created? What is the correct way to do this?

  2. On both the AWS workspace and VPN client it asks for a MFA code and after that sends a push notification. Do you always need to send that push notification or can we just use the MFA code?

  3. I am also testing with OpenVPN app on the Iphone. When trying to connect It asks me for the MFA code but never sends the push notification to the DUO app. Any idea what might be causing this?

Let me know any questions that you may have.