We have an SSL Gateway VPN configured and users connect via the native vpn plugin. The duo radius policy is configured to point to [radius_server_auto] as iframes aren’t support.
When a user logs in with their AD creds we are successfully receiving the Duo push notification to allow or reject. When we reject the login, the vpn connection successfully establishes the connection.
When we use an iframe policy, the web login works and performs as expected but via the native plugin the user can enter and random number and the connection completes successfully as well.
We are running the latest firmware build - NS13.0 82.41.nc and the latest Duo proxy client.