Connecting Duo DAP On Server to Local AD/LDAP

Hello, we have a new network and Meraki MX 67 Firewall. Do I need to setup a forwarding rule to allow traffic an internal Utility server so it can sync with AD/LDAP?

We have RADIUS setup within the MX67. We VPN in through the built in Windows Client. We used to use Cisco Anyconnect but that was not an option yet with this Meraki.

I just wanted to know what was needed to get DUO off the ground to try it out. I have the DAP installed already but that’s where I stopped.

Thanks,
Matt

Hi Matt,

It looks like you eventually got Directory Sync working (No Duo Prompt for Meraki VPN). Nothing is required port-wise to be opened inbound on the Authentication Proxy to perform Directory Sync functions. The Auth Proxy performs an outbound connection over HTTPS to Duo’s cloud service via api_hostname. Please see Guide to Duo Authentication Proxy Installation and Configuration Best Practices

Thanks!

1 Like