Client is using DUO Cloud as the Primary Authentication source using Duo Auth Proxy. So, 2FA is happening before the actual authentication with ISE. We have put [duo_only_client] in authproxy.cfg. This process is working fine if we put push in the Password-1, end user receives a Push notification and he is able to proceed further. But when he types Passcode in Password-1, he receives a Push notification and the judgement is made using Push and not Passcode.
Where should we make changes for this setup to accept passcode?