Duo Environment/Server Setup

I am in the process of upgrading the proxy service on all of the Duo servers for my company. I know that if windows has a file lock on the file that is needing to be written to and I do not have the ability to rename the file for whatever reasons such as lack of permissions then a reboot will be needed. I am trying to gather information on how our Duo servers are set up such as if they are load balanced or they are fail overs but no one really knows. I have a few questions below that I cant seem to get an answer to:

If we reboot one of our Duo servers in a certain network will users be kicked out of the application or will they be unable to authenticate?

Does anyone in the community know how I can determine this and what are your current set ups with your Duo Severs as far as failovers and Load balancing?

Has anyone else ran into this type issue on not knowing how your company’s environment is set up and how did you go about getting answers to your questions?

No, once a user has completed 2FA and is logged into the application the Duo Authentication Proxy is no longer involved. It only performs authentication (or helps other downstream Duo applications proxy out during authentication).

Yes, while the Duo Authentication Proxy is not running (like during a reboot), then any authentication requests forwarded to that server fail.

Your other questions are great discussion points for other members of the community, so I’m looking forward to hearing what different customers are doing as well!

1 Like