Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1923
Views
1
Helpful
1
Replies

Duo for MFA on VPN and A/D Logins?

Go to solution
mooseracing
Level 1
Level 1

‎06-13-2017 02:56 PM

Good evening, we are looking into ways to meet a couple NIST standards and we need to apply multi factor authentication to our VPN and A/D login. Of course it would be nice if we could use the same tool for both.

My questions are:

  • Is a single Duo setup capable of handling both MFA with OpenVPN and MFA on Active Directory local PC logins?

  • Is there any change in the licensing if using it for multiple applications?

  • How would it handle it the authentication in this scenario, as far as would they be prompted both times - once at VPN entry and once at A/D (assuming remote desktop) or would the first session carry over?

This is our first adventure into this and we are behind the curve on experience and time, so we appreciate the help.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
jamieis
Cisco Employee
Cisco Employee

‎06-15-2017 07:16 AM

Hey there @mooseracing,

Thanks for checking out Duo!

Answering your questions in order:

  • Yes Duo is capable of handling MFA for both OpenVPN and local PC login (and RDP!). You should check out our docs page for all the applications that Duo supports: https://duo.com/docs

  • Duo is licensed per user. This means that you can protect as many applications as you’d like!

  • In that specific scenario you would be prompted for MFA at each application. If the application is capable of displaying our Duo Prompt you would be able to use our Remembered Devices policy setting which has some options of remembering 2FA between applications.

Let me me know if you have any other questions!

View solution in original post

1 Reply 1

Go to solution
jamieis
Cisco Employee
Cisco Employee

‎06-15-2017 07:16 AM

Hey there @mooseracing,

Thanks for checking out Duo!

Answering your questions in order:

  • Yes Duo is capable of handling MFA for both OpenVPN and local PC login (and RDP!). You should check out our docs page for all the applications that Duo supports: https://duo.com/docs

  • Duo is licensed per user. This means that you can protect as many applications as you’d like!

  • In that specific scenario you would be prompted for MFA at each application. If the application is capable of displaying our Duo Prompt you would be able to use our Remembered Devices policy setting which has some options of remembering 2FA between applications.

Let me me know if you have any other questions!

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents