Duo for ssl vpn & 2fa

Hello All,

We have a fortinet based ssl vpn with Cisco ACS as the radius server fetching attributes from AD.
To enable 2FA, in the authproxy.cfg file should the entries include both fortinet device & Cisco acs?
As also, where is the best place to check on logs for verification. Duo is on a windows machine .
Please help. Thank you.