Hi guys,
I need to know if is possible use DUO with ISE connected tu Azure AD to give access to our Network equipment using Tacacs+
i already test using duo with duo proxy+ise+ad on-premise, but now i need use ise with azure ad, the idea is not use a duo proxy
Thanks
As far as I know, the only way to integrate ISE with Duo is through Radius and hence through the authentication proxy.
This is also stated in the Duo documentation:
To integrate Duo with your Cisco ISE, you will need to install a local Duo proxy service on a machine within your network. This Duo proxy server will receive incoming RADIUS requests from your Cisco ISE, contact your existing local LDAP/AD or RADIUS server to perform primary authentication, and then contact Duo’s cloud service for secondary authentication.
HTH
Antony
Hi @Jamie7 for AD you could use this guide: Duo MFA Integration with ISE for TACACS+ Device Administration with Microsoft Active Directory Users - Cisco Community
