DUO MFA with application logins

Hello,

I’m using the free version of Duo, I have the Authentication proxy installed on a Windows Machine that hosts internal apps I can get to internally only. What I want to do is point those few apps to the internet and at login and get prompted a Duo Push,. These are apps running on a android OS.

Would using the Authentication proxy work best for this?

I’ve setup Duo in an AD environment but never locally.

If the app supports RADIUS or LDAP authentication and can still contact the Authentication proxy it should be OK. It is hard to give an authoritative answer without knowing your applicaton’s network architecture.

client > intranet > app > intranet Duo Authentication Proxy RADIUS or LDAP > your primary auth server wherever it is (optional depending on the app) > internet > Duo’s cloud service for 2FA

and

client > internetv> app > intranet Duo Authentication Proxy RADIUS or LDAP > your primary auth server wherever it is (optional depending on the app) > internet > Duo’s cloud service for 2FA

are both possible (you would need to create your firewall egress rules accordingly).