MFA for switches and routers

Has anyone done MFA for Network switches and routers without DUO push. Usually routers and switches does not have option to enter SMS passcodes received.

I have not done this yet, but could you use the password,duocode from your DUO app? I would think this would work with the Duo Proxy set up as your radius server.

thank you, that requires a smart phone. user has simple phone, not android or iphone.

Hi @duorunner1 ,

If you integrate your network device(s) with Duo via RADIUS, you might be able to do this via Append Mode (concatenation): Duo Two-Factor Authentication with RADIUS and Primary Authentication | Duo Security.

Please note that Append Mode (which is required if you wish to specify SMS as an authn method) cannot be used if your RADIUS server is configured with MS-CHAPv2 or EAP-MSCHAPv2 as described here: Otherwise, the Auto Mode method is performed, which uses either Duo Push or Phone Call as the authn method.

Hope this helps!

1 Like

Duo call back could be an option.