Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
544
Views
0
Helpful
1
Replies

Migrating from DAG to Azure

mike.s
Level 1
Level 1

‎04-13-2023 01:35 PM

We currently use Duo Access Gateway for MFA with on-premise Active Directory for our Palo Alto GlobalProtect VPN authentication.

We want to use Azure instead of on-premise AD and continue to use Duo to protect the GlobalProtect VPN.

We are having difficulty figuring out where all of the settings go e.g. Entity ID, ACS URLs, etc.

Has anyone done this and if so do you have any pointers or config examples to share?

Labels:
0 Helpful
1 Reply 1

raphka
Cisco Employee
Cisco Employee

‎05-06-2023 05:45 PM

Hi mike.s

You can use Duo SSO for this without on prem AD.

Initially you will want to set up Duo SSO and use Azure as the authentication source for Duo SSO.

Once this is complete you can then protect your Globalprotect with Duo SSO.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents