Remote Access VPN with Microsoft Azure AD as Primary Authentication

I’m pretty new to Duo and this is my first post so any help will be appreciated.

I have a remote access VPN, Fortigate to be specific, which works fine with on-prem LDAP server for primary authentication. I have setup a DUO radius proxy which has been tested ok for MFA (Duo PUSH) and authenticating with on-prem LDAP server.

My actual target is to utilise our Microsoft Azure AD for authentication to connect into Remote Access VPN. I read that we need to setup DUO Access Gateway to integrate with Azure AD but then how can we utilise DUO Access Gateway to work with our VPN device which only acts like a Radius Client. Do we integrate DUO access Gateway and DUO Radius Proxy.

Has anyone done a similar setup and share their experience.


1 Like

I have not set this up specifically, but I have integrated a ton of things with Azure AD. Do you have your Azure AD setup to work with Duo at all yet? Our first thing we setup was our Office 365 and once that was working everything else worked seamlessly. Duo is so easy to integrate with Azure AD. We have a P1 Azure license, so I think that gives us an easier integration.
Good luck!


Thanks for your response.

So we need P1 license to integrate Azure with DUO. Does that happen through DUO Access gateway (DAG) or something else. I’ve come across some articles for it but if you can let me know the one you used for easier integration.