User shows as portal and not MFA

Haven’t run across this problem yet, but no matter what I do, this one and only particular user shows as portal under Application instead of MFA and unknown under Second Factor. If I send them a manual push, they do receive it however, but they cannot login to our VPN since they are not receiving the push from our application for it.

I’ve deleted and re-enrolled this person and nothing seems out of the ordinary, kind of lost what to do/check next, any help is appreciated.

Thanks

When the application says “portal” this usually indicates online user enrollment via an emailed enrollment link.

When a user performs online enrollment when accessing a protected application (such as, log in to web app, complete primary app, redirect to Duo for 2FA, user does not have a factor so they enter enrollment), the event in the authentication log will show the name of that protected application plus the enrollment event.

All of our 220 users have enrolled the same way this person is and no one else has had this problem though, so I’m not sure what’s going on or what’s being done differently. So are you saying this user hasn’t selected 2FA while enrolling or has enrolled wrong?

I was just describing what “portal” in the log usually means, and it sounds like that’s not what this user is experiencing.

If you can share which VPN you use and how you integrated Duo (RADIUS? Automatic push or iframe? SSO?) that would help me respond better.

You said you can send a manual push. Do you mean clicking the Send Duo Push link when you view that user in the Duo Admin Panel? Is it possible they sign in to the VPN with a different username than the one you added in Duo, so their login doesn’t match that user with working Duo Push so instead the user gets sent to enrollment?