Trying to implement MFA on Cisco switches with DUO proxy and Microsoft NPS. I have it working but I cannot figure out how to get it to pass the vendor attributes properly so that user is dropped into priv level 15.
On NPS I have the following set up under “Vendor Specific”
Neither pass_through option works when uncommented. The user is dropped to priv 1 and then must authenticate with local credentials to enter priv 15.
If I turn on pass_through_all=true then the switch comes back with the following error:
Line has invalid autocommand " ppp negotiate"Connection to xxxx
I have no PPP settings set in NPS that I can see at all. The only line I have under Standard Radius Attributes is: Filter-id