Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2557
Views
0
Helpful
1
Replies

VPN and two-factor authentication

Go to solution
Exonix1
Level 1
Level 1

‎10-20-2016 02:19 AM

Hi,
We are using MS VPN. But unfortunately it doesn’t support Passcodes with encrypted passwords (MSCHAPv2).
Now we a looking other SSL VPN solutions, that are supporting the Passcodes.
Which hardware VPN could you recommended?
Cisco
Juniper
Palo Alto
?

Thank you!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
DuoKristina
Cisco Employee
Cisco Employee

‎03-08-2017 12:05 PM

Hi Exonix,

Apologies for the late reply!

If you’re still looking for a replacement VPN solution, I can make some suggestions…

Cisco ASA, Juniper/Pulse SA, Fortinet Fortigate, F5 Big IP, and PaloAlto are the big ones we see, with Cisco and Juniper/Pulse as the most popular.

We have native support for Cisco/Juniper in the Duo cloud service. Any other VPN type needs to send RADIUS requests to an on-premises Duo Authentication Proxy.

The first four VPN types I mentioned support the interactive web Duo Prompt for web VPN login. Of those, F5 supports it in their thick client too while the others just do an automatic push request to the user’s phone.

I personally like Cisco and Juniper for relative ease of deployment and the ability to chain primary and secondary authenticators. F5 also does chaining but is a little more difficult to set up. It’s quite full-featured once you have it working.

I hope this helps!

Duo, not DUO.

View solution in original post

0 Helpful
1 Reply 1

Go to solution
DuoKristina
Cisco Employee
Cisco Employee

‎03-08-2017 12:05 PM

Hi Exonix,

Apologies for the late reply!

If you’re still looking for a replacement VPN solution, I can make some suggestions…

Cisco ASA, Juniper/Pulse SA, Fortinet Fortigate, F5 Big IP, and PaloAlto are the big ones we see, with Cisco and Juniper/Pulse as the most popular.

We have native support for Cisco/Juniper in the Duo cloud service. Any other VPN type needs to send RADIUS requests to an on-premises Duo Authentication Proxy.

The first four VPN types I mentioned support the interactive web Duo Prompt for web VPN login. Of those, F5 supports it in their thick client too while the others just do an automatic push request to the user’s phone.

I personally like Cisco and Juniper for relative ease of deployment and the ability to chain primary and secondary authenticators. F5 also does chaining but is a little more difficult to set up. It’s quite full-featured once you have it working.

I hope this helps!

Duo, not DUO.
0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents