Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
339
Views
0
Helpful
3
Replies

Enabling 2FA on a VM with VMware Direct Connection Plugin

Hama900
Level 1
Level 1

‎07-06-2023 12:15 AM

Hey there,

I’m running a VM with the VMware Direct Connection Plugin, which essentially is a VDI VM with GPU passthrough and accessible through the Horizon Client but without all the other infrastructure around it such as connection servers etc, it’s really just a stand-alone VM (AD joined) with the VMware Agent and the Direct Connect Plugin.

I would like to secure this with MFA, and the only guide I could find was for the Authentication Proxy software where it interfaces with the “connection server” even though I don’t have a connection server. I also don’t have a RADIUS server installed, unsure if that is necessary, only have an AD.

How can I still enable MFA on my VM?

These are the only docs I can find > Two-Factor Authentication for VMware Horizon View (VDI) | Duo Security

Labels:
0 Helpful
3 Replies 3

DuoKristina
Cisco Employee
Cisco Employee

‎07-06-2023 03:02 PM

You could try installing Duo Authentication for Windows Logon on the target virtual host if it is running Windows.

Duo, not DUO.
0 Helpful

Hama900
Level 1
Level 1
In response to DuoKristina

‎07-07-2023 01:08 AM

That’s how I’ve got it set up now but it’s not ideal, I want the authentication to happen before I log into the Horizon portal and not afterwards in Windows. Is there not a way to achieve that?

0 Helpful

DuoKristina
Cisco Employee
Cisco Employee
In response to Hama900

‎07-07-2023 05:12 AM

Without a connection server I can’t think of a way you could add Duo RADIUS authentication in Horizon.

Do you use UAG or Workspace One? It’s possible to add Duo auth to those via RADIUS using our generic RADIUS application or SAML with our generic SAML 2.0 SSO application.

Configuring Horizon for Unified Access Gateway and Third-Party Identity Provider Integration (this also seems to require a connection server though).

https://resources.workspaceone.com/view/j87fqmyx6bjzwbvjvvtq/en

You might want to contact VMWare support, who likely understand your current config well, and ask what option you have in your current config for adding third-party RADIUS or SAML authentication.

Duo, not DUO.
0 Helpful
Quick Links
     
                  Duo Release Notes   Duo Discussion Forums      
 
 
Customers Also Viewed These Support Documents