![]() ![]() You don't have to set up a new Authentication Proxy server for each application you create. If you are already running a Duo Authentication Proxy server in your environment, you can use that existing host for additional applications, appending the new configuration sections to the current config. This Duo proxy server will receive incoming RADIUS requests from your SonicWALL SRA SSL VPN, contact your existing local LDAP/AD or RADIUS server to perform primary authentication if necessary, and then contact Duo's cloud service for secondary authentication. To integrate Duo with your SonicWALL SRA SSL VPN, you will need to install a local Duo proxy service on a machine within your network. You should already have a working primary authentication configuration for your SonicWALL SRA SSL VPN users before you begin to deploy Duo. You'll need to pre-enroll your users in Duo using one of our available methods before they can log in using this configuration. First Stepsīefore moving on to the deployment steps, it's a good idea to familiarize yourself with Duo administration concepts and features like options for applications, and Duo policy settings and how to apply them. If your organization requires IP-based rules, please review this Duo KB article. Firewall configurations that restrict outbound access to Duo's service with rules using destination IP addresses or IP address ranges aren't recommended, since these may change over time to maintain our service's high availability. This application communicates with Duo's service on TCP port 443. Read the enrollment documentation to learn more. You'll need to create your users in Duo ahead of time using one of our other enrollment methods, like directory sync or CSV import. This configuration doesn't support inline self-service enrollment. Once configured, Duo sends your users an automatic authentication request via Duo Push notification to a mobile device or phone call after successful primary login. If you are already running a Duo Authentication Proxy server in your environment, you can generally use that existing host for additional applications, appending the new configuration sections to the current config. This Duo proxy server also acts as a RADIUS server - there's usually no need to deploy a separate additional RADIUS server to use Duo. ![]() To integrate Duo with your SonicWALL SRA SSL VPN, you will need to install a local proxy service on a machine within your network. Note that v8.x firmwares are end-of-life per SonicWall. Duo integrates with your SonicWALL SRA or SMA 100/200 Series SSL VPN to add two-factor authentication to logons using Global VPN Client or SonicWALL Mobile Connect client software. ![]()
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |