Radius/TACACS server and user identity database (in this case, I’m using ISE and Windows AD).Duo proxy server (in my case, installed on Win Server).Now that we understand the basic flow of events, we clearly see there are four key components involved here: Auth proxy informs send user validation to ISE ISE assigned configured authorization profile and assigned Priv 15 level access in this case.Device accepts Duo push notification in turn, Duo responds back to auth proxy.Duo security sends push notification to end user’s registered device.Upon validation, auth proxy makes an API call to Duo security for second factor.
0 Comments
Leave a Reply. |