VPN remote access with Duo Multi-Factor Authentication. Demo

VPN remote access with Duo Multi-Factor Authentication. Demo


VPN remote access connections can use Duo as second factor authentication (e.g. with push app notifications). I am presenting a video showing how to use this configuration as a continuation of application of Cisco Duo Security for RDP sessions demo available here.
The components of the system used in lab:
  • Cisco Firepower vFTD virtual appliance
  • Cisco Duo Security mobile app for MFA actions
  • Duo cloud for MFA provisioning
  • Cisco Anyconnect Secure Mobility client for VPN remote access
  • Grandmetric Labs Active Directory
  • Cisco Identity Services Engine for granular AAA policy building
Lab schema:
DUO_LAB_schema VPN remote access
VPN remote access Multi-factor authentication live demo


You can also read more about one of VPN MFA integration between Duo and Cisco ISE and ASA in large e-commerce that we described in our blog in 2017  You can read there about authentication flow and HLD architecture.


Marcin Bialy

Marcin Biały is Network and Security Architect with over 14 years of experience, with Service Provider and Enterprise networking background. He used to work for large service providers, global vendors and integration services companies as Network Architect, Leading Architect and Techincal Solution Manager positions. He designed, implemented and supported dozens large scale projects and infrastructure migrations, solved hundreds of tickets and spent hours with CLI and GUI of many flavors. Marcin is also holding industry recognizable certificates such as CCNP, CCNA, CCSI #35269, FCNSP #7207, FCNSA and more.

Leave a Reply

Your email address will not be published. Required fields are marked *

Sign up to our newsletter!