![]() This Duo proxy server will receive incoming RADIUS requests from your SonicWall SMA/SRA SSL VPN, contact your existing local LDAP/AD or RADIUS server to perform primary authentication, and then contact Duo's cloud service for secondary authentication. To integrate Duo with your SonicWall SMA/SRA SSL VPN, you will need to install a local Duo proxy service on a machine within your network. You should already have a working primary authentication configuration for your SonicWall SMA/SRA SSL VPN users before you begin to deploy Duo. First Stepsīefore moving on to the deployment steps, it's a good idea to familiarize yourself with Duo administration concepts and features like options for applications, available methods for enrolling Duo users, and Duo policy settings and how to apply them. See Duo Knowledge Base article 7546 for additional guidance. If your organization requires IP-based rules, please review Duo Knowledge Base article 1337.Įffective June 30, 2023, Duo no longer supports TLS 1.0 or 1.1 connections or insecure TLS/SSL cipher suites. This application communicates with Duo's service on SSL TCP port 443.įirewall configurations that restrict outbound access to Duo's service with rules using destination IP addresses or IP address ranges aren't recommended, since these may change over time to maintain our service's high availability. If you have issues with the v10 "Contemporary mode" and cannot update your device firmware, access the "Classic mode" login page by changing the VPN login URL in your browser from to There is no setting in the SMA config to force use of "Classic mode". The issue displaying the Duo prompt in "Contemporary mode" was fixed in SMA firmware update 10.2.1.0-17. ![]() This mode may prevent display of the Duo prompt. Sonicwall introduced a new "Contemporary mode" for SMA in v10.2.
0 Comments
Leave a Reply. |
AuthorWrite something about yourself. No need to be fancy, just an overview. ArchivesCategories |