Starting the DUO MFA Proxy installation
wget --content-disposition https://dl.duosecurity.com/duoauthproxy-latest-src.tgz
tar xzf duoauthproxy-5.7.1-src.tgz
cd duoauthproxy-5.7.1-41087a5-src/
make
cd duoauthproxy-build/
ls
./install
./install --install-dir /opt/duoauthproxy --service-user duo_authproxy_svc --log-group duo_authproxy_grp --create-init-script yesnano /opt/duoauthproxy/conf/authproxy.cfg
The following config can be used for authproxy.cfg this example will allow you to do MFA with an FTD firewall in this example.
[ad_client]
host=10.10.8.4
host_2=10.10.8.3
service_account_username=<user>
service_account_password=<password>
search_dn=<dn of your domain>
security_group_dn=<dn of your group>
[http_proxy]
api_host=<api gateway url>
port=80
client_ip=10.0.0.0/8,172.16.0.0/12,192.168.0.0/16
;Home-FTDv
[radius_server_auto]
ikey=<your ikey>
skey=<your skey>
api_host=<api gateway url>
radius_ip_1=<ftd ip>
radius_secret_1=<radius secret key>
failmode=safe
client=ad_client
port=1812
Start the service.
/opt/duoauthproxy/bin/authproxyctl start