You enable 2 factor authentication options with Duo Security
When you come out with 2 factor authentication. Please have an option to integrate with Duo Security (https://www.duosecurity.com/). They are an easy to use, low cost option that works well.

11 comments
-
Paul commented
Do you have a link to that XG and Duo integration document?
-
Anonymous commented
Sophos XG supports DUO and I also have a document about the Integration between Sophos XG and DUO
-
Jacob Jensen commented
Im in the same boat. Looking to implement Sophos XG to replace my TMG but if Duo Security does not work with sophos XG that will be a showstopper for us
-
vitale mazo commented
Has this been completed my company can not move forward with Sophos firewall without DUO two factor this is a acquirement to use the firewall
-
vitale mazo commented
What is the Status on Duo integration with SSL vpn this is a requirement for our company.
-
Anonymous commented
Integration with Duo Security is still a desired OOTB functionality. Or integration with other 2 form factor authentication period. We need to use a solution that is NOT dependent on Smart Phones only as some of our users do not wish to install a company required app on their personal smart phone. Need something that can work with SMS, RSA keys or other options.
-
Duo_on_UTM commented
If anyone wants exact specifics, or if you want to take a shortcut and just grab pre-compiled stuff, I'll post this on the astaro forum.
-
Duo_on_UTM commented
I was able to integrate DuoSec's openvpn plugin into my UTM 9.315-2 install. It requires building the plugin on an arch-similar platform; I used SLED 11 SP4. The plugins are all compiled as 32-bit ELF binaries, so make sure you include the -m32 cflag when building. Also, you'll need to make some edits to the duo_openvpn.c file prior to compiling, due to openvpn running in a chroot on the UTM. The path to the duo_openvpn.py script needs to be a static path that exists within the chroot. Also, since the openvpn chroot doesn't have the python binary or any of the associated libraries, they need to be copied/linked into the chroot as well. I used a bind mount for the python libraries, and just copied the python binary directly. Lastly, you'll have to edit the openvpn.conf-default file and comment out the utm plugin (it won't work with the duosec plugin), and insert the duo plugin info.
-
Anonymous commented
Still waiting..... Will Sophos show up or not????
-
Joe commented
Wondering if this has been considered since it was originally requested. We want to be able to use this feature with SSL VPN.
-
Aza commented
I agree this should be looked at and considered