Cisco Duo configuration/setup and faced errors in PAM
Open Server Manager.
Select the respective user. Right click and select Edit User Settings. Select Cisco Duo from the Drop Down and select "Enable Dual factor Type" and select "Confirm Status".
Open Admin Settings and find "Cisco Duo MFA". Click on Add and fill the details.
For getting these details open Cisco Duo website and Login with an Administrative Account.
Go to Applications and select Protect an Application.
Search for Web SDK (PAM uses Web SDK API for Cisco DUO MFA).
Select Protect Button beside Web SDK.
Copy the shown details in the Admin Settings page Cisco DUO MFA and Save the details.
Make the require changes in the Application Created and make sure the Activation is Complete in the Page. Save the Made Changes.
You can use the link for configuration of Application for any doubts.
Try to login into PAM for which Cisco DUO is configured.
If you get below error
This means the details have not been saved on the Admin Settings Page. Save the gathered details from the Cisco DUO Application (Client ID , Secret ID and API Host ).
If you get the below error after the details are saved.
This error means you have entered the details for Wrong API.
Make Sure the Application is Web SDK
Make sure the URL shown in the error has the correct details.
The API URL and client id should match with what you have gathered from the Cisco Application.
According to the Above details when I enter my details in PAM ACMO my URL should be.
Make sure your details match with Application Created in Cisco DUO.
If configuration is successful you will get the below page.
Add the required details and select the first option if you want to authorize using Mobile DUO App.
If you want the Authorization to happen every time you login into PAM. Select "No, other people use this device".
If this is not selected PAM will automatically login without any MFA
Related Articles
How to allow client user to approve raised service and password access Requests. (Workflow) || Requested Page Is Not Accessible. Access Denied.
ISSUE DESCRIPTION: You are receiving the below error while opening the service or password access request page. Requested Page Is Not Accessible. Access Denied. REASON: This happens when the user who is trying to access this page is a client user and ...Chrome or Edge Driver auto downloading in ACM Folder
Scenario: If the Client is using <NATIVE><CUC> or <NATIVE><CUE> tags for accessing any App web browser and client wants to auto download the driver in ACM folder. Kindly follow the below steps. Step 1: Log into the Admin Settings page via Admin User. ...Are you having trouble logging into ACMO? Is the page taking a long time to load after you enter your credentials and click the login button?
Are you having trouble logging into ACMO? Is the page taking a long time to load after you enter your credentials and click the login button? Here are some things you can check: 1. Make sure the API URL is listed in the Application List. 2. Check if ...A network-related or instance specific error while accessing Server Manager or any service through ACMO.
Issue If you are getting the error while accessing server manager or accessing any service through ACMO. Resolution Just enable the Web Service DT for Database (Server Manager) from the Admin Settings page to resolve the error for Server Manager To ...Adding Natted IP into PAM and its configuration
When a client wants to provide the PAM access to the users that are not within company’s network , instead they are from outside Network. For this if outside users are using Natted IP for accessing both API and Gateway server then we need to add an ...