question

BloodCenterAdmin-1840 avatar image
0 Votes"
BloodCenterAdmin-1840 asked BloodCenterAdmin-1840 commented

Local NPAS Server and Azure MFA Conditional Access for VPN Connectivity Setup Question?

Hello Microsoft Community

I want to start this question with saying I'm new to my position with the company I'm at now but have years of experience working with all things Microsoft.
But with that said I'm learning about many new Microsoft products that we didn't use in my last place of employment. Please forgive me if has been addressed I just have so many things that I am just now learning about our setup and how they work with Microsoft Cloud services.

My Questions is we have a local NPAS server setup for RADIUS to authenticate users for VPN and WiFi. All our AD servers are local but we do have a group syncing with Azure for Office 365.

I have configured and tested Conditional Access with MFA and was able to get it working with 365 apps but my goal is to require 2FA for VPN connection but not require it for Windows Login.

Can anyone give me advice or help me figure out what I don't know, that I don't know?

azure-ad-authentication
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Just an an update on my end a coworker found this document.
howto-mfa-nps-extension


Has anyone configured a test environment for a setup like that?
If so are there any gotcha that we should look out for?


0 Votes 0 ·

Progress this week.

We successfully created a NPS server using RADIUS for VPN authentication.
We can VPN into our network using the native VPN client in Windows 10.
As soon as we install the NPS Extension for Azure and run the PowerShell script everything completes successfully but we are no longer able to connect to our network. We are getting a message that indicated the username or password or authentication protocol could be wrong.

However the funny thing is we do start receiving text messages for authentication but it never even gives us the option to enter it.

Has anyone done this and have any advice?
howto-mfa-nps-extension-vpn


0 Votes 0 ·

0 Answers