I followed this GUIDE https://docs.microsoft.com/en-ca/azure/active-directory/authentication/howto-mfa-nps-extension-rdg
And the issue is all my users are able to login without getting prompted for the MFA..
this is the logs I see on the NPS server with Extension..
NPS Extension for Azure MFA: Radius request is missing NAS Identifier
and Nas IpAddress attribute.Populating atleast one of these fields is
recommended.This is not an error.
And NPS logs on the gateway server….
An Access-Request message was received from RADIUS client x.x.x.
with a Message-Authenticator attribute that is not valid.
Can you please help as what is missing here…
Best Answer
I have the same issue. Apparently on the guide there are few steps missing.
Looking online I found Go To Azure - Enteprise Apps - Filter per Microsoft and check if the following are enabled Azure Multi Factor Client Auth Azure Multi Factor Connector
Unfortunately, for me it didn't work and I have a different error
Good luck