Forum Discussion

schimpanze's avatar
schimpanze
Copper Contributor
Apr 09, 2026

VPN Integration not persistent

Hello,

We tried to configure https://learn.microsoft.com/en-us/defender-for-identity/vpn-integration from supported Cisco VPN GW. We established the RADIUS Accounting logs to be sent to DC with MDI sensors installed. Yet when we enabled this in Defender Portal (Settings > Identities > VPN) by checking the box and inserting the shared secret, the configuration is not persistent. We hit save, and we are presented with the success green message, but once we refresh the page or go elsewhere in the portal, the checkbox is not checked. Has anyone encountered the same issue?

Thanks, Simon

microsoft 365 defender
Sensor

1 Reply

  • Lucaraheller's avatar
    Lucaraheller
    MCT
    Apr 16, 2026

    Hi schimpanze​ ,

    That does not sound like expected behavior. If the VPN integration settings are saved successfully, the checkbox and shared configuration should normally remain persistent after refresh.

    When the portal shows a green success message but the setting disappears immediately afterward, it usually points to one of these scenarios:

    Portal/UI sync issue

    Sometimes the Defender portal confirms the save action, but the backend configuration does not commit correctly or the page reloads stale values.

    Permission / RBAC issue

    If the account can open the page but does not have the required permissions to fully write tenant settings, the save may appear successful while not actually persisting.

    Backend service issue

    There have been occasional cases where specific settings pages in Defender XDR save inconsistently after recent portal updates.

    Validation failure after save

    If something in the secret, formatting, or tenant state fails validation server-side after submission, the UI may silently revert.

    What I would recommend:

    1. Try a private/incognito browser session.
    2. Test another browser.
    3. Confirm you are using an account with full Security Administrator or Global Administrator permissions.
    4. Re-enter the shared secret manually and save again.
    5. Wait a few minutes, then refresh. Some settings can take time to replicate.
    6. Check if the same happens from another admin account.
    7. Open browser Developer Tools (F12) and look for failed API calls when pressing Save.
    8. Confirm the MDI sensors are healthy and reporting normally, although sensor health should not normally block saving the portal setting.

    Most likely cause in your case:

    Because the checkbox clears immediately after refresh, I would suspect a Defender portal backend regression rather than a Cisco RADIUS configuration issue.

    My suggestion:

    Open a Microsoft support case and include:

    • Timestamp of save attempt
      • Screenshot before and after refresh
      • Tenant region
      • Browser used
      • Whether tested with Global Admin
      • Any browser console/API errors

    That usually helps engineering trace the failed settings write quickly.

    Short answer:

    No, that is not normal behavior, and it sounds more like a portal persistence bug than a VPN integration configuration problem.

    Thanks for posting this. Others may be seeing the same issue.