Forum Discussion
VPN Integration with Network Policy Server (NPS) RADIUS Accounting?
Hello, Looking to integrate our 3rd party VPN solution with MSFT Defender for Identity. The solution is using Microsoft's Network Policy Server (NPS) for authentication, and there are options...
EliOfek
Microsoft
MicrosoftSee some details here about the needed RADIUS format:
https://docs.microsoft.com/en-us/defender-for-identity/install-step6-vpn
If it's still not helping, open a support case, support can give you best effort support to show you what is "broken" in the format that will cause MDI to ignore the message.
Make sure to have a network trace ready containing the radius messages sent to the sensor.
https://docs.microsoft.com/en-us/defender-for-identity/install-step6-vpn
If it's still not helping, open a support case, support can give you best effort support to show you what is "broken" in the format that will cause MDI to ignore the message.
Make sure to have a network trace ready containing the radius messages sent to the sensor.
It looks like the NPS server is not forwarding accounting messages to the DC based on wireshark data, we use the Azure MFA extensions and I read somewhere because of this it can't forward them.
Is there a way to feed this data into identity protection by other means? We have the NPS accounting logs on disk in DTS Compliant format.
In MCAS we can upload logs (https://docs.microsoft.com/en-us/cloud-app-security/discovery-docker), can we upload the NPS logs and have that tied to the "Accessed VPN Locations"?