Windows Server 2022 NPS Extension MFA Error

Copper Contributor

Hello everyone, i have a Windows Server 2022 running as VPN and another Windows Server 2022 acting as RADIUS. All domain joined, NPS is joined in domain, the Azure AD and local AD are synced, enabled ntlmv2 support for ms-chapv2 and the radius authentication is successful, but after installing the NPS extension MFA, configured and checked up with the troubleshooting powershell script and all certificates are fine, passed all checks, but when i try to connect i receive a message "could not verify server identity".

 

Looking at the logs, the connection was dropped by a third-party .dll, the user-sign is enabled in the azure app.

1 Reply
The "third party .dll" is the MFA plugin "NpsExtnForAzureMfaInstaller.exe" your logs can be found:
Event Viewer (local)\Applications and Services Logs\Microsoft\AzureMfa\AuthZ\AuthZOptCh

Suppose to send prompt to AzureAd for MFA.