MFA not working for user

FIS_ Admin 1 Reputation point

I have one user whom MFA is not functional when trying to sign in with his Cisco Anyconnect VPN client. Keep in mind if we use another users credentials on the same computer it connects without any problems. The issue seems to be with just the one user. Here is what I found in the logs, for the first event listed, I did find the user had proper licensing, the other event I could not find much information on.
ADIUS Client:
Client Friendly Name: Anyconnect
Client IP Address: X.X.X.X

Authentication Details:
Connection Request Policy Name: Anyconnect-VPN
Network Policy Name: Anyconnect-VPN
Authentication Provider: Windows
Authentication Server: XXXXXX.XXXXXX
Authentication Type: PAP
EAP Type: -
Account Session Identifier: -
Reason Code: 9
Reason: The request was discarded by a third-party extension DLL file

Another event found:
Log Name: AuthZOptCh
Source: Microsoft-AzureMfa-AuthZ
Date: 10/5/2022 11:33:58 AM
Event ID: 1
Task Category: None
Level: Information
Computer: {computername}.XXXXXX
NPS Extension for Azure MFA: CID: 68043807-6b81-4c24-9baf-002819da2ff4 : Request Discard for user {username}@X .com with Azure MFA response: UserNotFound and message: The specified user was not found.,,,210de091-24f4-42d4-89e5-0f4c584de41d

Any help is greatly appreciated!

Microsoft Entra ID
Microsoft Entra ID
A Microsoft Entra identity service that provides identity management and access control capabilities. Replaces Azure Active Directory.
19,899 questions
{count} votes

1 answer

Sort by: Most helpful
  1. JimmySalian-2011 41,936 Reputation points


    Seems like NPS is not allowing that user auth requests to pass through, any logs on the VPN client side? Is this a new user with password required to reset ?

    Check some of the troubleshooting steps. howto-mfa-nps-extension

    Please "Accept the answer" if the information helped you. This will help us and others in the community as well.

    0 comments No comments