Radius server differen evenlog on SMS and Auth app

Belan Marek 51 Reputation points
2022-12-27T16:01:39.83+00:00

I find strange thing on our radius server.
We have setup Radius with Microsoft online MFA.
But when user have SMS as default authentication in event logs, we don't see policy used to authorize user.
If user have authentication app, we can see all in event log.

274335-app.png274362-sms.png

Auth App
SMS

Azure Active Directory
Azure Active Directory
An Azure enterprise identity service that provides single sign-on and multi-factor authentication.
12,702 questions
Windows Server
Windows Server
A family of Microsoft server operating systems that support enterprise-level management, data storage, applications, and communications.
8,213 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. Givary-MSFT 11,756 Reputation points Microsoft Employee
    2022-12-30T02:59:37.583+00:00

    @Belan Marek Thank you for reaching out to us, to investigate this issue, would like to start with radius/nps configuration related information would like to know what kind of radius authentication methods is configured in the policy.

    Authentication methods:

    PAP supports all the authentication methods of Azure AD Multi-Factor Authentication in the cloud: phone call, one-way text message, mobile app notification, OATH hardware tokens, and mobile app verification code.

    CHAPV2 and EAP support phone call and mobile app notification.

    Reference: https://learn.microsoft.com/en-us/answers/questions/244757/azure-mfa-with-vpn-using-sms-otp.html
    https://learn.microsoft.com/en-us/azure/active-directory/authentication/howto-mfa-nps-extension-vpn

    if the above information doesnt help to isolate the issue, we can connect offline to troubleshoot further.