Share via

Problem with Entra/RADIUS NPS addon after KB5040430 install

Anonymous
2024-07-18T10:50:20+00:00

Hello,

We have a firewall which use RADIUS authentication with Entra/Azure NSP addon. We use this solution to VPN service in our company. We installed the latest commulative update (KB5040430) one of NPS server yesterday. Today, we can't connect to our VPN service. We checked the event log on NPS server and in our Azure tenan, but that wrote everything fine, nevertheless the VPN connection doesn't work. When we change the NPS server to other, which doesn't contain the latest commulative update (KB5040430), the connections work fine.

I didn't find known issues, or solution on MS sites, but in this Reddit post has simmilar issue (without solutions and workarounds.)

Do you have any idea about our problems?

Thanks,

Gabor

Windows for business | Windows Server | Networking | Other

Locked Question. This question was migrated from the Microsoft Support Community. You can vote on whether it's helpful, but you can't add comments or replies or follow the question. To protect privacy, user profiles for migrated questions are anonymized.

0 comments
Accepted answer
  1. Anonymous
    2024-07-27T19:14:40+00:00

    Whose firewall solution is being used?
    Both Checkpoint and Sophos appear to be investigating interop issues with RADIUS protections in the July 9, 2024 Windows Updates discussed in:

    If using Checkpoint firewalls, see

    Solved: Re: Blast-RADIUS - CVE-2024-3596 - Page 3 - Check Point CheckMates

    • CheckPoint Solution ID: sk182516: Check Point response to CVE-2024-3596 - Blast-RADIUS attack
      • Check Point plans to provide a fix in the upcoming Jumbo Hotfix Accumulator package for all supported versions.
    • Checkpoint Solution ID: sk42184: RADIUS authentication fails

    If using Sophos firewalls, see

    2 people found this answer helpful.
    0 comments

6 additional answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Anonymous
    2024-07-18T12:26:48+00:00

    Hello,

    First, you could try uninstalling the update and see if that resolves the issue. To do this, go to Settings > Update & Security > Windows Update > View update history > Uninstall updates. Find the update in question and click Uninstall.

    I hope the above information can help you.

    Best regards

    Zunhui

    0 comments
  2. Anonymous
    2024-07-19T10:15:04+00:00

    Hello Zunhui,

    First of all, thank you for your answer, I appreciate for your help! This cummulative patch contains a lot of security fix. Surely the right way is to delete the patch on the affected server? Does the Microsoft know that the this patch cause problems on the NPS servers?

    Thank you for your help!

    Best regards,

    Gabor

    0 comments
  3. Anonymous
    2024-07-22T16:06:12+00:00

    Hi Kovács Gábor_000,

    Microsoft usually pays attention to user feedback. If there is already user feedback on this issue, it should be aware of it and will fix it in a subsequent update.

    Best regards

    Zunhui

    0 comments
  4. Anonymous
    2024-07-23T09:31:16+00:00

    Hello Zunhui,

    Thank you for your feedback! We removed the update (KB5040430) from the server. The RADIUS / Entra NPS addon works fine.

    We waiting for the next cumulative update which contains the fix. If you have any update about this, you able to give feedback?

    I appreciate your help!

    Best Regard,

    Gabor Kovacs

    0 comments