Azure NPS extension problem: The RADIUS Proxy received a response from server with an invalid authenticator

Question

_{Friday, October 20, 2017 12:07 PM}

I have an RDS enviroment fully working. Now I want to use Azure MFA with the NPS extension.

I have installed that extension (and the NPS role) on a different server. Configured the NPS extension with Powershell like in the Microsoft docs.

I configured the RDS gateway to use a central NPS store, and configured the remote server there.

On the NPS server that's on the Gateway server, I have one Radius Client (remote server as client) and a "Remote RADIUS Server" where the "Connection Request Policies" refer to.

On the remote NPS server, I have a RADIUS Client configured with a Connection Request Policy with autenticates local.

I get the phonecall from phonefactor, but when I authenticate, it doesn't do anyting. Only one event:

The RADIUS Proxy received a response from server <remoteip> with an invalid authenticator (EventID 28)

I have no clue where this problem resides. The shared secret is correct, checked that multiple times.

Any idea how to fix this? Thanks!

All replies (2)

_{Friday, October 20, 2017 12:53 PM}

I just found out that if I uninstall the NPS extension, the problem is still there.. should I should probably post in another forum?

---

_{Friday, October 20, 2017 4:24 PM}

You may refer to this similar discussion here - https://social.technet.microsoft.com/Forums/en-US/15077c31-16ba-4b36-b96e-d3a4a2bc2e02/rd-gateway-with-azure-multifactor-authentication-dont-work-radius-proxy-received-a-response-from?forum=winserverTS might be helful. 

Do click on "Mark as Answer" on the post that helps you and vote it as helpful, this can be beneficial to other community members.