Hello,
Having some difficulty with integration of Windows 2016 NPS with Symantec VIP with EG deployed on-prem.
NPS server deployed to facilitate Wireless Access 802.1x as well as VPN connectivity from various firewalls.
The current state:
1. Wireless clients in multiple, on-prem locations authenticate through WLAN controllers based on provided domain username and password, the SSL certificate deployed on NPS servers creates encrypted tunnel - this part works without a problem.
2. VPN users "dial-in" using laptop and the VPN client deployed - this part works without a problem.
The desired outcome:
I would like to add 2FA to the second workflow.
1. I tried deploying NPS plug-in, however when performing testing showing the following error:
When reloading IAS service, plug-in initialization writes results to the log correctly, Sometimes, errors corresponding to the above written in the following manner:
[ERROR] : Missing password for user ....
[ERROR] : Missing password for user ....
Confirmed correct password for pem by importing the pfx to the internal store.
The password, or the generated code is correct as with the same credential I'm able to login properly through any other configured app, such as Office365.
I'm not sure if utilizing this plug-in would also impact Wireless Access, as we do not want to have it enabled for that, only for VPN access.
Unless otherwise recommended, I would be more inclined to proxy RADIUS traffic from VPN devices to EG's validation server, but that part also does not work for some reason, user getting properly logged in and no 2FA initiated.
Could you please advise what is the best approach here?
Thank you.