I have NPS deployed in-front of VIP EG, as a main RADIUS system to authenticate users through wireless and VPN. In order to address 2FA requirement for VPN dial-in I have configured Connection Policy in NPS as RADIUS proxy for the RADIUS server running on VIP EG.
Currently, second-factor is correctly invoked when user logging into Office365, through ADFS infrastructure.
The goal is to invoke second-factor for users that are connecting through VPN. I do see the traffic making its' way to EG however getting the following error message: