You'll see your computer start to try and establish the connection.Īt this point, the Remote Access Gateway server is waiting for you to provide your second factor, even if it's not readily apparent. Enter the computer name in the provided box and click Connect.Ī dialog box will pop up asking you to enter your credentials for the Remote Access Gateway, enter your user name in the following form: ad-its\catid and then enter your password. Follow the instructions below to make the connection successfully.įrom your computer at home, launch your remote desktop application and enter the computer name you will be connecting to. This means you'll need to use your second factor to connect to your on-campus desktop computer.
In this scenario I have a single RD Gateway with the NPS role installed and a secondary server with the NPS role installed which will act as my Azure MFA NPS server.Remote desktop access from off-campus has been protected with multi-factor authentication (MFA). You will need your Azure tenant ID, available on the overview page of the Azure AD portalīefore we get further into this post it is assumed that we already have a working RD Gateway and VPN, only changes required to make this work will be included.
You must have your RD Gateway roles on a separate server to your NPS/RADIUS server (the NPS/RADIUS server that will have the Azure MFA NPS Extension installed) The NPS server must be able to communicate with the following URLs over port 80 and 443 Visual C++ Redistributable for Visual Studio 2015Įvery user that requires targeting must be synced from AD using AD Connect or Azure Cloud Sync and registered for Azure MFA - Users must register an authentication app for push notifications, this solution only works for push notification, it does NOT work with OTP/TOTP codes - Users can register at the following link: You must install the following libraries on the servers with the NPS roles (minimum two)
Users must be licensed for Azure MFA (Azure AD Premium P1 minimum)
0 kommentar(er)
