Re: FortiClient & Microsoft Azure MFA
I have configured an IpSec tunnel using the Radius authentication with MS Azure MFA, and it works like a charm if I use the phone call, or the notification on the authentication App (Microsoft Authenticator) on my smartphone.
But if I choose another option (SMS or code from authentication App), when I login to the Forticlient with my login/pwd and press "Connect", a new field appears, and it show "Enter your Microsoft verification code". Then I fill the field with the code I have received (SMS or App), but each time the connection fails, with a text box "VPN connection failed. Check network connection..." (translation from French, sorry ;) ).
On my radius server, I see that the NPS extension rejected the connection. It looks like the code is not correctly send from the Forticlient to the Radius server.
The SMS/App code MFA options work correctly to access to other ressources (ie : webmail, ...)
Any idea of what could be wrong ?