SSL-VPN causing 100% CPU with NPS and Azure MFA Extension
I have configured an existing SSL-VPN to use Radius.
The Radius sends requests to a Microsoft NPS server with the Azure extension installed which will provide MFA requests.
All the config works great.
After several hours of running the server is maxing it's CPU at 100% on a COM surrogate process.
Users get delays to the authentication request or none at all.
There is an event constantly logged that may be causing this issue:
Log Name: AuthZAdminCh
Date: 22/06/2020 09:46:16
Event ID: 3
User: NETWORK SERVICE
NPS Extension for Azure MFA: CID: <> :Exception in Authentication Ext for User USername :: ErrorCode:: REQUEST_MISSING_CODE Msg:: Request is missing OTP Enter ERROR_CODE @ https://go.microsoft.com/fwlink/?linkid=846827
for detailed troubleshooting steps.
This request is coming from the FortiGate but does not relate to an active request for a user to log in, it appears to be an old request that does not timeout.
Can anyone point me to the settings that is causing these requests on the FortiGate?