RDP over VPN to Azure VM - what have I missed
Hi, I've set up a Virtual Machine in Azure; it has an app which links to an Azure SQL Database. When I log into aka.ms/wvdarmweb with the user acct which has access to the app, all works fine. Now I'm trying to setup RDP over VPN, and have followed the Microsoft tutorial documents. Virtual Network Gateway is setup, Admin authority went thru ok, download of Azure VPN was fine, and connection has been established from a client machine to Azure over the VPN. Tick tick tick tick, great stuff. I download and start the RDP for the VM, the computer name defaults to "10.0.0.7". I click Connect and get "Remote Desktop can't connect to the remote computer for one of these reasons:" and three possible reasons display. Well, for reason 2 and 3, the remote computer is on and available on the network (otherwise I wouldn't be able to login in via the portal, I guess). So it must be the first reason "Remote access to the server is not enabled." Any suggestions as to what I might have missed? VM Inbound rules on the NIC include AllowRD (3389), AllowPSRemoting (5986), AllowVnetInBound (any). Several users have access to the VM, as demonstrated by access to it via the portal. Thanks
MFA and Azure IKEv2 P2S VPN Failing - Timeout Issue?
Hi, I'm having trouble getting MFA working with an Azure P2S IKEv2 VPN using RADIUS auth. It seems that the auth response timeout on the gateway is set so low (looks like 5 sec) that I don't have enough time to authenticate using MFA. I've verified this both with DUO Auth and Azure MFA; both have the same result. I initiate the VPN connection, enter credentials, and before I can answer the phone call to verify MFA, another request is initiated and a second call comes through. If I successfully verify either or both calls, the connection fails. However, if I use a push notification to the cell phone for verification and I can verify in under 5 sec, the connection is completed. I've also pointed my Palo Alto VPN device (where I have a specified timeout of 60 sec) at my MFA server and was able to log in successfully to that VPN - this determines the issue is not with my MFA server setup. I've created a bug request with Microsoft on this as there doesn't seem to be a way to change the timeout. Has anyone else encountered this issue or found a workaround??
