Hello,
I am using the Aruba VIA VPN solution and I wanted to enable Azure MFA support. I installed the Windows NPS Extension for Azure MFA and, in general, everything works correctly except for one issue.
Several forum users reported problems caused by the 5-second timeout while approving the login request in the Microsoft Authenticator app. It seems that the Aruba Mobility Controller waits only 5 seconds for the RADIUS ACCEPT packet, which is often not enough when waiting for Azure MFA approval.
I tried increasing the RADIUS client timeout values as well as modifying parameters in the dot1x profile, but neither solution helped.
I found a forum thread mentioning that this is a known issue related to IKEv2. Apparently, with IKEv1 the timeout can be extended significantly via controller configuration. However, I could not find any actual solution for the IKEv2 case, which seems to ignore the configured settings.
Has anyone successfully solved the 5-second MFA approval timeout problem with Aruba VIA VPN and Azure MFA?
ArubaOS (MODEL: Aruba7005), Version 10.4.1.12 LSR
Thank you in advance for any suggestions.
Jacek
-------------------------------------------