Hello!

We have Client VPN setup successfully on our primary MX at one site using the L2TP over IPsec configuration. It points to a Windows Server using NPS.  I am looking at duplicating that same scenario at our secondary site.  I essentially copied our current configuration with the exception of changing the host name and deployed it to my windows machine. When i attempt to connect, Windows prompts for credentials, but eventually gives me an error, "The remote connection was denied because the username and password combination you provided is not recognized or the selected authentication protocol is not permitted on the remote access server."

 I do see these errors in Meraki: 

Things I have done or not done.

I have looked in the Radius log and do not see the it receiving the authentication request.

I have confirmed that the VPN adapter in Windows is set like my primary to Allow the 3 protocols listed on the Security tab, including PAP. 

I checked the registry setting on my computer for AssumeUDPEncapsulationContextOnSendRule but again, if it works for the primary, i would think i would not need to verify this.

I have NOT configured anything new on my NPS server, do I need to add this new MX as a Radius client? One aspect of the primary config that confuses me is that on the Windows NPS server, under Radius Clients, the Meraki setup shows the IP of the Radius server and not the IP of the MX.  This document outlines the need to add the IP of the MX:

https://documentation.meraki.com/MX/Client_VPN/Configuring_RADIUS_Authentication_with_Client_VPN

I know I must be missing something simple.  I appreciate any assistance provided.  Thank you.