I just spent all day trying to get RADIUS authentication for Client VPN to work on 2 separate Windows 2019 Servers. I hope others find this post before they waste an entire day. If you are having RADIUS authentication issues with Windows Server 2019 NPS, please be aware their is a known bug that has not been fixed or patched as of the June 2020 roll-up. The bug relates to the Windows Firewall and the NPS server role. Although adding the NPS server role creates the appropriate Windows Firewall rules, there is a bug with the IAS (NPS) service SID that prevents the Firewall service from properly targeting the IAS service. Thus, despite the rules being there, the traffic was still being blocked. I was able to find a work around (thank you Google and all those that came before me). From an elevated command prompt on the NPS server run the following command: sc sidtype IAS unrestricted Restart the server, and viola! There is also a second workaround where the scope of the firewall rule is set to any service. If you prefer this method, it is referenced in the links below. Resources & References: https://social.technet.microsoft.com/Forums/en-US/cf047df5-ed4a-46b9-9564-c9db5a9bc8dc/windows-server-2019-default-nps-firewall-rules-port-1812-udp-not-working https://windowsserver.uservoice.com/forums/295059-networking/suggestions/35724043-fix-default-nps-firewall-rules-for-server-2019 https://community.ui.com/questions/FYI-Windows-Server-2019-NPS-for-RADIUS-broken-w-fix/364c7c17-b3d3-4973-8dd2-e4e701309300 https://directaccess.richardhicks.com/2018/11/27/always-on-vpn-and-windows-server-2019-nps-bug/ Enjoy!
... View more