We were able to resolve this by obtaining an externally valid certificate on our longroad.ac.uk domain to use with the NPS server. We needed to create an external DNS record in order for the certificate request to succeed, but this did not have to point to the actual server.
... View more
