I'm trying to figure out if RD Gateway combined with NPS can support any form of authentication, particularly MSCHAPv2. So far, the only authentication method I've managed to get working allows clients to connect without any form of authentication at all, which isn't ideal. I've searched everywhere for information on this but haven't found anything useful. Just to clarify, this is not about setting up 802.1x or a VPN—it's specifically for remote desktop services. Any insights would be appreciated!
2 Answers
From what I've seen, it might not work with MSCHAPv2 if the gateway is domain-joined. Have you considered whether the gateway will be exposed to the internet? It could influence your setup significantly.
We use MFA with NPS too, but we're looking to layer in MSCHAPv2 as well for extra security. It’s tricky, but seeing if there's a compatibility option in your settings might help.
Yes, the gateway will be placed in a DMZ, so I need to ensure security is tight.