Hello Jon, You need to allow connectivity between your Domain Controllers and Radius Server on port 1812. If this is properly configured, I would recommend that you open a support case with Premium Support so they can provide additional logging details.
Another option is to enable some port listener in your radius server so that you can see if you receive packages from the Domain Controllers IPs to verify ports are not blocked.
Thank you Juan
Thank you Juan for your answer. I have solved it by running free radius in debugging mode and watching the logs. What was happening was that despite using the internal IP from the VPC (both are using the same VPC) Microsoft AD was trying to do the request through the external IP and the FreeRadius server was rejecting the call as foreign. I fixed it by creating an endpoint within the VPC from workspaces to EC2. Then it started working internally and authenticated because it never left the VPC. The key realization was setting up the endpoints.
Enable MFA on AWS Workspacesasked 3 months ago
Enable BYOL for my account in Amazon WorkSpacesasked 6 days ago
AD Connector MFA Setup Completed but AD Connector not sending RADIUSasked a year ago
Azure Cloud MFA support for WorkspacesAccepted Answerasked 3 years ago
Problems using the Amazon Workspaces Clientasked a month ago
Adding a User to Simple AD Directory in Workspaces - AWS CLIasked 3 years ago
Workspaces MFA setup problemasked 5 months ago
Workspaces MFA by SMSasked 4 years ago
Adding MFA to Workspaces "failed" problemasked 5 months ago
Does Workspace support RSA SecurID as MFA?Accepted Answerasked 3 years ago