This is a typical implementation when using Network Policy Server (NPS) with a Cisco ASA VPN appliance to manage group and access policies.

NPS is Microsoft's implementation of a Remote Authentication Dial-in User Service (RADIUS) server and proxy. It is the successor to the Internet Authentication Service (IAS).

As a RADIUS server, NPS performs authentication, authorization, and accounting for wireless, authenticating switch, and remote access dial-up and virtual private network (VPN) connections.

• RADIUS
• Okta Classic Engine

Increasing the timeout response in the NPS Server (RADIUS Authentication): 

1. Go to the Start Menu and click on Administrative Tools.

2. Go to Network Policy Server (NPS).

3. Expand RADIUS Clients and Servers.

4. Highlight Remote RADIUS Server Groups, right-click > New.

5. Name the group, then click Add to add a RADIUS server.

6. Type in the Address of the RADIUS agent.

7. Click on the Authentication/Accounting tab to configure the RADIUS Server options.

8. Type in the Shared Secret that has been configured in the RADIUS Agent.

9. Click on the Load Balancing tab to configure the RADIUS timeout.

10. Under Advanced Settings, set the Number of seconds without response before request is considered dropped from the default of 3 to a higher value (20 seconds or higher is recommended), and click OK.

Related References

• Integrate your existing Network Policy Server (NPS) infrastructure with Azure AD Multi-Factor Authentication