I am implementing a cloud-only Azure solution; we have no physical location for on-premise devices. This is the topology of my solution:
I am trying to use MFA for authenticating users with the VM over RDP (i.e., when logging into the VM over RDP, MFA is required).
However, I have not been able to get this to work. I believe MFA (with text message) is configured correctly, and I have enabled MFA for the AD users.
I have consulted with Azure Tech Support. They have now told me that this "cloud-only" scenario is not supported, and use of the on-premises MFA Server is required. However, nowhere in the Azure documentation ("Getting started with Azure Multi-Factor Authentication in the cloud") can I find this requirement for the MFA Server.
Has anyone successfully implemented this pure "cloud-only" solution? Or does this scenario indeed require the on-prem MFA Server?
Any help or insight is greatly appreciated.
Thanks.