Thank you. This post helped me to understand my issue. Brand new RDS brokers, gateways and NPS MFA extension. It took between 1 to 3 minutes to logon from Internet. I had feeling something was wrong and probably with certificates. After reviewing the network security group in Azure for the DMZ network where the RDS gateways were sitting I found out the issue as it was blocking tcp/80 to the internet. I am glad this issue has been resolved and thanks to this blog post.