Radius timeout

Hi,
I’m using Windows NPS as Radius to authenticate VPN users by domain controller.
I just moved my DC on VLAN, and now I cannot authenticate users: “user … authentication error, radius timeout”
Radius stats give me 35 request and 35 timeout, 0 accepts.
On windows 2012 NPS on firewall log I do not have anything, any incoming connections.
When I connect to mikrotik using VPN authentication instead DC, and getting the same IP, that users authenticated by DC shoul get, then I no problem ping my domain controller.
Here are my firewall logs, to and from VLAN where my DC is:

add action=accept chain=forward dst-port=135,587 in-interface=vlan101 protocol=tcp
add action=accept chain=forward  dst-port=53,88,135,139,389,443,445,464,1433,8080,3268,3269,3389,49158,49155 out-interface=vlan101 protocol=tcp
add action=accept chain=forward  dst-port=22,636,445,9389 out-interface=vlan101 protocol=tcp
add action=accept chain=forward  in-interface=!ether5 out-interface=vlan101 protocol=icmp
add action=accept chain=forward  dst-port=53,88,123,137,138,389,445,464,1434,1812,1813 out-interface=vlan101 protocol=udp

vlan101 - DC vlan
But even if I disable block all forward rule at the end of rules in Mikrotik, then still have timeout to RADIUS error.

On your NPS do you have the network policy configured with correct vendor settings and VLAN for Mikrotik?

Is the log message you have ‘radius timeout’ from the Mikrotik radius log;?

problem resolved, I configured as Radius Client Mikrotik with native Vlan IP address, and should configure in on new vlan101 IP address, after change NPS is working.