Forum Discussion
Restricting Remote Access
Hi, Our current setup is with local RDS. Users can log into the gateway, but when they attempt to connection to a session host then either: 1) If they're on the local network, they can log straigh...
Christian_Montoya
Microsoft
MicrosoftOffColour1972 : Based off your immediate description, you can likely solve this by using a two-step process, both of which use Azure AD Conditional Access:
1. Require MFA for all connections to the Windows Virtual Desktop Azure AD application.
2. In that policy, make an exception for IP address coming from your corporate network. This specific article blocks based off IP, but is a good starter to get familiar with the policy (https://docs.microsoft.com/en-us/azure/active-directory/conditional-access/howto-conditional-access-policy-location)