Forum Discussion
Solved
On premise Sharepoint 2016 external access based on AD group
Is there any way to block or allow external access of an on premise SharePoint site by using an active directory security group? I have accomplished this in the past using ISA TMG 2010 but with that product retiring I need an new solution.
I can easily enough allow external access to the SharePoint site but access is based on the SharePoint permissions. I'd like to block interns from accessing the site when not on the LAN, but have access to the site when they are connected directly to the network.
I have looked at various 3rd party TMG alternatives but not found anything that handles this very well.
Azure AD App Proxy allows you to apply Conditional Access Policies. I would go this route. You don't have to open any inbound ports to make this one work, although it will require P1 or P2 licensing for the Conditional Access Policies.
Azure AD App Proxy allows you to apply Conditional Access Policies. I would go this route. You don't have to open any inbound ports to make this one work, although it will require P1 or P2 licensing for the Conditional Access Policies.
Thanks, I'll give that a try.
