1.I configure Azure AD conditional access and define a set of IP addresses to allow access for this.
2.I connect to the internet at home; VPN into my corporate network.
At this point; would the CA policy verify my actual IP(provided by my internet provider) and block access based on the policy OR would it take request as an IP from the VPN and allow me to access the resources on o365?
I did go through the whole idea of split tunelling; currently i believe the VPN is setup to route local traffic and the ISP would be responsible for the traffic on the internet browsing part;
With the current setup i believe accessing portal.office.com while having the VPN connected would still take the IP address provided by my ISP; however there is a catch to this and i need to do some testing;We do have ADFS setup and i believe the VPN routes the traffic to the adfs servers when authenticating to office 365; in this case the ADFS server would be a local resource that could be reached via the VPN tunnel and if that stands true then i believe the conditional access polices would allow any device that has vpned to access o365 as a whitelisted IP user.