cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Skip MFA for a single public IP

MagicMarker
Occasional Contributor

‎May 29 2020 01:34 PM - last edited on ‎Jan 14 2022 04:31 PM by

‎May 29 2020 01:34 PM - last edited on ‎Jan 14 2022 04:31 PM by

Skip MFA for a single public IP

I want to skip MFA from one of our Remote App servers on our network. I will create a NAT for all inbound and outbound traffic for the Remote App server to use a specific public IP address. I have added the public IP address with /32 subnet in the multi-factor authentication service settings. Do I also need to setup a conditional access policy to bypass anything in this trusted ip section?

3,300 Views
0 Likes
1 Reply
Reply
1 Reply
best response confirmed by MagicMarker (Occasional Contributor)
vas_ppabp_90

‎May 29 2020 05:39 PM

‎May 29 2020 05:39 PM

Solution

Re: Skip MFA for a single public IP

Generally you can complete this within the CA policy, its one of the conditions.

You can either specify a Named Location or just use the MFA Trusted IP list.

Also, would suggest configuring locations.

 

CA Policy -> Conditions -> Locations -> Configure "Yes" -> Include "Selected Locations"/Trusted Locations"

Depending on licensing requirements and capabilities, if Azure P1 is accessible, would suggest going down the path of Azure MFA opposed to the so called O365 MFA.

0 Likes
Reply