Dec 19 2018 12:15 PM
Is there any way to block or allow external access of an on premise SharePoint site by using an active directory security group? I have accomplished this in the past using ISA TMG 2010 but with that product retiring I need an new solution.
I can easily enough allow external access to the SharePoint site but access is based on the SharePoint permissions. I'd like to block interns from accessing the site when not on the LAN, but have access to the site when they are connected directly to the network.
I have looked at various 3rd party TMG alternatives but not found anything that handles this very well.
Dec 22 2018 08:28 AM
SolutionAzure AD App Proxy allows you to apply Conditional Access Policies. I would go this route. You don't have to open any inbound ports to make this one work, although it will require P1 or P2 licensing for the Conditional Access Policies.
Dec 26 2018 01:32 PM
Thanks, I'll give that a try.
Dec 22 2018 08:28 AM
SolutionAzure AD App Proxy allows you to apply Conditional Access Policies. I would go this route. You don't have to open any inbound ports to make this one work, although it will require P1 or P2 licensing for the Conditional Access Policies.