Apr 09 2020
- last edited on
Jan 14 2022
My client is current Office 365 E3 users. They would like to using Office365 credential to login their workstation with Azure AD joined device. But their requirements that all their staffs is not allowed access direct internet, but only allowed through established a VPN tunnel to connect the services due to security purpose.
In this case, can i build a site-to-site VPN tunnel from router to connect Azure Active Directory which come with Office365?
Apr 09 2020 01:56 PM - edited Apr 09 2020 01:57 PM
Apr 09 2020 10:30 PM
Apr 10 2020 04:18 AM
Apr 10 2020 10:54 AM
Hello @RhysLwk !
Best way to secure the authentication with Azure AD is to
A combination of the above featues will make your environemnt very well protected and secure if configured correct.
Sadly, VPN is old technology and from my knowledge, it's not possible to set up a VPN to Azure AD ( Maybe Azure ADDS )
If your environment still belives that the above solutions are not secure enoug. Then I would suggest with keeping on-prem ADDS and ADFS perhaps to manage authentication and SSO towards O365 and other SaaS applications.
Let me know if you need further advice.
Apr 20 2020 12:24 PM
@RhysLwk they are trying to protect themselves with the wrong approach. Their approach is like trying to avoid a car wreck by driving on a sidewalk where there are not any cars. Share this with them https://clouddamcdnprodep.azureedge.net/gdc/gdclfVmGo/original