cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
SOLVED

Skip MFA for a single public IP

MagicMarker
Copper Contributor

‎May 29 2020 01:34 PM - last edited on ‎Jan 14 2022 04:31 PM by

‎May 29 2020 01:34 PM - last edited on ‎Jan 14 2022 04:31 PM by

Skip MFA for a single public IP

I want to skip MFA from one of our Remote App servers on our network. I will create a NAT for all inbound and outbound traffic for the Remote App server to use a specific public IP address. I have added the public IP address with /32 subnet in the multi-factor authentication service settings. Do I also need to setup a conditional access policy to bypass anything in this trusted ip section?

5,902 Views
0 Likes
1 Reply
Reply
1 Reply
best response confirmed by MagicMarker (Copper Contributor)
vas_ppabp_90

‎May 29 2020 05:39 PM

‎May 29 2020 05:39 PM

Solution

Re: Skip MFA for a single public IP

Generally you can complete this within the CA policy, its one of the conditions.

You can either specify a Named Location or just use the MFA Trusted IP list.

Also, would suggest configuring locations.

 

CA Policy -> Conditions -> Locations -> Configure "Yes" -> Include "Selected Locations"/Trusted Locations"

Depending on licensing requirements and capabilities, if Azure P1 is accessible, would suggest going down the path of Azure MFA opposed to the so called O365 MFA.

0 Likes
Reply
1 best response

Accepted Solutions
best response confirmed by MagicMarker (Copper Contributor)
vas_ppabp_90

‎May 29 2020 05:39 PM

‎May 29 2020 05:39 PM

Solution

Re: Skip MFA for a single public IP

Generally you can complete this within the CA policy, its one of the conditions.

You can either specify a Named Location or just use the MFA Trusted IP list.

Also, would suggest configuring locations.

 

CA Policy -> Conditions -> Locations -> Configure "Yes" -> Include "Selected Locations"/Trusted Locations"

Depending on licensing requirements and capabilities, if Azure P1 is accessible, would suggest going down the path of Azure MFA opposed to the so called O365 MFA.

View solution in original post

0 Likes
Reply