How it Works
Conditional Access: Network Trust
In this simulation, you'll experience what it's like to create an IP list, along with a conditional access policy that relaxes MFA requirements for users authenticating to the User Portal from specified IP addresses. Conditional Access Policies are customizable to fit your preferred network trust requirements.
- Navigate to Conditional Lists and click the green plus button.
- Enter a list name and description, if desired.
- Enter IP Addresses using individual addresses or ranges using CIDR notation.
- Click “save” to create the new Office Networks IP List.
- Navigate to Conditional Policies in the left navigation.
- Click the green plus button to create a new policy.
- Enter a policy name and description, if desired.
- In the Assignments section, click “All Users”.
- In the Conditions section, click the “add condition” button.
- Click “IP Address”.
- Click the “IP Lists” dropdown.
- Click the “Office Networks” IP List we created.
- In the Actions section, click “Allow authentication”. Since we are relaxing MFA in this policy, leave “Require MFA” unchecked. Note: To require MFA for users who are NOT on specified networks, confirm your Global Policy by clicking the gear in the Conditional Policies list view.
- Click “create policy” to save.
- Congrats! All users have relaxed MFA when logging into the User Portal from an Office Network.