question

PhilippM-3277 avatar image
0 Votes"
PhilippM-3277 asked ·

Skip MFA with public on-prem server > Is there a known ip-range from Microsoft to limit the access in our firewall for our server??

Hello,

all our users have MFA enable. We are considering a new add-on for our on-prem crowd server (which we use for our authentication for the atlassian applications).

The requirement is to make the server public and to add the public ip to the cloud based mfa settings.

"In this scenario, users with Azure AD MFA enabled will authenticate to your Atlassian applications by entering only their Office 365 username and password in the login forms of those applications. Users will not be asked to enter any other authentication factor response. This is made possible by adding your Crowd server's public IP address to the list of trusted ips in Azure AD MFA settings."

Is there an MS ip-range which we can add into our firewall-settings to limit the access?

Thanks and regards, Philipp

azure-ad-multi-factor-authentication
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

1 Answer

michev avatar image
0 Votes"
michev answered ·

I think you're going the wrong way about this, the information you've pasted above mentions adding the public IP of the Crowd server to the known/trusted IPs in AAD: https://account.activedirectory.windowsazure.com/usermanagement/mfasettings.aspx Alternatively you should be able to use the Named location condition, if you are enforcing MFA via CA: https://portal.azure.com/#blade/Microsoft_AAD_IAM/SecurityMenuBlade/NamedNetworks

In case you do need to whitelist MS ranges, the list is under #56 here: https://docs.microsoft.com/en-us/office365/enterprise/urls-and-ip-address-ranges?redirectSourcePath=%252fen-us%252farticle%252fOffice-365-URLs-and-IP-address-ranges-8548a211-3fe7-47cb-abb1-355ea5aa88a2#microsoft-365-common-and-office-online

· Share
10 |1000 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.