question

KotiWarthen-8670 avatar image
0 Votes"
KotiWarthen-8670 asked KotiWarthen-8670 commented

Email Access has been blocked message on Google Fi VPN

Hi,

I set up a tenant with a M365 Business Basic account and a personal domain the other day, and set up my Exchange mailbox on my Android phone.
I received an e-mail this evening from Microsoft alerting me that Access to my Email has been blocked
"You are receiving this message because your IT department has blocked your email access. This could be due to temporary conditions, like your network location.
Contact your IT department with any questions about this mail."
I am the IT department.

I suspect this has to do with having the Exchange Mailbox configured on my Android Phone, which connects to the internet through an always-on Google Fi VPN, which places my location, generally, in New York, whereas my laptop login will appear to be from a different state in Northern New England.

I searched through the Security, Compliance, and Azure AD admin centers and I could not find any sign of this event being logged. Web searches also did not turn up any useful results about this specific problem, though I can't believe I'd be the first person to have it.

I am concerned this is going to keep happening with my account, or with new user accounts which may also get added on Google Fi Android devices. I expect that disabling Security Defaults might disable whatever security feature caught this "suspicious" traffic, but I'd rather find a way to fix this issue permanently without disabling security defaults.

Any help appreciated. Thanks!

azure-security-center
· 5
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hi,
This error message seems to be resulted from Azure settings, if you confirm that, I could add azure-security-center tag for you.

0 Votes 0 ·

That makes as much sense as anything else. I've added the tag myself, thank you.

0 Votes 0 ·

@KotiWarthen-8670 Thanks for reaching out. This seems to be a message from Azure AD. Are you using conditional access and Azure AD identity protection or Microsoft 365 Defender ?
We have anomalies detection in built which can block you if the location changes.
What license do you have in AAD ? AAD P1 or P2 ? We can go through this if you can help us with these few questions.

You can also check on https://security.microsoft.com/restrictedusers to see if you can see the user listed and cause of listing. Depending on where you see the user restricted list, you can take action.

0 Votes 0 ·

Thanks!

Settings should be consistent with Microsoft security defaults.

License is 0365 Business basic, so whichever AAD license would be included in that. Is that helpful?

I will check where you suggest and follow up.
Thanks again

0 Votes 0 ·

@KotiWarthen-8670 Let us know if you find something. We can take this offline if none of the above helps to take a deep dive.

0 Votes 0 ·

0 Answers