These steps show an example of how to allow/block specific countries/locations from the Conditional Access policy and are based on a policy that BEMO deploys to each tenant during the Identity Protection implementation: Block Traffic from Outside the US.
Traffic Not Allowed From is the Named Location used in the Conditional Access Policy Block Traffic from Outside the US.
Changing the list of countries included in this list will change the countries from which the users can connect.
If you add a country to the list, it will block the sign-ins. If you remove the country from the list, it will allow the sign-ins.
Here are the steps:
- Head over to https://portal.azure.com/ and log in with your Admin account
- Go to the Microsoft Entra ID page
-
On the left menu, select the Security Page
-
Click on Conditional Access
-
On the left menu, go to Named Locations
-
Click on the policy "Traffic Not Allowed From"
-
As a default, the countries will be checked (Note: These boxes being checked means that traffic is not allowed from those places)
-
Search for the country that you want to allow/exempt from the Conditional Access policy
-
Uncheck the box from that/those countries and save
-
Now, the traffic from unchecked countries is allowed
-
You can do this process as well for blocking countries. Simply check the box of the countries you want to block the access from.
If you have any further questions, please contact us at support@bemopro.com
Comments
0 comments
Please sign in to leave a comment.