Step 3: Configure Azure Active Directory Conditional Access
This article describes how to integrate Azure Directory with Conditional Access with Axis Cloud.
Prerequisites
Before you begin:
- Add an Office 365 Application with Conditional Access on Axis Cloud
- Apply a rule to the Office 365 Application with Conditional Access
See also About Office 365 Applications with Conditional Access.
To configure Azure Active Directory Conditional Access:
- In the Azure Admin UI, configure Azure Active Directory Conditional Access at https://portal.azure.com.
- Go to Azure Active Directory Security define Named Locations.
![azure1.png 1398](https://files.readme.io/95be866-azure1.png)
- In the Updated location (IP ranges) section, click the + sign to add the IP address(s) of the Axis Connector (s) as part of the trusted location.
Note
You typically deploy 2 or more Axis Connectors. Usually, all the connectors go through the same public IP address.
- Click Save.
- Go to the Azure Active Directory Security > Conditional Access screen.
![azure2.png 1396](https://files.readme.io/5431c54-azure2.png)
- Go to the Security > Policies screen, click the policy you created for conditional access. In this example, the policy name is O365 AVD Source IP Restriction.
The Conditional Access | Policies screen is displayed.
![azure3.png 1390](https://files.readme.io/2a63c88-azure3.png)
![azure4.png 1578](https://files.readme.io/5c73edc-azure4.png)
- Click the new policy to view the policy.
- Configure access controls using the Exclude option, to exclude the Axis Connectors from being blocked.
![azure_new_policy.png 2106](https://files.readme.io/644bca5-azure_new_policy.png)
- Make sure to select the Named Location configured in step 6 is added as Exclude under the Conditions. This essentially only allows traffic from the Axis Connector.
![axure5.png 1228](https://files.readme.io/8ae59ae-axure5.png)
- Save your configuration.
- Next Steps: Verify that the Office 365 deployment is Working
Verify that the Office 365 deployment is Working
To verify that your Office 365-related domains are being being routed by the Axis Client to Axis Cloud
being routed by the Axis Client to Axis Cloud::
- Open the Axis Client.
- Go to Debug Tools and enter your password.
![verifyoffice1.png 854](https://files.readme.io/34f415c-verifyoffice1.png)
- Go to the Advanced > Stats > DNS screen to verify that the following Office 365 domains are being routed by the Axis Client to Axis Cloud:
- login.microsoftonline.com
- login.microsoft.com
- login.windows.net
![verifyoffice2.png 1142](https://files.readme.io/01f5c16-verifyoffice2.png)
Updated over 2 years ago