Hi,
You could set up trusted location(s) for the public IP(s) and set your policy to exclude them from MFA. Please see article below for more information:
Using the location condition in a Conditional Access policy
https://learn.microsoft.com/en-us/azure/active-directory/conditional-access/location-condition
NOTE: You cannot use mac address since that isn't visible to Azure AD.
If the above was helpful please click Accept Answer and upvote.
Thanks.
-TP