Hi @Andreas
If you want use Entra ID (Azure AD) and MFA , the service must be hosted in Entra. You cannot use Entra ID and MFA accounts to access a service installed on on premise server. This configuration may be possible only with: Using Microsoft Entra application proxy to publish on-premises apps for remote users.
You can test this feature it may be a solution for your case.
Please don't forget to accept helpful answer