Can SharePoint Online blocks access and redirect traffic to a specific domain based on the network location

Question

Hi,

After searching

• Instantly how to redirect the specific user to a different page in SharePoint online in 2 steps?
• Control access to SharePoint and OneDrive data based on network locationControl access to SharePoint and OneDrive data based on network location
• Set a location-based policy in the new SharePoint admin center

  Note: It can take up to 15 minutes for these settings to take effect.

• Microsoft.Online.SharePoint.PowerShell - Set-SPOTenant Examples EXAMPLE 1 (PowerShell)

    Set-SPOSite -Identity https://contoso.sharepoint.com/sites/team1 -LockState NoAccess
    Set-SPOTenant -NoAccessRedirectUrl 'https://www.contoso.com'
  

  This example blocks access to https://contoso.sharepoint.com/sites/team1 and redirects traffic to https://www.contoso.com.
• SharePoint online Public website to redirect to the custom domain name asked Jun 13, 2014 at 6:46

Does SharePoint Online support that,

When a SharePoint Online (https://contoso.sharepoint.com) is configured to be only accessible from IP (assumed 1.2.3.4)

• If a user from 1.1.1.1 (assumed) tries to access to https://contoso.sharepoint.com, including all sub-path it will be redirected to https://www.contoso.com, carrying all original query parameters (i.e. URL rewriting works like https://nginx.org/en/docs/http/ngx_http_core_module.html#location)
• If a user from 1.2.3.4 (assumed) tries to access to https://contoso.sharepoint.com, it is allowed to direct access without any traffic redirection.

Or is there some approaches to implement this function.

Thanks?

 

Answer 1

Hi @kekkou,

Hope everything is going well.

First question about whether you redirect can carry the test of redirection:

In SharePoint Online, when you block access to a site and set a NoAccessRedirectUrl, the original request parameters are not carried over to the new URL. Redirection is the default behavior that SharePoint is designed for, and we can't interfere with this redirection.

Secondly about allowed network IP addresses not being redirected:

According to the information you provided and the research I have done, I may understand that you seem to want non-allowed IP addresses to be redirected to other domain when accessing SharePoint and allowed IP addresses not to be redirected when accessing it. If there is anything wrong, please correct me.

However, SharePoint only supports settings related to access based on network addresses without redirection.

Based on the results of our internal testing, -NoAccessRedirectUrl does set the redirect address for no access, but the -LockState NoAccess we set before using it will disable all users from accessing the site, including administrators.

If you position to redirect traffic to a specific domain, it may be advisable to use some network-level tools such as DNS or a firewall.

Since we lack information about these network level settings, if you have questions about this you can ask in the relevant forums. Please kindly notice that I am always on standby to support you. If there is anything else I can do for you, please do not hesitate to reach me.

---

If the answer is helpful, please click "Accept Answer" and kindly upvote it. It will be beneficial to more community members reading here. Your contribution will be highly appreciated.