To set up MFA conditional access policies for your Azure account, you will need to ensure that you have the appropriate permissions and that your account is upgraded to a tier that supports conditional access policies. Here are the basic steps to create conditional access policies:
- Upgrade Your Entra ID: Since you mentioned being on the basic tier, you will need to upgrade to a tier that supports conditional access policies. This is typically the Premium P1 or P2 tier.
- Sign In to Microsoft Entra Admin Center: Use an account that has the role of Conditional Access Administrator. If your current Azure account email is not recognized, you may need to create a new account or ensure that your existing account is properly set up.
- Navigate to Conditional Access: Once signed in, go to Protection > Security Center > Conditional Access.
- Create a New Policy: Click on + New policy and then select Create new policy. Give your policy a meaningful name.
- Configure Assignments: Under the Assignments section, select Users and groups. You can choose specific users or groups to which the policy will apply.
- Select Cloud Apps: Under Cloud apps or actions, select the applications that the policy will apply to, such as the Azure VPN Client app.
- Set Access Controls: Under Access controls, select Grant and choose Require multifactor authentication.
- Enable the Policy: Finally, make sure to enable the policy by selecting On and then click Create to apply the policy.
If you are facing issues with your Azure account being unrecognized, consider reaching out to Microsoft support for assistance on account setup and permissions.
References: