Azure VPN gateway + conditional access to grant access to OneDrive/SharePoint, Teams, O365 Portal

Nicolas vde 1 Reputation point


We are using conditional access to limit access to Office 365 only from the public IP addresses from our office.
By office 365, I mean Exchange Online, OneDrive / SharePoint, Teams.

With a trusted location based on the public IP address of our office it works very well.

I know this is not recommended by Microsoft, we would like to set up a VPN that allows users to still connect when they are at home or traveling.

We tested this with a provider like Nord VPN and a dedicated server with a fixed public IP.
It also works well.

But we would like to stay in the Microsoft universe.

So, we set up an Azure gateway to do P2S connection.
With this, when we are connected to the VPN, our public IP does not change, and the conditional access based on public IP does not work.


  • what we want to do can't work with Azure VPN
  • can you tell me how to configure the gateway so that the public IP of the client who connects to the Azure VPN changes so that we can base our access on it?
  • can you give me another way to configure the conditional access not based on the IP but on the fact that the vpn client is connected?

Thanks in advance

Azure VPN Gateway
Azure VPN Gateway
An Azure service that enables the connection of on-premises networks to Azure through site-to-site virtual private networks.
1,401 questions
OneDrive Management
OneDrive Management
OneDrive: A Microsoft file hosting and synchronization service.Management: The act or process of organizing, handling, directing or controlling something.
1,144 questions
Microsoft Intune
Microsoft Intune
A Microsoft cloud-based management solution that offers mobile device management, mobile application management, and PC management capabilities.
4,460 questions
{count} votes