For Google Workspace.
For Microsoft 365.
Question:
How to configure personal devices to be required One-Time Password while accessing from Outside of the Corporate Network?
Answer:
Such settings will be enabled by the following steps;
Set [Pass-cookie] on the company-use PC, and then, set [Pass-cookie] in the [OTP required condition] on the company side system.
* This [company-use PC] means the PC which has experienced logging in with company internal IP address.
1. Go to [Access Policy Group] –> activate [Condition to allow access] -> Set up the requirements as follows;
・Company Internal IP Address
・Permit the entry permission cookie “has_pass:true”
(the address in the red bracket is to be the company internal IP Address)
2. Go to [Domain settings] –> activate [Pass-cookie issue condition] –> specify [company internal IP address] in the issue requirement.
・Company Internal IP Address
3. Go to [Access Policy Group] -> activate [Condition not to require OTP]
Set up the [Condition not to require OTP] as follows;
・Company Internal IP Address
・Permit/grant the entry permission cookie “has_pass:true”
After the above settings;
The OTP will be no longer required to the [PC accessing with the company internal IP address] and/or to the [PC which once has achieved access successfully with the company internal IP address] when they access from outside the office.
On the other hand, the OTP will be required to the [PC which has not yet achieved access with the company internal IP address] and/or [smartphone] when they access from outside the office.