Hey everyone, I need some advice on connecting to a public website from a static public IP address. In the office, this is easy, but my team working from home is hitting a wall. We use Microsoft Global Secure Access (GSA), but it looks like we can't set a fixed IP with Microsoft Entra Internet Access. What options do we have? Is there a reliable proxy service for businesses? I'm also considering a full VPN solution, but that might not play well with GSA. I just want to make sure we can meet the requirements for a static "public" IP address. Any thoughts?
5 Answers
Not to sound confused, but I’m not entirely sure what you mean by connecting "from" a static IP. Are you talking about internal IPs or public ones?
Yeah, it seems like services like NordLayer or Perimeter 81 could really help you. Let’s hope they can work well with Microsoft GSA. It’s 2025 and finding sites without 2FA is wild, and whitelisting is the only option on the table.
It sounds like the service you want to connect to requires a specific public IP that needs to be whitelisted. What we've done in the past is set up a VPN and managed the traffic through a firewall policy, using NAT rules to make sure the source IP is the one expected by the service.
This seems like a security requirement to me. I personally set up virtual full clone VMs for users to log in. This way, they can connect to the resources needing a specific static IP and MAC address. It meets both the external requirements and adds a layer of security on my end.
We're only going this route because there's no 2FA option need at their end. Other clients have been fine without such security. They do offer whitelisting, which is what we're looking at. For remote workers, we just need to figure out the best way to route traffic.
Hey, I’m looking to connect from a static "public" IP. I get it's a weird requirement nowadays, but that's what we're dealing with.