# Azure (Office 365)
## Prerequisites
* **Assigned roles**: Conditional Access Administrator and Security Administrator
* **Licence**: Microsoft Entra ID P1 or P2
## Step 1
In Azure go to **Conditional access** > **Named locations** > **IP ranges location**.
* Set **Name** + GoodAccess Gateway IP**/32** (example: 11.22.33.44/32)
* Check **Mark as trusted location** and **Create**
_1.PNG?alt=media\&token=dd342371-eddd-46e5-b4c3-ea9e90024c70)
## Step 2
Go to **Policies** > **New Policy**
Choose your **New location** and specify who will have access.
## Step 3
Switch to **Cloud apps or actions** and set restrictions.
## Step 4
Open **Conditions** > **Locations** > **Switch Configure** to **Yes**.
* **Include** - Any location
* **Exclude** - Selected locations
## **Step 5**
Continue to **Grant**, choose **Block access** and **confirm** with **Select.**
Don't forget to set **Enable policy** to **On** before saving the configuration.
_2.PNG?alt=media&token=0692be29-0d97-4dba-9810-ded40f2cb9db)
_3.PNG?alt=media&token=41ede99c-c554-4eeb-897e-7bbc09325c8f)
_4.PNG?alt=media&token=9b786093-5fe8-4e42-984d-007930d751ac)
_5.PNG?alt=media&token=49703019-5129-45ca-82cd-9045dd8a8261)
_6.PNG?alt=media&token=15ef664a-cac4-4aee-a6ef-8ef05282c196)
_7.PNG?alt=media&token=d989ac0a-2cd7-41f7-9fb2-54895790ceda)