We have a customer that is looking to add multifactor authentication, but they only want it to apply to users coming from outside their network. So if a user is at therir office (inside the domain network), they are not prompted to use multifactor, but if they are accessing while away from the office (outside the domain network), they do use multifactor authentication.
We would like to request that the multifactor be controlled by the LFDSSTS so that they can turn it on or off based on which LFDSSTS server you are authenticating with.