![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(198.4, 60%, 29%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EK%3C/text%3E%3C/svg%3E)
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(236.8, 4%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EMJ%3C/text%3E%3C/svg%3E)
Hello KarlV86,
Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.
Unfortunately, there is no current configuration setting within Microsoft Entra Internet Access that allows an administrator to force traffic to egress from a specific country's POP to solve a geo-restriction issue. The available solution requires you to apply a policy exclusion (the option you are already considering) or a feature workaround:
Policy Exclusion
- The most practical solution is to exclude the FQDNs or specific IP addresses of the Geo-restricted applications from the GSA Internet Access forwarding profile.
- This forces the traffic for those apps to bypass the GSA tunnel entirely and use the user's local internet connection, ensuring the application sees a local Canadian IP address.
Future Feature (For Microsoft 365 Traffic Only):
- If the application were a Microsoft service, the Source IP Restoration feature would solve the geo-restriction issue by maintaining the original source IP. However, this feature does not apply to generic Internet traffic. more at: https://free.blessedness.top/en-us/entra/architecture/gsa-deployment-guide-internet-access https://free.blessedness.top/en-us/entra/global-secure-access/reference-points-of-presence
Beside all of this, we will recommend you post your feedback in our Azure feedback portal regarding the feature.
https://feedback.azure.com/d365community/forum/22920db1-ad25-ec11-b6e6-000d3a4f0789
This channel is directly monitored by our PM's. They will look into this request immediately and revert back to you directly with an update on this feature.
Hope this somehow helps! Please consider clicking Accept Answer and Upvote. This will help us and others in the community as well. Happy to help!
Regards,
Monalisha