Block external access

Hi,

We installed a Gitlab on our local network.

With a reverse proxy our Gitlab is accessible from the outside.

But we would like the accounts of our collaborator (LDAP) cann’t connect from outside but only when they are local (on local they don’t use the reverse proxy) and that only certain accounts then connect as much locally as from outside.

For simplicity, is it possible to block access to Gitlab when an account connects by a specific IP, in this case the IP of the reverse proxy ?

Thank