ADFS Claims Rules Help for MFA

Currently I'm working on building a lab however I noticed when im external and hit login.microsoftonline.com i get no MFA prompts for:

Set-AdfsRelyingPartyTrust -TargetRelyingParty $rp -additionalauthenticationrules 'exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"]) && exists([Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid", value == "s-1-5-21-13664088-3370380461-338043368-14102"]) && exists([Type == "http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork", value == "true"]) => issue(type = "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod", value = "http://schemas.microsoft.com/claims/multipleauthn");'

Notice True is Bolded

But when i change it to false:

Set-AdfsRelyingPartyTrust -TargetRelyingParty $rp -additionalauthenticationrules 'exists([Type == "http://schemas.microsoft.com/2012/01/requestcontext/claims/x-ms-proxy"]) && exists([Type == "http://schemas.microsoft.com/ws/2008/06/identity/claims/groupsid", value == "s-1-5-21-13664088-3370380461-338043368-14102"]) && exists([Type == "http://schemas.microsoft.com/ws/2012/01/insidecorporatenetwork", value == "false"]) => issue(type = "http://schemas.microsoft.com/ws/2008/06/identity/claims/authenticationmethod", value = "http://schemas.microsoft.com/claims/multipleauthn");'

Then it prompts me for MFA.

ALso i want to be able to exclude users using ActiveSync. So if an ActiveSync user comes through then do not prompt for MFA