It is possible to deny login's from unrecognised IP addresses. It's a git to set up though.
Instead of IP filtering for security I would go down another 2 factor route such as certificates or a solution like hotPIN
For college you mean student? The user/person loging in?
In an AD environment you can allow a user (or a group of users) in orther that they can only log int in some specific machines. Is this what you’re trying to achieve?
Please give some more details.