Hi Moses,
As far as I’ve read, tested, or validated it is not yet possible to make a conditional access rule like this yet. However, they have a feature in beta called Duo Trust Monitor which will provide some UEBA functionality that could make this possible in the future. It’s intended as more of a security monitor and alert tool, but in talking with them it could enable other features like what you’re hoping for by Duo being able to tell that over time User A routinely logins in to System B using RDP from Trusted IP C so it would not prompt for MFA, but if he tries for another IP it would.
Anthony