Reputation: 9318
Azure ARM VNET: How to restrict RDP access to a specific set of IPs
I have 12 VMs defined in a Resource Groups. I need to restrict the RDP access to all of the12 VMs to a set of Internet IP addresses (about 28 of them)
What would be easiest way (or most efficient way) to fulfill this requirements?
Upvotes: 1
Views: 818
Answers (1)
Reputation: 26324
Apply the same Network Security Group that filters RDP on all Subnets containing the VMs.
If you need to white list additional IP addresses you edit things in one place, the NSG.
https://azure.microsoft.com/en-us/documentation/articles/virtual-networks-nsg/
Edit: MFA is also nice to have. I would actually lean towards that as an answer to your question. While the attack surface is larger, the management is easier, things are much more flexible for the end user and the attack difficulty is high to very high.
Upvotes: 1
Related Questions
- IP Restriction on Azure WebApp from ARM (Azure Resource Manager)
- How to restrict internet access to a subnet, and allow from only another subnet of the same vnet?
- How to allow access from certain IP to certain endpoints in Azure?
- Azure Resource Manager IP Security Restrictions using Powershell
- Whitelisting specific IP Addressess with Azure Network Security Groups
- Lock down access to Azure VM to specific IP
- How to Restrict RDP Access in an Azure PaaS Cloud Service
- ReservedIPs for Azure VMs in a single VNet/subnet
- Windows Azure - restricting the IP address rage to access a WebRole
- Linux Virtual Machine at Azure - how to apply IP restriction