Reputation: 168
How to configure OpenPorts option for New-AzureRmVm to create VM without default network security group RDP port(3389,5985).
I'd like to create Windows Server VM which has source filtered RDP port using Powershell.
New-AzureRmVM and Add-AzureRmNetworkSecurityRuleConfig partially work for me.
New-AzureRmVM create VM with nsg rule for default RDP port which allow any source. I have to delete them after the script run.
I tried to set -OpenPorts option to $null or None.
Is this possible? Or, any other method to achieve this?
Upvotes: 0
Views: 474
Answers (2)
Reputation: 31424
Unfortunately, it seems you cannot delete the RDP NGS rule through setting the -OpenPorts to $null or None when you create the VM using PowerShell command New-AzureRmVM.
-OpenPorts
A list of ports to open on the network security group (NSG) for the created VM. The default value depends on the type of image chosen (i.e., Windows: 3389, 5985 and Linux: 22).
When you create the windows VM, the default port is opened according to the image type. But you can change the NSG rule to filter the traffic when you creating.
# Create an inbound network security group rule for port 3389
$nsgRuleRDP = New-AzureRmNetworkSecurityRuleConfig -Name myNetworkSecurityGroupRuleRDP -Protocol Tcp `
-Direction Inbound -Priority 1000 -SourceAddressPrefix * -SourcePortRange * -DestinationAddressPrefix * `
-DestinationPortRange 3389 -Access Allow
# Create a network security group
$nsg = New-AzureRmNetworkSecurityGroup -ResourceGroupName $resourceGroup -Location $location `
-Name myNetworkSecurityGroup -SecurityRules $nsgRuleRDP
Set the -SourceAddressPrefix, -SourcePortRange, -DestinationAddressPrefix and the -Access as you want to filter the traffic. For more details, see Create a fully configured virtual machine with PowerShell.
Upvotes: 1
Reputation: 23141
You can change Azure VM default RDP port. For more details, please refer to the blog.
Write-host "What Port would you like to set for RDP: " -ForegroundColor Yellow -NoNewline;$RDPPort = Read-Host
Set-ItemProperty -Path "HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server\WinStations\RDP-TCP\" -Name PortNumber -Value $RDPPort
New-NetFirewallRule -DisplayName "RDP HighPort" -Direction Inbound –LocalPort $RDPPort -Protocol TCP -Action Allow
Upvotes: 0
Related Questions
- Changing ssh port 22 to a custom port in Azure resource group vm
- Unable to connect to Azure VM after changing RDP Port to 443
- Cannot connect to newly created Azure VM
- Disable Network Level Security on my Azure Virtual machine remotely
- Cannot RDP onto Azure VM after Exposing All Ports - Windows Server 2019
- Is it possible to create an Azure VM with open port through Azure API?
- Specifying non-default ports for a VM at the time of VM creation itself
- How to Programmatically Set Up Powershell Remoting on an Azure VM
- Powershell Create a New Windows 10 VM
- Enable PowerShell remoting on new Azure VM