Reputation: 1073
What are the prerequisites for remoting into VNet Windows VM using Azure Bastion?
Are there any prerequisites (nsg rules / firewall rules) required for RDP'ing into a VNet Windows VM (private IP only) using Azure Bastion? What ports does it use? Does it use a P2S VPN IP?
Upvotes: 1
Views: 191
Answers (1)
Reputation: 1502
You don't need to open any ports in NSG for your VM in the VNET for Azure Bastion. The traffic flow is as follows:
Client from Portal via HTTPS --> Azure Bastion in the VNET --> Translates HTTPS to RDP session and forwards the traffic to VMs within the same VNET with Private IP. So, from the VM's perspective the traffic will be coming from Azure Bastion Instance IP addresses.
You don't need to make any changes to your environment. You can just add Bastion to your VNET and you can RDP to the VMs without Public IP from portal.
Upvotes: 2
Related Questions
- How can i login to VM using Azure Bastion Host Other than Azure portal web based SSH?
- Is Azure Bastion able to connect via transitive peering?
- Azure Bastion for Hybrid Cloud Environment
- How to RDP to my Azure VM with no public IP or Bastion Host
- Unable to connect through virtual machine via Azure Bastion
- Concurrent Azure Bastion Sessions
- How to use Windows key shortcuts in Azure bastion connection to remote Windows VM?
- Get Bastion Shareable Link REST api results into an error
- Azure Bastion - access VMs across peered networks?