Azure Bastion – An alternative for virtual machine access

Azure Bastion offers an alternative to securely RDP to Azure virtual machines through Azure Portal without enabling RDP over a public IP. Being able to access VMs that are not directly accessible from the public internet is great.

Important Notes:

  • Azure Bastion is deployed per Virtual Network and not at the subscription level. If you are working with multiple VNets then you will need to configure Bastion for each one.
  •  Bastion requires a subnet named “AzureBastionSubnet” and the subnet needs to be at least /27 or larger.
  • VMs need to be in the same VNet and region as Bastion resource.

How to Configure

  • Access Azure Portal
  • Click Create a resource
  • Search for Bastion
  • Click Bastion

  • Click Create

  • Enter details required for creation
    • Resource Group – Select an existing resource group or create a new one that Bastion will be deployed to.
    • Name – Enter a name for Bastion instance
    • Region – Select Azure region for the Bastion instance to be created in
    • Virtual Network – Select an existing VNet or create a new one. Remember the VNet Bastion is deployed in needs to be the same one used for the VMs
    • Subnet – Bastion requires a subnet named “AzureBastionSubnet” and the subnet needs to be at least /27 or larger. If previously created select the subnet if not , click manage subnet configuration  and create the required Subnet
    • Public IP Address – This is the public IP address for the Bastion resource , either create a new one or use an existing
    • Public IP Address Name – If creating new public IP enter a name for the resource
    • Public IP address SKU – this setting is defaulted to Standard and cannot be changed
    • Assignment – Prepopulated to static

  • Click Review + create
  • Click Create once Validation Passed
  • Wait for deployment to complete

How to access Virtual Machine using Bastion

  • Navigate to the Virtual Machine in the Azure Portal
  • Click the Connect link

  • On the Connect to Virtual machine panel click Bastion
  • Enter the user name and password
  • Click Connect

 

  • a new tab will open with an RDP session that you will use to interact with the virtual machine.

You can find more information on Azure Bastion from Microsoft here and here

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s

Create a website or blog at WordPress.com

Up ↑