Learn about the ways to connect Virtual machine in Azure

In Azure, there are several methods for connecting to a Virtual Machine (VM), depending on your operating system (Windows or Linux), the configuration of the VM, and the desired access method (GUI vs. command line).

Below are the common ways to connect to an Azure VM.

Remote Desktop Protocol (RDP) for Windows VMs

Method

You can connect to a Windows VM using RDP (Remote Desktop Protocol).

Requirements

1. The VM must have a public IP address or a private IP address with a VPN or ExpressRoute connection if you're connecting from on-premises.

2. Ensure the RDP port (TCP 3389) is open in the Network Security Group (NSG) associated with the VM.

3. Credentials for the VM (username and password).

Steps

1. Get the public IP address of the VM from the Azure portal.

2. Use an RDP client (e.g., built-in Remote Desktop Connection on Windows or Microsoft Remote Desktop on macOS).

3. Enter the VM's public IP and your login credentials (username and password) to connect.

Secure Shell (SSH) for Linux VMs

Method

For Linux VMs, SSH (Secure Shell) is the most common method to connect.

Requirements

1. The VM must have an SSH port (TCP 22) open in the NSG.

2. You need an SSH key pair (or username/password if configured).

3. The VM needs a public IP address, or you need a VPN/ExpressRoute connection for private IPs.

Steps

1. Obtain the public IP address of the VM from the Azure portal.

2. Use an SSH client (e.g., OpenSSH on Linux/macOS, PuTTY on Windows).

3. Run the command to connect:

xxxxxxxxxx
1
1
ssh -i <private-key-file> <username>@<VM-public-IP>

Azure Bastion

Method

Azure Bastion provides secure RDP and SSH access to VMs without needing a public IP.

Requirements

1. The VM should reside in a Virtual Network.

2. Azure Bastion must be deployed within the same Virtual Network or peered with it.

Steps

1. Go to the Azure portal.

2. Navigate to Azure Bastion in the sidebar.

3. Select the VM you wish to connect to and click on Connect.

4. Choose RDP (for Windows) or SSH (for Linux) and provide credentials.

5. A browser-based connection window will open for either RDP or SSH access.

Cloud Shell

Method

Azure Cloud Shell allows you to connect to VMs directly from the browser, using SSH for Linux or RDP for Windows.

Requirements

Cloud Shell is available via the Azure Portal, and you must be signed into your Azure account.

Steps

1. Open Azure Cloud Shell from the Azure portal (the icon is in the top-right corner of the portal).

2. Use SSH to connect to a Linux VM or use the RDP connection command to connect to a Windows VM.

3. Cloud Shell provides a Bash or PowerShell environment for managing Azure resources.

VPN or ExpressRoute (Private Connection)

Method

For greater security or compliance, you may connect to your Azure VMs over a Virtual Network (VNet) using a VPN or ExpressRoute connection.

Requirements

1. A VPN gateway or ExpressRoute must be set up between your on-premises network and your Azure Virtual Network.

2. The VM should be in the same Virtual Network, or the network should be peered with it.

Steps

1. Set up a VPN connection to the Azure VNet from your on-premises network.

2. Ensure network security rules allow access to the VM over the appropriate ports (e.g., RDP for Windows or SSH for Linux).

3. Once connected to the VNet via VPN, you can SSH or RDP directly to the VM using its private IP address.

Azure Serial Console

Method

The Azure Serial Console is a browser-based console that provides low-level access to a VM, even if the VM's network connectivity is not functioning.

Requirements

The VM must be running and have the serial console feature enabled (it is enabled by default for most VM sizes).

Steps

1. In the Azure Portal, go to the VM's Overview page.

2. Click on Serial Console under the Support + troubleshooting section.

3. The console will open in your browser, giving you direct access to the VM for troubleshooting.

Azure VM Access using Managed Identity and Azure CLI/PowerShell

Method

Azure Managed Identity allows a VM to authenticate to other Azure services, but for actual access to the VM itself, Azure CLI or PowerShell can be used to manage or retrieve credentials for the VM.

Requirements

1. Managed Identity should be configured for the VM.

2. Azure CLI/PowerShell tools should be installed and configured with appropriate permissions.

Steps

1. Use Azure CLI or PowerShell to query the VM's credentials.

2. Use these credentials to initiate an SSH or RDP connection.

Third-Party Tools (like Remote Desktop Manager, MobaXterm, etc.)

Method

You can also use third-party tools to manage your Azure VMs.

Requirements

These tools often support RDP (for Windows) and SSH (for Linux) access.

Steps

1. Install the third-party tool of choice (e.g., MobaXterm, Remote Desktop Manager, or Termius).

2. Enter the VM's IP address, credentials, and choose the connection method (RDP or SSH).

Summary

1. Security: Always ensure that you limit access using Network Security Groups (NSGs) and, where possible, restrict access to specific IP ranges or use more secure methods like Azure Bastion.

2. Public IPs:

   • Avoid exposing VMs directly to the internet through public IPs, especially for production workloads.

   • Use VPN or Azure Bastion where possible.

3. Authentication: Use SSH key-based authentication for Linux VMs and strong password policies for Windows VMs.

Each connection method has its use case depending on your environment, and Azure offers a range of tools to securely and efficiently connect to and manage your VMs.