Azure – Azure Bastion is now in public preview

Leave a Comment / Microsoft Azure, Security / By / / Azure, Azure Bastion, Bastion, Security

After being in private preview for few months, Azure Bastion, a new way to remotely access virtual machine on Azure, is now in public preview.

Azure Bastion is a PaaS (Platform as a Service) provisioned within your Azure virtual network allowing you to remotely and securely access your virtual machine using Remote Desktop (RDP) or SSH without the need of either public IP assigned to the VM or VPN connection to Azure Virtual Network.

The below diagram (courtesy Microsoft) shows how Azure Bastion works

image

The public preview is available in the following region

  • West US
  • East US
  • West Europe
  • South Central US
  • Australia East
  • Japan East

You can access Azure Bastion using the preview link https://aka.ms/BastionHost to let you provision the service and then accessing your virtual machine using the Bastion service.

It is important to note that you will be able to access your virtual machines using Azure Bastion only by using web browser; it is planned to allow remote access using Bastion by using the ‘classic’ RDP client or SSH client in a future release.

The preview portal is showing an orange banner; if you don’t see this banner, you are in the regular portal.

Provision Azure Bastion

To provision Azure Bastion you need of course to have a virtual network provisioned and virtual machines attached to it (as you will use Bastion to access them).

First you need to provision a new subnet within your virtual network; this new subnet must be named AzureBastionSubnet and have a /27 prefix.

image

Search for Bastion

image

Then click Add or Create (as this will be the first Bastion service you are provisioning)

image

The creation process is requesting the usual settings (subscription, location), you will have to create a public IP (standard) and select the virtual network on which you have created the AzureBastionSubnet subnet

image

Once Azure Bastion is provisioned you can use to it access your virtual machines

 

Access virtual machine using Azure Bastion

During the preview you need to access the preview Azure portal to get the Bastion access option on your virtual machine (https://aka.ms/BastionHost)

From the preview portal, search for the virtual machine you want to access on Connect

image

In the Connect blade which then will appear, you should see Bastion as connection option

image  image

When using Bastion, you will then be asked to enter your credentials and have the option to use the remote access in a new browser window. Don’t forget turn off pop-up blocker or allow Azure portal to open a new pop-up

image

And there you go, you are now using RDP (or SSH) directly from the web browser

image

 

You can copy/paste text content between the virtual machine and your client. But file transfer is not (yet) possible (in the roadmap).

Related Posts

Leave a Comment

Your email address will not be published. Required fields are marked *


The reCAPTCHA verification period has expired. Please reload the page.