How to use Azure Bastion to connect securely to your Azure VMs | Azure Friday
HTML-код
- Опубликовано: 10 сен 2024
- Using a bastion host can help limit threats such as port scanning and other types of malware targeting your VMs. Ashish Jain joins Scott Hanselman to show how Azure Bastion gives you secure and seamless RDP and SSH access to your virtual machines. Now you can securely access your VMs over SSL from the Azure portal and without exposing public IP addresses.
Azure Bastion overview
aka.ms/azfr/58...
Azure Bastion docs
aka.ms/azfr/58...
Deploy Azure Bastion in an Azure Virtual Network (sample ARM template)
aka.ms/azfr/58...
Create a free account (Azure)
aka.ms/azfr/58...
#microsoft #microsoftazure
Great explanation guys. Very easy to follow, even 2.5 yrs later :)
I really like Azure Fridays, keep up the great work guys!
Does Bastion only support RDP/SSH, or can I also connect to a HTTPS webpage through it?
Can you run this in dual monitor mode? If not, the users won't accept it.
if i pay for the azure bastion service i need to pay for a SSL Certificate for my RDWeb/RDGW Server? or it is enought with the azure bastion?
Any way we can access from my desktop thru internet to private subnet linux machine VNC server GUI via bastion windows machine... ANY HELP is APPRECIATED.
Good Explanation. Really helpful..
When will AAD authentication be supported? Right now only local VM credentials only are supported which does not satisfy most if not all organizations and requirements to use domain trusted connections.
Hey there! AAD support is something the team is working towards as part of the roadmap, but we don't have any specific time frame that we can share on its release at this time.
The main security risk is on the Bastion having to allow SSH and RDP access on its public IP. Is there a way to restrict the Bastion to only be accessible using a private IP? Or perhaps does Azure Private Link an option to access the Bastion resource?
Absolutely stunning ! Thanks
Really good and informative
We are getting only the CLI interface.What about GUI interface of the server access.
part of our roadmap.
Hello can you tell me if Windows VMs from Azure supports hyper-v? If not, there is any change to connect more than one VM in network? Thanks.
Hey there João! This certainly seems possible. Have a look at the documentation we have available here for more details. msft.it/6058TW1Gg
Thanks a lot. It was useful and clear.
Sir pls. Tell me , for ex. In a company 50 employees are how will they work in azure.
It sounds interesting, might try it sometime.
Can you copy paste files as in normal RDP?
The configuration part is missing.
Indeed you assign static IP to bastion and then if that IP has been compromised, all VMs would be accessible?!
Hi, Microsoft ..i'm a Student and i'm using the windows to connect LinuxVm and followed up until last step ...
Where he types ls ..then how is the VM starts ?
Hello. To clarify, the Virtual Machine had already been started prior to the demonstration for using Azure Bastion to login. If you need assistance with connecting the VM, please take a look at this guide. msft.it/6054VRWHO
@@MicrosoftAzure thank you Ms Azure i have tried that and followed but still facing same issue and i have raised the question..awaiting Azure Bastion expert suggesions on Azure Q/A.
Thanks for letting us know. To clarify, are you saying that you have an open support ticket, or have asked this question on a forum?
@@MicrosoftAzure Actually i went over to Twitter Azure and they advised me to go with Q/A in forum..but can you tell me how i shd raise support ticket.
Thanks for clarifying. Our @AzureSupport team on Twitter is able to route in the same direction. The Q&A forum is another place to find support, if you don't have a support plan. Here's how to file a support ticket, if you have an active plan. msft.it/6058VRtvi
does it allow to access to all VMs in the VNET?
Hi there, Antonio! Azure Bastion manages connectivity to all VMs deployed in the local and peered VNET(s). More info: msft.it/6058Z7Rjk
Realy very very good! But, version for connect directly from desktop?
Nice
Thanks Folks
can we access Bastion through Azure Ad users
Hey there Rajiv! Right now this is not a supported feature, however this is something that is currently on the roadmap! Keep an eye out on the Azure updates page for the latest updates: msft.it/6058TsGHY
i have a azure ad but forgot the password
Did not show the How to part
Why is it so quiet?
Wow
Need to update this video. As it is, not useful at all.
Is it free?
I assume MS going to dump Bastion entirely :). there is no integration with AAD and MFA so not a solution and stone age technology
It is very costly service and there should be pause option for this service when not in use.
is this feature free?
Always understood "Bastian", which is a douchebag name IMHO. However, Bastion sounds like a great solution!
They don't even show you how to configure the darn thing.
Azure documentation website is a goldmine, use it. docs.microsoft.com/en-us/azure/bastion/
no how to
GRRRRRRRRRRRRR Unable to use keyboard shortcuts ....
jump boxes and public IPs haven't been a thing for a long time in cloud. i thought this was an old video until I saw the date. use a vpn. this video is not a best practice. hell, an authenticated socks proxy is more flexible than this. forcing ops teams to use a web browser for an ssh session? get real.
All these are fake solutions. Make a real tool, like Vmware Remote Console!..
No that impressed. All I need to do is look at AWS and they will have the same thing but from many moons ago. Talk about catch up MS.
Can we use Azure bastion to ssh Routers and switches?
Hi there! Are your SSH routers and switches reachable from your virtual network at this time?
@@MicrosoftAzure yes all in same supernet
Thank you so much. Yes, this is supported. To proceed, you'll need an IP based connection to be turned on. Here is some information that may be useful: msft.it/6052c33wY