Unable to connect to azure VM using RDP

In this video we will discuss why you are not able to connect to a virtual machine in azure using RDP (Remote Desktop Protocol) and more importantly how to fix it.

Azure RDP connection failed

You might not have configured an inbound rule for RDP connection. This is one of the main reasons why you are not able to connect to your VM using RDP.

In the Azure portal, on your virtual machine blade (Settings - Connect - RDP tab) you will see the port that is being used for RDP connection.

unable to connect to azure vm using rdp

In this example, the port 3389 is being used for RDP. This port must be opened on your virtual machine for inbound connection. If it's not, you will see the following generic RDP connection failed error.

azure rdp connection failed

Configure Inbound rule for RDP Remote Desktop Protocol

On your VM open the port 3389 for RDP connection. You do this on the Networking tab. Click "Add inbound port rule" button.

unable to rdp to azure vm

Azure VM - Inbound rule for RDP

azure vm inbound rule for rdp

Source : Source is the machine from which you are trying to connect. The value Any, allows any machine on the internet to connect to your VM which obviusly is least secure. You can specify which machines can connect by an IP address, application security group or a default tag. When you specify a range of IP address or a specific IP address, only a machine with that IP address can connect which is far more secure than allowing everyone.

The most important configuration is the Detination port i.e the port on your VM which you want to open for RDP connection. In our example we are opening port 3389.

With this inbound rule, you should be able to successfully connect to your VM using RDP.

Security Risk

RDP port 3389 is exposed to the Internet. This is a security risk and only recommended for testing as hackers constantly scan public cloud IP ranges for open ports. Once they find a port open they attempt attacks using common passwords and known unpatched vulnerabilities.

One way to reduce this vulnerability is by using JIT VM access i.e Just-in-time Virtual Machine access. It basically locks down the inbound traffic to your VM, there by reducing exposure to attacks. We will discuss how JIT VM access works and how to enable it in our next article.

Azure tutorial for beginners

© 2020 Pragimtech. All Rights Reserved.