![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(233.6, 30%, 32%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3EGE%3C/text%3E%3C/svg%3E)
Azure Virtual Machines
An Azure service that is used to provision Windows and Linux virtual machines.
7,114 questions
![](data:image/svg+xml, %3Csvg xmlns='http://www.w3.org/2000/svg' height='64' class='font-weight-bold' style='font: 600 30.11764705882353px "SegoeUI", Arial' width='64'%3E%3Ccircle fill='hsl(300.8, 11%, 39%)' cx='32' cy='32' r='32' /%3E%3Ctext x='50%25' y='55%25' dominant-baseline='middle' text-anchor='middle' fill='%23FFF' %3ETH%3C/text%3E%3C/svg%3E)
Hello George Embaid
Good day!
Firstly, to configure a connection to an Azure virtual machine (VM) only from specific computers, you can use Azure Network Security Groups (NSGs) to restrict inbound traffic to the VM. Here are the steps to configure this:
Create an NSG: In the Azure portal, navigate to the virtual network that contains your VM and create a new NSG. Give it a name and assign it to the subnet that contains your VM.
Create an inbound security rule: In the NSG, create a new inbound security rule that allows traffic from specific IP addresses or ranges. You can specify the source IP addresses or ranges using CIDR notation.
Apply the NSG to the VM: In the VM's network interface, associate the NSG with the network security group property.
Test the connection: Verify that you can connect to the VM from the allowed IP addresses and that you cannot connect from other IP addresses.
Note that if you are using a dynamic IP address, you will need to update the NSG rule each time your IP address changes. You can automate this process using Azure Functions or other automation tools.
Also, keep in mind that NSGs only control inbound traffic to the VM. Outbound traffic is not affected by NSGs. If you need to restrict outbound traffic, you can use Azure Firewall or other network security solutions.
Now, for the connection to the VM
Out of all the available methods, if security is primary concern, you need to use RDP over a VPN: Setting up a virtual private network (VPN) between your local network and the Azure virtual network that hosts the VM is a secure way to connect to the VM. This will allow you to connect to the VM using RDP over the VPN connection. The cost of this method will depend on the type and size of the VPN gateway you choose.
Other options:
RDP over the public internet: This is the simplest and most cost-effective way to connect to an Azure VM. You can use the built-in Remote Desktop Protocol (RDP) client on your local machine to connect to the VM over the public internet. However, this method is not recommended for production workloads as it can be less secure.
For Linux, SSH over the public internet: If you are using a Linux VM, you can use SSH to connect to the VM over the public internet. This method is similar to RDP over the public internet, but it is more secure as SSH uses encryption to protect the connection. However, this method is not recommended for production workloads as it can still be less secure.
Please accept answer and upvote if the above information is helpful for the benefit of the community.