Unable to Access Azure VM via RDP – Suspected Endpoint Security Blocking (ESET)

Question

Unable to Access Azure VM via RDP – Suspected Endpoint Security Blocking (ESET)

Ilya Mirolyubov 0

I am currently unable to access my Azure Virtual Machine using Remote Desktop (RDP). The connection attempt fails consistently, and I receive connectivity-related issues when trying to establish the session.

Based on troubleshooting, I suspect that ESET Endpoint Security installed on the VM may be blocking RDP access (TCP port 3389).

Please assist in verifying whether RDP (port 3389) is being blocked at the VM or network level
Guidance on how to bypass or temporarily disable ESET protection to allow RDP access

Thank you.

Jilakara Hemalatha 11,860 Reputation points Microsoft External Staff Moderator

2026-04-01T16:57:35.0866667+00:00

Hello Ilya Mirolyubov

Just checking if above provided information was helpful! Please let me know if you have any queries.
Nikhil Duserla 9,690 Reputation points Microsoft External Staff Moderator

2026-04-14T10:33:55.4866667+00:00

Hello @Ilya Mirolyubov ,

Are you still facing the issue? If yes, please follow the steps below:

Firstly, Check CPU Utilization>>Navigate to the VM’s Monitoring section.>>Review the Average CPU Utilization metric.

Check whether the CPU usage is consistently reaching a high threshold. If so, consider resizing the VM and then verify whether you are able to access it.

Verify Firewall Configuration. Ensure that the required firewall ports are enabled. If the firewall is enabled and the issue persists, temporarily disable it for testing purposes and check whether VM access is restored.

Test with a Different Network. Try accessing the VM using a different network connection. In some cases, the ISP/network provider may restrict or impact VM connectivity.

Kindly share the exact error message or screenshots/snippets of the issue via private message for further analysis.

Alternative Recovery Options. You may take a snapshot of the OS disk and create a new VM from that disk to preserve the same data.

Alternatively, you can create a recovery VM, attach the affected OS disk to it, and then swap the OS disk back to the original VM if required.

Please refer to this link: https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/windows/cannot-connect-rdp-azure-vm

Please let me know the outcome after performing the above steps, and I will be happy to assist.

1 answer

Your answer

Jilakara Hemalatha 11,860 Reputation points Microsoft External Staff Moderator

2026-04-01T16:57:35.0866667+00:00

Hello Ilya Mirolyubov

Just checking if above provided information was helpful! Please let me know if you have any queries.
Nikhil Duserla 9,690 Reputation points Microsoft External Staff Moderator

2026-04-14T10:33:55.4866667+00:00

Hello @Ilya Mirolyubov ,

Are you still facing the issue? If yes, please follow the steps below:

Firstly, Check CPU Utilization>>Navigate to the VM’s Monitoring section.>>Review the Average CPU Utilization metric.

Check whether the CPU usage is consistently reaching a high threshold. If so, consider resizing the VM and then verify whether you are able to access it.

Verify Firewall Configuration. Ensure that the required firewall ports are enabled. If the firewall is enabled and the issue persists, temporarily disable it for testing purposes and check whether VM access is restored.

Test with a Different Network. Try accessing the VM using a different network connection. In some cases, the ISP/network provider may restrict or impact VM connectivity.

Kindly share the exact error message or screenshots/snippets of the issue via private message for further analysis.

Alternative Recovery Options. You may take a snapshot of the OS disk and create a new VM from that disk to preserve the same data.

Alternatively, you can create a recovery VM, attach the affected OS disk to it, and then swap the OS disk back to the original VM if required.

Please refer to this link: https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/windows/cannot-connect-rdp-azure-vm

Please let me know the outcome after performing the above steps, and I will be happy to assist.

Answer 1

Hello IIya,

Thank you for your patience. Based on the details provided, your Azure VM is reachable at the platform level. The RDP connectivity failure is most likely caused by ESET Endpoint Security blocking inbound TCP port 3389 at the guest OS level, even when Azure NSG rules are correctly configured.

Please follow the steps below in order to isolate and resolve the issue.

Before touching the VM, confirm that the Azure network layer is not blocking RDP.

Go to Azure Portal → Virtual Machines → Your VM → Networking → Inbound port rules
Confirm an Allow rule exists for TCP port 3389 with a lower priority number than any Deny rule.
Use Network Watcher → IP Flow Verify to test if the NSG or UDR is dropping traffic before it reaches the VM

Reference: network traffic with a network security group

Since RDP is unavailable, use Azure Run Command to run PowerShell directly inside the VM:

Azure Portal → Virtual Machines → Your VM → Operations → Run Command → RunPowerShellScript

Begin by verifying that the Remote Desktop service is running using:

Get-Service -Name TermService

If the service is not running, start it and set it to automatic:

Start-Service -Name TermService

Next, ensure that RDP connections are enabled in the operating system:

Set-ItemProperty -Path 'HKLM:\SYSTEM\CurrentControlSet\Control\Terminal Server' -Name "fDenyTSConnections" -Value 0

You should also verify that Windows Firewall is allowing RDP traffic. This can be done by enabling the default Remote Desktop rules:

Get-NetFirewallRule -DisplayGroup "Remote Desktop"
Enable-NetFirewallRule -DisplayGroup "Remote Desktop"

If needed, you can explicitly allow port 3389 using:

New-NetFirewallRule -DisplayName "Allow RDP 3389" -Direction Inbound -Protocol TCP -LocalPort 3389 -Action Allow

Confirm port 3389 is listening:

netstat -an | findstr 3389

Please refer below documentation clearly to resolve the issue:

Azure VM Guest OS firewall is blocking inbound traffic

Additionally, Azure provides alternative access methods when RDP is unavailable. You can use Serial Console to directly access the VM and execute commands: https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/windows/serial-console-windows

You may also review Boot Diagnostics to check VM boot status and screenshots for any OS-level issues: https://learn.microsoft.com/en-us/azure/virtual-machines/boot-diagnostics

Since ESET Endpoint Security is installed, it is important to validate whether it is blocking RDP traffic. You can check the related services:

If RDP is still blocked after enabling Windows Firewall, ESET Endpoint Security is likely enforcing its own firewall / IDS rules on port 3389.

From Azure Run Command, run:

Get-Service | Where-Object {$_.DisplayName -like "*ESET*"}
Stop-Service -Name ekrn -Force

After this, please test RDP connectivity again. If access is restored, this confirms that ESET is blocking port 3389. In that case, you will need to allow inbound TCP port 3389 in the ESET firewall as per:

If the issue persists, you may use the “Reset configuration only” option under the VM Help section in the Azure Portal to restore default RDP settings.

Please find below documentations for detailed troubleshooting steps.

https://learn.microsoft.com/en-us/troubleshoot/azure/virtual-machines/windows/guest-os-firewall-blocking-inbound-traffic

Hope this helps! Please let me know if you have any queries.
Additionally, could you please check private message and provide necessary details

Share via

Unable to Access Azure VM via RDP – Suspected Endpoint Security Blocking (ESET)

1 answer

Your answer