VPN Gateway and what next

Question

Hello Guys,

i need help. I have search a few days about working with the VPN gateway.
I have connected succesfully my Computer to the virtual gateway on azure.
But now i can't go further. I have some VM on azure created some time ago.

I will only allow connection that comes from the gateway with the vpn connection.
All other should be blocked.

Can somebody tell me how i can do that?

Sorry for the question but i am a total newbie in VPN.
Maybe there is an other way to secure my VM's!

Many thanks in advance and regards,
Andreas

Answer 1

Hello @Schneider, Andreas , Welcome to the Microsoft Q&A forum.

As per my understanding of the question. You have successfully set-up a P2S VPN connection and now you want to set up a mechanism where only the users connected by the VPN can RDP into the VMs. Please correct me if my understanding is wrong.

This can be achieved by modifying the RDP rule associated with VM's NSG. You can do that by following the steps mentioned below.

1. Validate your P2S connectivity and check if you have received an IP address from the Point-to-Site VPN Client Address Pool that you specified in your configuration.
2. Initiate an RDP connection to the VM using its private IP address and validate the connectivity. If VMs are present in different Vnets and they are not peered, you can follow this thread to establish connectivity.
3. If the connectivity above is successful, locate the RDP rule within your NSG and modify it to only allow the Point-to-Site VPN Client Address Pool as the source address for RDP connection as discussed here.
4. After you have edited the NSG rule, validate the RDP connection once again to see if everything is working as expected.

Hope this helps. Please let me know if you have any additional questions. Thank you!