How to setup RDP on an Azure VM

Introduction

I wants to secure a Network Traffic to ensure that access to virtual machines is restricted. To do this, I need to:

  • Create and configure network security groups.
  • Associate network security groups to virtual machines.
  • Connect on an Azure virtual machine using RDP
  • Deny and allow access to the virtual machines by using network security groups.

To create a secure network, there are 4 main steps we will take:

  • Create a virtual machine.
  • Create a network security group(NSG)
  • Configure an inbound security port rule to allow Remote Desktop Protocol (RDP)
  • Configure an outbound security port rule to deny internet access

Create a virtual machine(VM).

I want to create a virtual machine.

  1. From the Azure Portal click “All Services”
  2. Click “Virtual Machines”
  3. Click on “Create ” and choose “Virtual machine”
  4. On the Basic Tab in the “Resource group” input.
    • If you don’t have a resource group, click create resource group and provide a name for the resource group.
    • If you already have one input in.
  5. Fill in your virtual machine name on the “Virtual machine name” input.
  6. Leave every other info as default.
  7. Scroll down to “Create a virtual machine” - Input your username - Password - Confirm Password
  8. On the “Public inbound ports” select none and proceed to Networking tab with two clicks on the next button.
  9. On the “NIC network security group” choose “”None
  10. Click “Next” twice to “Monitoring”. On the “Boot diagnostics” click “Disable”
  11. Leave default and click “Review and Create”
  12. Click “create” to create a new VM
  13. When deployment complete, scroll down and “Go to resource”
  14. On the VM, scroll to “Networking”, and click “Network Setting”
  15. Copy the network interface, because you will need it.

datacamp certification

Create a network security group

  1. From the Azure Portal click “All Services”
  2. Search for and select “network security group”
  3. Click on “Create ” and fill in the details.
  4. Click “review and create” and click “create”
  5. When its completed click “go to resource”

datacamp certification

  1. On the NSG page go scroll the “Network interface” and click on it

datacamp certification

  1. Next, click “associate” on the tab

datacamp certification

  1. Click the “Network interface association” dropdown arrow

datacamp certification

  1. Select the network interface and click “OK”

datacamp certification

How to allow an RDP traffic to the virtual machine by configuring an inbound security port rule

By default NSG does not allow RDP. So we need to configure an inbound security rule to allow RDP

  1. Go back to your already created virtual machine and click on “Network Setting”
  2. Select the “create port rules” and choose “inbound port rule”

datacamp certification

  1. Input a “Destination port ranges” and a “priority”
  2. Select “TCP”
  3. Add a “name”
  4. Click ”Add“

datacamp certification

How to connect to RDP

  1. Go to the “Overview” of the VM
  2. Click on “Connect”
  3. Click on “Download RDP File”

datacamp certification

  1. Download, input details and continue
  2. There you go, your VM is ready.

datacamp certification

Configure an outbound security port rule to deny internet access

  1. Go to your VM and click on “Network Setting”
  2. Select the “create port rules” and choose “outbound port rule”

datacamp certification

  1. On destination input, “Service Tag”
  2. On “Destination port ranges” put “*” which means all ports
  3. On ”Protocol” select “TCP”
  4. On “Action” select “Deny”
  5. Input a high Priority

datacamp certification

  1. Add name and click on “Add”
  2. Return to your RDP session and try to open a website , you will notice its not opening, because access has been denied.

datacamp certification