0

I am not able to connect from local bash or Azure CLI (portal & local) to newly spinned up Ubuntu "Private" IP VM on Azure

Verified port 22 open for SSH from "Any" with higher priority and no other NSG rules blocking it

I understand this is because my local system is not part of VNET that VM is on, though I connect using enterprise VPN

Only option I see is to use Azure Bastion service( charged separately) with standard tier, native client support; and then add extension on local Azure CLI ( az network bastion ssh)
Azure Bastion protects your virtual machines by providing lightweight, browser-based connectivity without the need to expose them through public IP addresses. Deploying will automatically create a Bastion host on a subnet in your virtual network.

  1. What could be other options to connect to Private VM
  2. How to access web application host:port deployed on same VM
Improve this question
1
  • can public load balance will provide access to private IP VM , with selected ports Commented Feb 14, 2024 at 0:12

2 Answers 2

Reset to default
1
  1. What could be other options to connect to Private VM.

There are several other options to connect to a private VM in Azure,

Azure VPN Gateway: You can connect on-premises network to the Azure VNET where the VM resides using Azure VPN Gateway, enabling access to the VM via its private IP address without public IP, you can use a point-to-site or site to site VPN connection to connect your local system directly to the Azure VNET

Azure ExpressRoute: The Azure VNET that is hosting the virtual machine can also be connected to your on-premises network via a dedicated connection using Azure ExpressRoute, which allows access via the private IP address of the virtual machine.

Azure Bastion: The bastion service offers secure RDP/SSH access to VMs from the Azure portal, removing the need for public IPs or VPN connections

  1. How to access web application host:port deployed on same VM,

To use the private IP address of a VM to access a web application on that VM, you can create an Azure public load balancer. This will allow you to reach the application on the VM through the load balancer's public IP address, You can do this by following these steps.

  1. Create a Load balancer

enter image description here

  1. To access the application that is configured on the VM , create a Public IP address for the load balancer.

enter image description here

  1. Create a backend pool.

enter image description here

  1. Create a load balancing rule to forward the traffic to the VM on the specified port.

enter image description here

For more details refer the SO link for configuring application on windows VM using Azure Load Balancer.

Improve this answer
Sign up to request clarification or add additional context in comments.

7 Comments

Thank you Venkat for all options in details. I am trying with public load balancer and as I get clean access I will update here
I hope the posted solution is helpful to resolve your issue.
I am still trying with different settings around public LB and VNET but no luck yet
HI @itsavy, Follow my steps to access the application hosted in Azure VM with loadbalncer public IP.
Yes followed your steps, but not able to ssh or wget from local powershell , just ping is returning fine to LB Public IP Tried with login to tenant via powershell and with my company VPN I have kept inbound rule at highest priority 100 & 101 for ssh and http
|
0

enter image description hereFinally adding inbount NAT rule for ssh 22 and another NAT rule with custom port for my application, solved my connection issue Thank you @Venkat for details earlier

Improve this answer

Comments

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.