I'm setting up a basic Windows virtual machine to access from my PC, similar to remote desktop setups from a few years ago. I remember it being straightforward back then, but now with Azure, I'm not sure about the default options for remote access. Does Azure provide any built-in remote access, or do I really need to deal with things like Bastion and ExpressRoute? The in-browser GUI seems to require the Windows Admin tools, and I know I can't access private IPs like 10.0.0.4 directly from my PC. So, how can I establish a simple remote session without breaking the bank or over-complicating things?
2 Answers
Honestly, you don’t need a Public IP if you set up a personal host pool and associate it with an application group and workspace. You can log in using your email and password with MFA for added security. This way, you’ll only pay for the compute and storage. If you do choose to go the Public IP route, just remember that you'll have to whitelist your PC's IP in your NSG. It's a bit more secure to use MFA and Conditional Access, so keep that in mind!
When you create a Windows VM on Azure, it usually comes with a Public IP by default. If you go this route, just ensure you have a Network Security Group (NSG) set up on your NIC or subnet to allow RDP (port 3389) only from your home IP to keep your logs clean. If you opt not to assign a Public IP during deployment, you could always add one later or set up something like ExpressRoute or a Site-to-Site VPN, but it sounds like that's not what you're after.
Thanks for the advice! It’s good to know I can skip the Public IP. I'm working on getting everything set up now, but could you share what tools or methods I would use to initiate the session in your suggested setup?