Search code examples
azureazure-devops

How to RDP into Azure cloud service (Extended support)?

I have followed this article - https://learn.microsoft.com/en-us/azure/cloud-services-extended-support/enable-rdp to be able to RDP into Azure cloud service (Extended support).

  1. Created credentials in "Remote Desktop" settings.
  2. Selected role in "Role & instances" and downloaded rdp file from "Connect" button and used it to perform RDP.

But I receive below error:

enter image description here

Please suggest what to do to make RDP work?

Solution

  • You need to add NSG that allow traffic on ports 3389 and 20000

    Remote Desktop uses port 3389

    Cloud Service instances are load balanced, so you can't directly control which instance to connect to. The RemoteForwarder and RemoteAccess agents manage Remote Desktop Protocol (RDP) traffic and allow the client to send an RDP cookie and specify an individual instance to connect to.

    The RemoteForwarder and RemoteAccess agents require port 20000 to be open, which might be blocked if you have an NSG

    Assign Subnet to the NSG

    1. Go to your Cloud Service (extended support), and find Configuration, and check the name of the Subnet

    enter image description here

    1. Go to your NSG, and to Subnets and hit Associate

    enter image description here

    1. Choose the Virtual Network (as per the Configuration of Cloud Service), and choose the Subnet

    enter image description here

    Then you add the NSG Inbound rules

    Add NSG Inbound rules

    1. In the search box at the top of the portal, enter Network security group and select Network security groups in the search results.

    2. Select the name of your network security group.

    3. Under Settings, you can view the Inbound security rules enter image description here

    4. Click Add, and allow Azure Load Balancer

    enter image description here

    1. Then Add again, and allow the communication to happen from your local to the Azure cloud service (Extended support), and in Source IP the safest option is to use either IP Addresses or My IP Address to not expose to the internet

    enter image description here

    1. Finally, allow the communication in the Azure Cloud Service (Extended support) network, which means that for Source and Destination you will use the same IP network where your resource has been deployed

    enter image description here

    Once you do that, check again if you are now able to connect to the RDP