question

DavidChapman-6723 avatar image
0 Votes"
DavidChapman-6723 asked ChaitanyaNaykodiMSFT-9638 answered

Access Linux Admin URL using SSH via Azure Bastion Host

I'm using a Bastion host to secure access to some RHEL servers as I don't want any public endpoints. Some of the applications running on those servers host specific URLs for administrative purposes (eg admin web pages for configuration)

I can SSH via the Bastion host to get console access but how can I access the application web portal running on that RHEL server from my local PC? There doesn't seem to be any configuration that I can see to change on either Basic or Standard (Preview) Bastion hosts ?

azure-bastion
· 2
5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.

Hello @DavidChapman-6723, Thank you for reaching out. Can you please explain how you want to to access the application web portal running on the RHEL server from your local machine? I ask this because as per the Azure Bastion architecture it provides secure and seamless RDP/SSH connectivity to your virtual machines directly from the Azure portal over TLS using an HTML5 based web browser and I am not sure if Azure Bastion Service will be the correct service to access the web portal.


0 Votes 0 ·
DavidChapman-6723 avatar image DavidChapman-6723 ChaitanyaNaykodiMSFT-9638 ·

Thanks for your response. A number of the applications present administration via web pages. For example CrushFTP software is administered via a web page hosted on the server.

Normally I'd expect to be able to either tunnel that traffic or use a local address through SSH but it doesn't appear that this is possible via the Azure Bastion SSH.

As I see it that then only leaves the option of exposing port 22 on the server to the public internet to allow direct ssh access.... which was what I was trying to avoid and was the whole reason for using the Bastion host in the first place. :-(

0 Votes 0 ·

1 Answer

ChaitanyaNaykodiMSFT-9638 avatar image
0 Votes"
ChaitanyaNaykodiMSFT-9638 answered

Hello @DavidChapman-6723, apologies for the delayed response here. Just to confirm If I have understood the question correctly, I see that you have web server hosted on a RHEL server VM on Azure (with only private IP address) and you want to access it via your local machine. If my understanding is correct and as you mentioned correctly this is not possible using Azure bastion but there are multiple ways to achieve this without assigning a public IP to the VM's itself.
1. You can use Azure VPN Gateway to access the VM. Azure P2S VPN supports TLS based protocols such as OpenVPN Protocol, Secure Socket Tunneling Protocol (SSTP). You can go through this documentation for additional details on implementation and architecture.
2. You can also use Azure Application Gateway as an entry point where you can add the RHEL server VMs to your backend pool and secure the access using SSL. You can go through this feature list for AG which might help you decide. Azure Load balance can be another alternative to in this scenario you can explore.

If it helps you can also go though this documentation as one stop to understand the various networking features offered by Azure. Please let me know if there are any additional concerns or questions I will be glad to continue with our discussion. Thank you!


5 |1600 characters needed characters left characters exceeded

Up to 10 attachments (including images) can be used with a maximum of 3.0 MiB each and 30.0 MiB total.