Hello,
I'm working on configuring Azure firewall for my virtual machines. I created a Dnat rule that allows RDP to one of my VMs, and it works perfectly. However, I discovered that adding a second Dnat rule to allow RDP to a different VM didn't work because I can only RDP to the first VM.
This means that my Azure firewall's public IP can only translate one private IP. I'm curious if this is by design or if my config is incorrect.195891-screen-shot-2022-04-24-at-104451-am.png
The rule must be tied to a particular VM using a combination of destination address and destination port to determine the destination.
You can control the connection destination by customizing the destination port as follows.
Hi @TakahitoIwasa
Thank you for the response. After your configuration were you able to RDP to your VM’s because I tried and I am unable to RDP to either of my VM.
Do I need an additional configuration for the customized port because it looks like the port(13389,23389) are not recognized so no connection can go through them.
Thank You
You should be able to connect to VM1: 3389 by RDP connecting to xxx.xxx.xxx.xxx:13389 and reach VM2: 3389 by RDP connecting to xxx.xxx.xxx.xxx:23389.
Is there a security layer other than FireWall?
Just Firewall.
But I would verify my config and revert, I guess I am missing something.
I would suggest you choose different translated port instead of using 3389 try 3390
Let me know if this works
Thanks,
Rish
Hi,
Thank you for your feedback.
However, I tested this with no success, and I've noticed that only 3389(RDP) works as a translated address!
Have you attempted to simulate this? Because I believe this is by design.
14 people are following this question.
