ファイアウォール導入につき、仮想マシンでのBastionを使用可能にするためのIP,FQDNやポートを知りたい (I would like to know the IP, FQDN and port to enable Bastion on the virtual machine for firewall installation.)

y.sawada 5 Reputation points
2023-01-17T07:40:00.1533333+00:00

ファイアウォール機器導入につき、仮想マシンでのBastionを使用可能にするための許可するためのIP,FQDNやポートを知りたい

よろしくお願いいたします。

I want to know the IP, FQDN and port for permitting to use Bastion on a virtual machine for firewall device installation

Thank you.

Azure Bastion
Azure Bastion
An Azure service that provides private and fully managed Remote Desktop Protocol (RDP) and Secure Shell (SSH) access to virtual machines.
262 questions

1 answer

Sort by: Most helpful
Most helpful Newest Oldest
  1. GitaraniSharma-MSFT 49,591 Reputation points Microsoft Employee
    2023-01-17T13:43:43.9233333+00:00

    Hello @澤田 良典 (管理者) ,

    Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.

    I understand that you would like to know the IP, FQDN and port to enable Bastion on the virtual machine for firewall installation.

    Azure Bastion is a service you deploy that lets you connect to a virtual machine using your browser and the Azure portal, or via the native SSH or RDP client already installed on your local computer. The Azure Bastion service is a fully platform-managed PaaS service that you provision inside your virtual network.

    Azure Bastion uses an HTML5 based web client that is automatically streamed to your local device. Your RDP/SSH session is over TLS on port 443. This enables the traffic to traverse firewalls more securely.

    Azure Bastion opens the RDP/SSH connection to your Azure VM by using the private IP address on your VM. You don't need a public IP address on your virtual machine.

    Refer: https://video2.skills-academy.com/en-us/azure/bastion/bastion-overview

    IP: You have to create a new public IP address for the Bastion host resource on which RDP/SSH will be accessed (over port 443). The public IP address must be in the same region as the Bastion resource you're creating.

    No public IP is required on the Azure VM.

    The Bastion service will open the RDP/SSH session/connection to your virtual machine over the private IP of your virtual machine, within your virtual network.

    FQDN: The fully qualified domain name (FQDN) for Azure Bastion can be found after its creation in the Overview section of the Bastion resource in Azure portal. It will be as follows: "bst-*.bastion.azure.com", where ***** is a specific GUID for your Bastion host. You can see the screenshot below for reference:

    User's image

    Port: By default, Azure Bastion uses port 443 for secure HTTPS connections.

    Required inbound ports on the VMs you are connecting to:

    For Windows VMs - RDP (3389)
    For Linux VMs - SSH (22)

    Refer: https://video2.skills-academy.com/en-us/azure/bastion/quickstart-host-portal#prereq

    Kindly let us know if the above helps or you need further assistance on this issue.

Your answer

Answers can be marked as Accepted Answers by the question author, which helps users to know the answer solved the author's problem.