Hi @lionelblak ,
Welcome to the Microsoft Q&A platform. Happy to answer your question. This is a connectivity issue. There are various ways in which you can connect to the VMSS instance, like
- Connecting directly to virtual machines
- Connecting through a jumpbox
- Leveraging Azure Bastion
The first thing that comes to my mind is Network Security Group (NSG) associated with your VMSS. NSG describes what inbound and outbound requests are allowed for your virtual machines. For example, inbound rules by default allow requests from the virtual network and load balancer infrastructure.
To enable RDP or SSH we need to create a rule to allow connection to the corresponding ports. It could be done in “Networking” tab of a VMSS resource. On the screenshot below we can see a rule that allows connections to the 3389 port on the virtual machines.
NOTE: The warning sign is displayed because RDP port is exposed to the Internet which is not secure.
VMSS network security group rules:
Establishing Connection:
To connect to a particular virtual machine inside of a scale set we just need to know what port on load balancer’s public IP address to use to be forwarded to the desired instance of VMSS.
One easy way to do it is to navigate to load balancer “Inbound NAT rules” tab and see the mapping. Another option is to go to an individual VM, its “Connect” tab, then “RDP” and select “Load balancer public IP address” in the dropdown. It will autocomplete “Port number” for you, and this should work both for Windows and Linux VMSS.
For other approaches, i recommend you to refer to connect-to-azure-vmss-instances
Video on how to connect to VMSS VMs: watch
(If the reply was helpful please don't forget to upvote and/or accept as answer, thank you)