Wednesday, 31 August 2016

Customize the Remote Connection port for an Azure V2 VM

Customize the RDP port for an Azure V2 VM:

Plan A outlined below is more straightforward, we first change the RDP port from inside the VM, then we make Windows firewall and NSG rule to allow the new port.

Plan B outlined below is recommended. We use a NAT rule to route customized port --> 3389. In this way, we can change the external port anytime later and it doesn't involve additional modify from OS level.

Plan A
Important: Don't cut the branch while sitting on the branch!!
So, in a nutshell please note that :) Do not restart the server when prompted until and unless completing below steps 1 to 3. This can be hectic if you change port from registry level (mentioned in step 1) and then restart without allowing firewall port (mentioned in step 2)
step 1)      Change RDP port on Windows level.
For the steps, please refer to
step 2)      Allow the customized port on Windows Firewall.
step 3)      Allow the customized port on NSG.
To do this, go to Azure Portal, click on your VM name, click on Network Interfaces, click on the NIC name, select Network Security Group, click on the Network Security Group name, add the inbound security rule here.

Plan B
1)      Create the Azure Load Balancer.
2)      Create a Backend pool and associate it with the Load Balancer.
3)      Create a NAT rule to route the customized port to default 3389.
4)      Associate a NAT rule to the VM's NIC (VNIC)
For more detailed steps, you can refer to the articles below.