Forum Discussion

iandoyle345's avatar
iandoyle345
Copper Contributor
May 20, 2025

Cannot RDP to azure VM from local domain joined PC

I have an Azure VM behind an Azure VPN that I cannot connect to from certain PCs. This is an azure government instance at the free tier. The VM only has a Private IP, and can only be accessed when...
Jamony's avatar
Jamony
MCT
Jun 26, 2026

Since one laptop can RDP and the other PC cannot, I would not change the Azure VM first. I would compare the two client machines.

On both clients, check the VPN-assigned IP, routes, and DNS:

route print nslookup <vm-name-or-domain> Test-NetConnection <private-ip> -Port 3389

If the failing PC cannot reach TCP 3389 but the laptop can, check whether the VPN pool address for that PC is covered by the NSG/firewall rules. I have seen cases where only part of the VPN client pool was allowed.

If TCP 3389 is reachable, then I would look at local Windows firewall/EDR policy, NLA, credential format, or RDP policy on the domain-joined PC. Ping working does not prove RDP is allowed.

Docs:
https://learn.microsoft.com/azure/network-watcher/connection-troubleshoot-overview
https://learn.microsoft.com/troubleshoot/azure/virtual-network/virtual-network-troubleshoot-connectivity-problem-between-vms
https://learn.microsoft.com/azure/virtual-machines/windows/connect-rdp