Forum Discussion

jimmyc2521's avatar
jimmyc2521
Copper Contributor
Jul 08, 2024

Use of NAT gateway

Hi,

 

First of all, I'm absolutely new to this, so I'm learning as I go along.

 

I've built a VM with PIP which allows me to RDP to it over the internet. I've since created a NAT gateway and associated the PIP with it and now I can no longer RDP to it. What do I need to do to ensure that I can still RDP to the VM over the internet?

 

Thank you in advance.

J.

  • Hi. Azure NAT Gateway are outbound only:
    https://learn.microsoft.com/en-us/azure/nat-gateway/nat-overview

    So if you want to place something in front of the NIC of the VM, you could use an Azure load balancer instead 🙂 Or go up the security latter with Azure firewall.

    But since you are trying to enable remote management (RDP), I would recommend taking another approach using Azure Bastion, and remove the PIP from the NIC of the VM. (You may want to keep your NAT Gateway for outbound internet access, as NAT Gateway are the best practice way of ensuring outbound internet access for VMs, and should be kept attached to the subnet)
  • Hi. Azure NAT Gateway are outbound only:
    https://learn.microsoft.com/en-us/azure/nat-gateway/nat-overview

    So if you want to place something in front of the NIC of the VM, you could use an Azure load balancer instead 🙂 Or go up the security latter with Azure firewall.

    But since you are trying to enable remote management (RDP), I would recommend taking another approach using Azure Bastion, and remove the PIP from the NIC of the VM. (You may want to keep your NAT Gateway for outbound internet access, as NAT Gateway are the best practice way of ensuring outbound internet access for VMs, and should be kept attached to the subnet)

Resources