0

We have host-Windows, proxy-Linux(same VNET, different subnets) and sftp-Linux(different VNET and subnet) machines in which SSH is enabled in port 815(SSH is done to domain set to each machines). Now we have implemented firewall(New VNET and AzureFirewallSubnet) and connected the VM VNETS with firewall(peering). Dnat rule is enabled for SSH in port 815 but through firewall we can only connect to one machine for which SSH is enabled first(as we are using same port for all machines). I would like to know if there is any way to SSH to the Public IPs of the machines so that no need to set SSH in different ports or any other ways possible. Any leads would be really helpful as I am a complete beginner in Firewall and Networking. Thanks in Advance.

NB: Infrastructure is completely build using terraform.

Improve this question
1
  • Just use the machine you can connect to as a jump box. RTFM for ssh_config / ssh Commented Jan 25, 2024 at 12:48

1 Answer 1

Reset to default
0

I would set up a S2S VPN and allow the VPN certain ip range as source to the different vnets in a firewall rule.

Another option is to place an Azure Bastion in the different vnets where you need SSH access. Azure Bastion is a managed service in Azure that allows secure SSH via a sort of jump host, but then managed by Microsoft. It eliminates the need for public IP addresses or a VPN connection by allowing you to connect to your VMs directly through the Azure portal using Remote Desktop Protocol (RDP) or Secure Shell (SSH). This enhances security by reducing exposure to the public internet and simplifies remote access management.

Improve this answer

You must log in to answer this question.

Start asking to get answers

Find the answer to your question by asking.

Ask question

Explore related questions

See similar questions with these tags.