How To Connect Multiple Windows Server Virtual Machines Using Bastion

In this article, we’ll learn how to connect virtual machines and connect them through Azure Bastion. We’ll first learn about virtual machines then go through a hands-on tutorial to create a Windows Server DataCenter Virtual Machine in Azure. We’ll then create a second virtual machine and then use Azure Bastion to connect these two virtual machines. For this process, we first need to create a virtual network with a Subnet. To learn a thorough process to create a virtual network, check out the previous article, How to create a virtual network and a bastion host. 

Microsoft Azure

Azure is a cloud computing service developed by Microsoft which enables organizations and individuals to build, test, deploy and manage their applications in high availability and rapidly scalable platform with unparalleled security offerings and benefits in comparison to the traditional on-premises infrastructure. 

Virtual Machines in Azure 

A virtual machine is the emulation or virtualization of an entire computer system. The Virtual Machines (VM) performs like a physical computer system altogether. Software such as VMware has enabled virtual machines since 1998. Today, in order to fulfill the needs of organizations to set up databases and increase computer power from virtual machines, Azure Portal provides browser-based easy to use platforms to create and use Virtual Machines in Azure. With cloud computing like Microsoft Azure, it has never been this easier to deploy various copies of the same virtual machines to improve load handling. It is flexible and easier than having to take care of a physical server and installing OS on our own. Let us create a Virtual Machine (VM) using Azure Portal. 

Azure Bastion 

Azure Bastion is a service that enables developers to connect to the virtual machine through Azure Portal using a web browser. The Secure Shell Protocol (SSH) and Remote Desktop Protocol (RDP) can be accessed seamlessly with high security to virtual machines (VM) without using public IP addresses mitigating the possibility of any exposure. 

Creating a Windows Server DataCenter Virtual Machine 

Step 1

First of all, please sign in to the Azure Portal. You’ll land on this page once you sign up. 

Step 2

Click on Create a Resource. 

Step 3

Now, Select the Compute under the Categories section. You’ll see Virtual Machine on the Popular offers. You can also just search Virtual Machine in the tab. 

Step 4

You’ll be prompted to fill up the form as follows. 

Step 5

Fill up the details on the Basics to create a virtual machine as shown in the image below. Select the specific Subscription you are using.  Name the Virtual Machine Name as myVM1. Select East US as the Region with Availability Options set as – No infrastructure redundancy required. Thereafter, select the Windows Server 2019 Datacenter – Gen2 as the Image. The Azure Spot instance should be deselected. Choose the Default Size and fill up the Administrator account details for username and password as your desire. Make sure to note it down, for it should be used later on. Finally, Public Inbound Ports should be set to None.  

Step 6

Go to Networking Tab and choose Next or the Topline head bar. Choose the Subnet you created following the article, How to create a virtual network and a bastion host. Set the Public IP to None and NIC Network Security Group as Basic. The Public Inbound Ports should be set to None.  

Step 7

Click on Review + Create.  

Step 8

Azure will start to run validations and result with a green bar as the validation is passed.  

Step 9

Click on Create to Submit your deployment. The notification will pop up as shown below.  

Step 10

Microsoft Azure will take you to the Deployment Process page.  

Once, the deployment is complete, you’ll be notified with Your deployment is the complete message and access to visit the resources.  

Step 11

In order to connect VMs, we need to create another VM too. We can just click on the Create another VM or Visit from Menu on the top right to Create another resource.  

Step 12

Following the similar process as of above, select Create Virtual Machine.  

Step 13

Fill up the details as above but with a new name, myVM2. Moreover, you can switch to a new username and password for better security.  

Step 14

Click on Next to check out Disks and then to Networking.  

Step 15

Follow the steps as done previously for the Networking and then click on Review + Create.

Step 16:  

Validation will take place and then the deployment process with notifications.  

Step 17

You’ll be confirmed with the confirmation of the completion of deployment.  

Step 18

Now, visit myVM1 and go to check out its resources.  

Step 19

Click on Connect and select the Bastion. 

Step 20

Click on Use Bastion. 

Step 21

Fill in the username and password under the Bastion that we created for the virtual machine priorly and then Select on Connect.  

Step 22

Under the bastion connection of myVM1, open Powershell and Enter “ping myVM2”.  

Something similar to the following message should be received as the output.  

Pinging myvm2.dw83249hasdkjlgsfghkjrxuqf.bx.internal.cloudapp.net [10.0.0.5] with 32 bytes of data:
Reply from 10.0.0.5: bytes=32 time=1ms TTL=128
Reply from 10.0.0.5: bytes=32 time=1ms TTL=128
Reply from 10.0.0.5: bytes=32 time=1ms TTL=128
Reply from 10.0.0.5: bytes=32 time=1ms TTL=128

Ping statistics for 10.0.0.5:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 1ms, Average = 1ms

Now Close bastion connection for myVM1. Similarly, use the above steps to connect to myVM2. Open Powershell on myVM2 and Enter “ping myVM2”. A similar message as the following message should be received as the output. 

Pinging myvm1.rss2sdaf323gedggsfghkjrxuqf.bx.internal.cloudapp.net [10.0.0.4] with 32 bytes of data:
Reply from 10.0.0.4: bytes=32 time=1ms TTL=128
Reply from 10.0.0.4: bytes=32 time=1ms TTL=128
Reply from 10.0.0.4: bytes=32 time=1ms TTL=128
Reply from 10.0.0.4: bytes=32 time=1ms TTL=128

Ping statistics for 10.1.0.4:
    Packets: Sent = 4, Received = 4, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 1ms, Maximum = 1ms, Average = 1ms

Close the bastion connection to myVM2.  

Conclusion

Thus, in this article, we learned about Virtual Machines, creating multiple virtual machines, and connecting them to each other through the Bastion. This was a hands-on tutorial to help you develop technical skillsets more than just theoretical knowledge. Hope you liked it and do try them out in Azure.