Share via

how to allow my IP to access the RDP using port 3389

Bashir Salama 0 Reputation points
2025-10-22T10:14:05.95+00:00

our customer who is using our software asked us to block RDP access to the server from anywhere, as a part of their security measurements, the step i took was to allow secured access to the server only on port 3389, so now the RDP is not accessible from anywhere as needed, so we have returned back to access the server from the Azure portal but the portal shows an error and not allowing to access the vm, although the software which is published on that server is working fine so the server is running, but it is only blocking all accesses, is there a way to revert the updates we have done, or steps to access the vm from the portal smoothly. i can provide more details if needed,

Azure Firewall
Azure Firewall
An Azure network security service that is used to protect Azure Virtual Network resources.

2 answers

Sort by: Most helpful
Most helpful Newest Oldest
  1. Praveen Bandaru 8,930 Reputation points Microsoft External Staff Moderator
    2025-10-22T12:46:00.6366667+00:00

    Hello Bashir Salama

    Thank you for your response. please check the below information for further investigation:

    • Please check if there is any NSG attached to the Bastion subnet and ensure it does not block any traffic.
    • Also, kindly review the NSG rules at both the NIC and subnet levels of the VM to confirm that the Bastion subnet's private range is not being blocked.
    • And also, please let me know any route table is associated to VM or Bastion subnets.

    Hope the above answer helps! Please let us know do you have any further queries.

    Please do not forget to “up-vote” wherever the information provided helps you, this can be beneficial to other community members.

  2. VIVEK DWIVEDI 265 Reputation points Microsoft Employee
    2025-11-05T08:29:18.9566667+00:00

    Hello Bashir Salama,

    I understand your problem.

    Could you please let me know following?

    1. Is there a firewall (Azure or any third party fw) in your environment and is it the next hop for traffic to internet and private IP address.

    You can verify by checking if there is any ROute table associated to your VM subnet and routes inside the route table, you can post the screenshot for reference.

    If there is a NVA of Azure firewall, you would have to allow the traffic there as well.

    1. Since you are trying to access from Bastion, check any NSG or Route table on your Bastion subnet.

    NSG can block the traffic, whereas an incorrectly configured route table can misroute/blackhole your traffic.

    1. You can have NSG flow logs enabled on your VM NSG to see whether the traffic is hitting to this VM or not and take action accordingly.
    2. Most probably there would be one mode NSG (subnet level and NIC level) which is blocking the traffic.
    3. You can check ip flow verify from VM using Azure portal to see what the next hop for 0.0.0.0/0 or any public and private address is.
      Please let me know if this helps and upvote the answer to help the community.

    You can check

    0 comments

Your answer

Answers can be marked as 'Accepted' by the question author and 'Recommended' by moderators, which helps users know the answer solved the author's problem.