In this article, I am going to walk through how to setup an Azure Load Balancer to allow you to connect to multiple VM’s using just one public IP address. The benefits of this, are not only the small cost saving but it also gives us better security due to the default RDP port 3389 not being opened to the internet.
The below steps are only achievable if you already have an availability group with some VM’s already setup and have RDP setup ready for connections.
Create the Load Balancer
Log in to your Azure Subscription by going to https://portal.azure.com
Click the green + and then Search for Load Balancer
Click Load Balancer
Enter a Name for the Load Balancer.
Click on Choose a public IP Address
Click Create New
Enter a name for the public IP address. Select either dynamic or static for the assignment and then click OK
Select the Subscription you would like to use, select the resource group that the VM’s are in, and select a location. Once this has been filled in click Create
Configure The Load Balancer
Navigate to the Load Balancer we have just created.
Click the load balancer and then click Inbound NAT Rules
Enter a Name, select the Frontend IP address if needed. Under Service select RDP. Under Port change it to a port you want to use to connect to a VM. I am going to use 55001.
Under Associated to select Availability set. Then a new box will appear called Availability set. In here select the availability set that has your VM’s in.
Under Target virtual machine select the VM you want to be able to RDP to. A new box will appear called Network IP configuration select the IP address you have RDP listening on.
Enter Port mapping select Custom two new items will appear. The first one Floating IP (direct server return) leave as disabled. The second one Target port enter the RDP port 3389
The Inbound NAT rule will then be created.
To allow RDP to other VM’s in your availability set just repeat the above steps but change the Name and Port.
You should now see all of your NAT rules.
Test The Load Balancer
Open Remote Desktop on a computer that has internet access.
In the Computer box enter the Public IP address of the load balancer. Under Destination in the above picture. Followed by a : and the Port of the VM you want to connect to. So in this blog it would be 126.96.36.199:55001 to connect to PIXEL-TEST01.
A box will appear asking for your password. Enter that and then click OK
Accept the certificate warning box. You can put a tick in the Don’t ask me again box if you like.
You now have access to your VM in a secure way.
And that’s it you have now created your new Load Balancer and tested your inbound NAT rules.
I hope you found this article helpful. If you have any questions please leave a comment.