Is there any way to use Azure Bastion to connect to on-prem systems as well as Azure virtual machines? I have a hybrid cloud environment where some key machines are on-prem and some are Azure VMs. The Azure VNet is extended with a VPN tunnel so the azure VMs can talk to the on-prem machines. In Googling my question, I was not able to find much...
- The official page for Azure Bastion describes it as '''Azure Bastion is provisioned directly in your Virtual Network (VNet) and supports all VMs in your Virtual Network (VNet)'''
- This page talks about hybrid envrionments https://blog.ahasayen.com/introducing-azure-bastion/ , saying: '''You might also have some sort of hybrid connectivity with your on-premises network and when you are outside the office, you use point to site VPN to securely access your VNET, which is the ideal situation.'"
- I am aware of Azure Arc which is currently in preview. Would something like that be appropriate to make this work?
My overall questions are:
- Am I totally barking up the wrong tree here? Is my understanding off?
- Is it possible to use Azure Bastion to access an on-prem server on an extended VNet?
Thanks in advance!
As far as I know, currently, it's not possible to use Azure Bastion to access an on-prem server on an extended VNet. You only could use Azure Bastion to access all the VMs in the VNet which has AzureBastionSubnet. Refer to this blog
Actually, you can have a private and securely RDP/SSH connection between your on-premise server and Azure VM via a VPN gateway, you just can not RDP/SSH on-premise server via Azure portal. If you need this feature with Azure Bastion, it's welcome to give feedback or upvote these similar feedback1 and feedback2.
Hope this could help you.