How do I remote in to a Windows Azure web role over 443 when behind a corporate firewall?
https://stackoverflow.com/questions/12952923
-
08-07-2021 - |
italiano
english
français
española
中国
日本の
العربية
Deutsch
한국어
Português
RussianQuestion
We are trying to remote desktop in to a Windows Azure web role while behind a corporate firewall. It is quite important to us for development and debugging purposes. It is not possible to test all of what we are working on using the emulators.
All developer's are able to access the roles we have set up from home and it is also okay when firewall rules are added to give temporary access to individual roles but we need a longer term solution that the security team is happier with.
We've found mention that that it is possible to set up remote access over port 443 but we have not been able to find anything good enough to walk us through that or give us enough information to work out how to do it ourselves.
Is anyone able to help? A link to useful articles and / or some good guidance in reply would be most appreciated.
Solution
Well, you have a tough issue to fight with. RDP works on TCP PORT 3389, which is default. The easiest would be if your network administrators open outbound TCP 3389 to the range of IP Address of designated DataCenter.
If that does not work, second easy is to use Windows Azure Connect (some video demoing the feature here). Although it still in BETA/CTP it would work perfectly for your scenario. Of course if your corporate FireWall allows outgoing IPSEC protocol.
The last option you have is the real Windows Azure Virtual Network, but for that you have ask your system administrators to configure an IPSEC tunnel on a supported hardware router (currently some CISCO and Juniper routers are supported).
I would suggest to try negotiating for option one.
P.S. Some may say here, hey we can change the RDP port on the Roles we deploy! You certainly can do that via a startup task. Here is how to change the port listening for RDP. However, I strongly advice you not to do that. And the reason is that when you enable RDP for Windows Azure Cloud Service, you don't just connect to the role Instance. There is a special system module "RemoteForwarder", that is automatically installed on one of the role instances, that would route the RDP connection to the appropriate instance. And this RemoteForwarder only works on port 3389. So this is where I say, "NO, you can't really move the RDP port in Windows Azure Cloud Service", and you have to embrace one of the three options I mention.
