What is Jump Server?
A jump server is a specially configured server that acts as a secure gateway to access other servers in a private network.
Think of your internal servers are like a secure building, and the jump server is like a security checkpoint at the entrance. You can't directly enter the building from the street - you must first go through the security checkpoint, get verified, and then access the rooms inside.
This guide implements a secure jump server architecture where:
Jumpbox: A VM deployed in a public subnet with a public IP.
Target VMs: Private Azure VMs (no public IP) in the same Virtual Network.
Access: The admin connects to the jumpbox via RDP/SSH and then to the target VMs via their private IP.
Public Subnet
Address Prefix: 10.0.1.0/24
NSG Rules: Allow RDP/SSH from your home public IP
Public IP: ✅ Yes (for Jumpbox only)
Private Subnet
Address Prefix: 10.0.2.0/24
NSG Rules: Allow access only from Jumpbox IP
Public IP: ❌ No public IPs
Step 1 :
Create a Resource group as shown in the screenshot below, I'm going to call it rg-jumpbox
Step 2 :
Create Vnet
Go to Azure Portal
Search for Virtual networks → Click + Create
Also, create public and private subnets while creating a VNet, as shown in the screenshot below
Once both subnets are added, click Review + create → Create
Step 3:
Create an NSG group for the public subnet and the private subnet
In Azure Portal, search for Network security groups
Click + Create
Step 4:
Create an NSG rule to allow SSH/RDP connection only from your home IP
After creating PublicSubnet-NSG, open it.
Go to Inbound security rules → Click + Add
Source: your public IP (check https://whatismyipaddress.com)
Destination port ranges: 3389 or 22
Protocol: TCP
Action: Allow
Priority: 100
Name: Allow-Admin-RDP
Associate the NSG with the public subnet
Follow the same steps for the private subnet and associate the private NSG with the private subnet.
Source: your Jumpbox subnet or your jumpbox VM IP
Destination port ranges: 3389 or 22
Protocol: TCP
Action: Allow
Priority: 100
Name: Allow-Jumpbox-RDP or Allow-Jumpbox-SSH
Step 5:
Create a Jump Server and a Test VM to check the RDP connection
TestVM
I was able to connect the Test VM from the jump server
Top comments (0)