For spokes VNETs of VWAN, currently, bastion is not supported like this:
Bastion (Spoke 1) -> Hub -> VM (Spoke 2).
Support for Bastion via a peered vnet connected to our VWAN hubs would literally remove the need for jump boxes in our Azure environment. Given the push for customers to move to Azure VWAN if this capability is not present it really should be high on the priority list as it improves our environment security and governance while reducing complexity and costs.49 votes
Not being able to transfer files to a VM using a Bastion session really limits the usability. Please enable this feature.1,329 votes
Please allow us to deploy Bastion in Hub & Spoke vnet design. It makes sense to deploy Bastion in Hub vnet only. Than we can access VMs in spoke vnets from Bastion. Hub & Spoke design is Azure recommended Reference architecture, make sense to support it.1,657 votes
We are currently planning for this!
Some organizations/companies need information for detecting/tracking the person who used Bastion and logged into VM.
Current Bastion diagnostics log has fields for subscription ID and VM username, However, there is no field for Azure portal user's name or email address.71 votes
We trying to connect to a Windows Server VM using Azure Bastion with an account member of Protected Users group.
This connection failed and I can see in my AD eventlog an error because connection used NTLM (and NTLM is forbidden by Protected Users AD group).
Apparently, Azure Bastion used target IPs and by the way, authentication is downgrades to NTLM.
To avoid this issue and to improve global security using both Protected Users and Azure Bastion, it should used FQDN of the target instead of target's IP.22 votes
Once a new instance of bastion session is initiated in a new window/tab, if the connection fails for any reason, a retry mechanism is applied (which is good), but the retries can be limited to avoid too many failures on the connection. default retry time is 15 seconds which would be 240 retries in an hour if the window/tab left open.
Option to limit the no of retries before closing the connection.
Option to increase the retry time out24 votes
Make bastion shareable links accessible publicly.
On https://docs.microsoft.com/en-us/rest/api/virtualnetwork/putbastionshareablelink/putbastionshareablelink It does not specify that this is still in preview yet support has informed me this feature is still in preview. Because when I try to use it it just says my subscription does not have access to Microsoft.Network/bastionShareableLink when enabling this feature using Azure CLI it just ends up in a state of pending forever.42 votes
Bastion Host should be capable to accept custom ports for RDP and SSH over TCP.
For security reasons, mostly people block the default ports and use custom port.1 vote
I have a VM that I use in infrequent bursts, so I start it, use it, then shut it down same-day. Then I may not use it again for a few days.
I would like to use Azure Bastion to access the VM, but I don't want to have to leave Bastion deployed and running 7x24 when my VM isn't 7x24.4 votes
We have two VNets. VNet1 and VNet2. VNet1 has VNet Peering with VNet2. In each VNet, we have Bastion.
If we want to connect VM in either VNet1 or VNet2, the Azure portal shows two Bastion.
Is it possible to release a custom feature to hide the bastion host or keep last used option?
That would improve user experience. Thank you very much!3 votes
Especially with the increase of remote work, my employees and clients need to be able to print remotely to their local printers from a server. This is a basic function, it should have been created when Bastion was built1 vote
We use our Azure resources only sporadically and the high cost of Bastion is disappointing. It would help a great deal if we could deallocate it or turn it off with our VMs.1 vote
I love azure bastion but wow if you don't delete it the cost goes up and up. There has to be a way to stop it when not using it so I don't have a a massive bill for a VM 1 turn on once a week because bastion runs it up $20010 votes
Currently it is only possible to access VMs with Azure Bastion using RDP/SSH directly through the browser.
I would be great if Azure Bastion would also support native RDP/SSH clients for that278 votes
Allow Audio and Video Playback Redirection.1 vote
I pressed Windows key and I found that operation forcused my laptop PC. I confirmed same behavior when I pressed "Alt + Tab" to change Task Window.
I found same case in stackover flow.
I hope you to add this feature.65 votes
While Bastion is very useful to us we only use it on rare occasions. It would be nice to have a lower cost option that perhaps has much more limited session usage or other resources. Perhaps offering it on a lower end VM SKU.3 votes
Right now, because of some technical limitation, it is not possible to connect to a VM within AKS Node using Bastion.
It would be great if this is supported so that we don't have to use jumpbox to bypass this issue.15 votes
We would love to use Azure Bastion immediately but unfortunately our internal security requirements does only allow access to services without strong authentication mechanism.
Is there already a fixed timeline when Multi-Factor Authentication will be supported?250 votes
As I se RDP with my two screens, I would like to have the same feature with the Azure Bastion to use the to use my two screen monitor.118 votes
- Don't see your idea?