Azure Bastion is a service you deploy that lets you connect to a virtual machine using your browser and the Azure portal, or via the native SSH or RDP client already installed on your local computer. The Azure Bastion service is a fully platform-managed PaaS service that you provision inside your virtual network. It provides secure and seamless RDP/SSH connectivity to your virtual machines directly over TLS from the Azure portal or via native client. When you connect via Azure Bastion, your virtual machines don’t need a public IP address, agent, or special client software.

Bastion provides secure RDP and SSH connectivity to all of the VMs in the virtual network in which it is provisioned. Using Azure Bastion protects your virtual machines from exposing RDP/SSH ports to the outside world, while still providing secure access using RDP/SSH.

How to Configure Azure Bastion from Portal :

• Go to the VM ,which you want to configure Azure Bastion .
• On the page for your VM, in the Operations section on the left menu, select Bastion. When the Bastion page opens, it checks to see if you have enough available address space to create the AzureBastionSubnet. If you don’t, you’ll see settings to allow you to add more address space to your VNet to meet this requirement.
• On the Bastion page, you can view some of the values that will be used when creating the bastion host for your virtual network. Select Deploy Bastion to deploy bastion using default settings.

When the Bastion deployment is complete, Go to VM and click on Bastion and click on Connect.

Type Authentication Credentials to connect to the VM