Azure – You can now use Bastion with peered virtual network (preview)

As you may know, Microsoft has released a solution allowing you to remotely connect with RDP or SSH to your virtual machines running on Azure without being obliged to have a public IP (and corresponding ports opened) called Azure Bastion (see

Well, until know, if you had multiple Vnets, you had to deploy Bastion for each Vnets – even if they are peered with each other.

Good news, you can now use Azure Bastion to connect any virtual machine no matter to which Vnet they are connected to.

You have nothing to enable or implement – except off course 1 Azure Bastion instance and have the Vnet peered.

Few things:

  • You can still deploy other Azure Bastion instance on the other Vnet; the VM you want to connect to will detect if a Bastion instance is running for the Vnet or not. If there is an instance for the Vnet, it will use this instance, otherwise it will use the Bastion instance from the other Vnet
  • You can connect on virtual machine running on different subscription (as soon as the Vnet is peer with the virtual network where Bastion is deployed off course)


Benoit Hamet
Benoit Hamet
Benoit is working on Microsoft collaborative technologies He has been awarded as MVP for more than 12 years Currently MVP on Office 365 after being awarded on SharePoint (2011-2012) and Windows client & server (2002-2007) Speaker at various Microsoft events (TechDays, TechNet seminars) and Quest Software He works on on-premises (Active Directory, RADIUS/NPS, Exchange, Skype for Business, SharePoint, SQL, Terminal Server, Windows client and Windows Server) or online (Azure, Intune, Office 365, Exchange Online, SharePoint Online, Skype for Business Online, Teams) technologies