There are various benefits to creating a cloud VM; however, we have noticed that in many circumstances, we cannot connect to the VM (Azure VDI VM) using RDP or Remote Desktop Protocol. This issue can be due to various reasons. In this post, we will discuss them and explore potential solutions to resolve them.
Typically, if an IP or NSG rule is missing, you may encounter this issue. If you have rebooted your system, installed an update, performed a password reset, modified your NSG, Firewall, or routes, or made any other changes, this may trigger one of the following failures.
- The Remote Desktop service can get disabled.
- The Windows Firewall might block the 3389 Port, which is the RDP Port.
- Network Security rules may block inbound or outbound traffic.
- The login credentials can be faulty.
Those mentioned above are not the only reasons, as you will see as we go forward in this article. We will mention every potential solution that can help us to resolve this hereinafter.
Fix Cannot connect to VM (Azure VDI VM) using RDP
If you cannot connect to the VM (Azure VDI VM) using Remote Desktop Protocol, follow the solutions mentioned below.
- Reset RDP Connection
- Check Network Security Group (NSG) Rules
- Reset NIC
- Reset User Credentials
Let’s discuss them in detail.
1] Reset RDP Connection
One reason you may encounter this issue is misconfigured RDP settings. Since this is a pretty common reason, we will start with this solution. Side note, this also helps if the issue is a result of a misconfigured firewall setting. To reset the RDP Connection, follow the steps below.
Azure Portal
- In the Azure Portal, go to your VM.
- Go to the Settings pane and click on Help.
- Now, you need to click on Reset password.
- Make sure to set the Mode to Reset configuration only.
- Finally, click on Update.
Azure Powershell
If you have installed Azure PowerShell, you can go ahead and use it to configure the virtual machine. Open PowerShell as an administrator and then run the following command.
Set-AzVMAccessExtension -ResourceGroupName "ResourceGroup" ` -VMName "VM" -Location Westus -Name "VMAccessExtension"
Make sure to replace the variables ResourceGroup, VM, and VMAccessExtension with the actual information.
2] Check Network Security Group (NSG) Rules
Network Security Groups (NSGs) function as virtual firewalls for Azure virtual machines (VMs). If an NSG rule blocks Remote Desktop Protocol (RDP) traffic on TCP port 3389, inbound connections from your client to the VM will be denied. This means that even if the VM is operating normally and RDP is enabled, no connection can be established.
To do so, follow the steps outlined below.
- Navigate to your VM.
- Then, go to Networking > Inbound port rules.
- Now, click on View effective security rules.
- Check for an Allow rule for TCP 3389.
For example:
Priority: 1000
Source: Any (*)
Destination: Any (*)
Port: 3389
Protocol: TCP
Action: Allow
If the rule is missing, traffic will be blocked.
You can run the following command in Azure PowerShell.
$nsg = Get-AzNetworkSecurityGroup -ResourceGroupName "myResourceGroup" -Name "myNSG" # Check rules allowing TCP 3389 inbound $nsg.SecurityRules | Where-Object { $_.Direction -eq "Inbound" -and $_.Access -eq "Allow" -and $_.Protocol -match "TCP" -and $_.DestinationPortRange -contains "3389" }
If you see no output, there is no rule.
You can run the following command to create a new rule.
# Add new rule to NSG
$nsg | Add-AzNetworkSecurityRuleConfig -Name "Allow-RDP" `
-Description "Allow inbound RDP" `
-Access Allow -Protocol Tcp -Direction Inbound `
-Priority 1000 -SourceAddressPrefix * `
-SourcePortRange * -DestinationAddressPrefix * `
-DestinationPortRange 3389
# Apply changes
$nsg | Set-AzNetworkSecurityGroup
Finally, check if the issue is resolved.
3] Reset NIC
Next, we will reset the NIC to resolve issues related to the virtual network interface of the VM. Since we are unable to connect using RDP, this solution should do the trick for you.
To reset the NIC, follow the steps mentioned below.
- Go to the Azure Portal.
- Navigate to the problematic VM.
- Now, go to Networking > Networking Interface of VM.
- Go to IP Configuration > IP.
- If Private IP assignment is Dynamic, set it to Static.
- Set the IP address to another IP address that is available in the Subnet.
Let the virtual machine restart to reinitialize the networking parameters.
Alternatively, run the following commands in Azure PowerShell.
#Set the variables $SubscriptionID = "<Subscription ID>" $ResourceGroup = "<Resource Group>" $NetInter="<The Network interface of the VM>" $VNET = "<Virtual network>" $subnet= "<The virtual network subnet>" $PrivateIP = "<New Private IP>" #You can ignore the publicIP variable if the VM does not have a public IP associated. $publicIP =Get-AzPublicIpAddress -Name <the public IP name> -ResourceGroupName $ResourceGroup #Log in to the subscription Add-AzAccount Select-AzSubscription -SubscriptionId $SubscriptionId #Check whether the new IP address is available in the virtual network. Get-AzVirtualNetwork -Name $VNET -ResourceGroupName $ResourceGroup | Test-AzPrivateIPAddressAvailability -IPAddress $PrivateIP #Add/Change static IP. This process will change MAC address $vnet = Get-AzVirtualNetwork -Name $VNET -ResourceGroupName $ResourceGroup $subnet = Get-AzVirtualNetworkSubnetConfig -Name $subnet -VirtualNetwork $vnet $nic = Get-AzNetworkInterface -Name $NetInter -ResourceGroupName $ResourceGroup #Remove the PublicIpAddress parameter if the VM does not have a public IP. $nic | Set-AzNetworkInterfaceIpConfig -Name ipconfig1 -PrivateIpAddress $PrivateIP -Subnet $subnet -PublicIpAddress $publicIP -Primary $nic | Set-AzNetworkInterface
Finally, the virtual machine restarts to initialize the new NIC in the system.
Once done, check if you are able to connect using RDP.
4] Reset User Credentials
As mentioned earlier, one reason you may encounter this issue is that the user you are trying to connect to your VM with has incorrect credentials.
To reset your password in the Azure portal, follow these steps:
- Select your virtual machine (VM) from the Azure portal.
- Scroll down to the Help section at the bottom of the settings pane.
- Click the Reset password button.
- Ensure that the Mode is set to Reset password.
- Enter your username and a new password.
- Finally, click the Update button to save your changes.
Hopefully, this will do the job for you.
We hope that with the help of these solutions, your issue will be resolved.
Read: Fix Remote Desktop Error Code 0x3000046 on Windows computer
Unable to connect to Azure VM using Public IP
This error occurs when your Azure VM’s public IP address fails to accept RDP connections. This can be due to NSG misconfiguration, i.e, no inbound rule allowing TCP port 3389 (RDP) from your IP, or if a higher-priority “Deny” rule overrides the RDP rule. You can check the solution above to resolve this issue.
Another reason could be that the VM has no public IP, or it’s detached or disabled, or if the public IP is dynamic and has changed after the VM restart. We recommend switching to a Static Public IP instead. You can refer to the third solution to see how to achieve the same result.
Read: In-place upgrade is not supported on Azure Virtual Machines
How to RDP into Azure ad joined VM?
If you want to RDP into an Azure-AD joined VM, follow the solution mentioned below.
- Use Azure AD credentials (e.g., [email protected]) instead of a local VM username/password.
- Assign the “Virtual Machine User Login” or “Virtual Machine Administrator Login” role to your Azure AD account via Azure Portal (VM → Access Control (IAM) → Add role assignment).
- Connect via a modern RDP client (Windows 11/10 or macOS) that supports Azure AD authentication, select More choices > Use a different account, and sign in with your Azure AD credentials.
Also Read: Azure Virtual Machine (VM) is shutting down or stopping unexpectedly.
