Hi,
I have created a Windows Azure VM. I can access it via RDP over the internet. I now plan to purchase a new router and create a site-to-site VPN. Once the VPN is created I would only like to be able to access the VM across the VPN i.e. not externally via the internet.
1. Should I simply turn on the Windows Firewall on the VM and restrict it to the private RDP port?
2. Or should I delete the custom RDP settings in Azure dashboard and create a specific endpoint allowing for RD only from my internal IP range?
3. Or do both?
4. If I do either (or both), do I need to consider opening additional ports on the firewall, or an additional endpoint for other services separate from RDP.
5. Do I need to configure any ports for services such as file sharing on my physical router (VPN device) or does the open VPN tunnel allow for all traffic?
Thanks