Configure Secure RDP Using a Windows Bastion Host
For this Challenge Lab you must complete a series of tasks within a limited time period. Instead of following step-by-step instructions, you'll be given a scenario and task - you figure out how to to complete it on your own! An automated scoring system (shown on this page) will provide feedback on whether you have completed your tasks correctly.
To score 100% you must complete all tasks within the time period!
When you take a Challenge Lab, you will not be taught GCP concepts. You'll need to use your advanced Google Compute Engine (GCE) skills to assess how to build the solution to the challenge presented. This lab is only recommended for students who have GCE skills. Are you up for the challenge?
- Create a new VPC to host secure production Windows services.
- Create a Windows host connected to a subnet in the new VPC with an internal only network interface.
- Create a Windows bastion host (jump box) in with an externally accessible network interface.
- Configure firewalls rules to enable management of the secure Windows host from the Internet using the bastion host as a jump box.
Join Qwiklabs to read the rest of this lab...and more!
- Get temporary access to the Google Cloud Console.
- Over 200 labs from beginner to advanced levels.
- Bite-sized so you can learn at your own pace.
A new non-default VPC has been created
The new VPC contains a new non-default subnet within it
A firewall rule exists that allows TCP port 3389 traffic ( for RDP )
A Windows compute instance called vm-bastionhost exists that has a public ip-address to which the TCP port 3389 firewall rule applies.
A Windows compute instance called vm-securehost exists that does not have a public ip-address
The vm-securehost is running Microsoft IIS web server software.