You have an Azure Virtual Machine (VM) named vm1 running Windows Server 2019.
Vm1 should not have a public IP address attached to it.
You need to access vm1 using a Remote Desktop Protocol (RDP) session.
What should you use?
You should use Azure Bastion. Azure Bastion is a service that you can provision in your virtual network to provide RDP and SSH connectivity to your Azure VMs without needing to attach a public IP address to your VMs. It creates a secure connection to access your VMs without having to manage network security groups to allow RDP connection to your VMs.
You should not use Azure Firewall. Azure Firewall is a managed service to centralize network security in a VM. You can use Azure Firewall to create network filtering rules without needing to deploy and manage a network virtual appliance.
You should not use virtual network peering. You can use virtual network peering to integrate two virtual networks, in the same or different Azure regions, using the Microsoft private network. You cannot use only virtual network peering to connect to a private Azure VM and start an RDP session.
You should not use Azure Front Door. Azure Front Door works as a global HTTP/HTTPS layer load balancer. It is integrated with Microsoft Content Delivery Network (CDN) and DNS-based global routing. Azure Front Door supports a range of traffic routing methods for DNS-based routing, such as a latency-based traffic routing that routes the web traffic to the closest region.