Create a virtual machine with a static public IP address using the Azure portal, Azure PowerShell, or Azure CLI
Artikkel
In this article, you create a virtual machine (VM) with a static public IP address. A public IP address enables you to communicate to a VM from the internet. Assign a static public IP address, rather than a dynamic address, to ensure the address never changes.
Public IP addresses have a nominal charge. There's a limit to the number of public IP addresses that you can use per subscription.
Azure PowerShell installed locally or Azure Cloud Shell.
If you choose to install and use PowerShell locally, this article requires the Azure PowerShell module version 5.4.1 or later.
Run Get-Module -ListAvailable Az to find the installed version.
If you need to upgrade, see Install Azure PowerShell module. If you're running PowerShell locally, you also need to run Connect-AzAccount to create a connection with Azure.
If you prefer to run CLI reference commands locally, install the Azure CLI. If you're running on Windows or macOS, consider running Azure CLI in a Docker container. For more information, see How to run the Azure CLI in a Docker container.
If you're using a local installation, sign in to the Azure CLI by using the az login command. To finish the authentication process, follow the steps displayed in your terminal. For other sign-in options, see Sign in with the Azure CLI.
When you're prompted, install the Azure CLI extension on first use. For more information about extensions, see Use extensions with the Azure CLI.
Run az version to find the version and dependent libraries that are installed. To upgrade to the latest version, run az upgrade.
This tutorial requires version 2.0.28 or later of the Azure CLI. If using Azure Cloud Shell, the latest version is already installed.
Create a virtual machine with a static public IP address
In this section, you create a virtual machine with a static public IP address using the Azure portal, Azure PowerShell, or Azure CLI. Along with the virtual machine, you create a public IP address and the other required resources.
In the search box at the top of the portal, enter Virtual machine.
In the search results, select Virtual machines.
Select + Create, then select Azure virtual machine.
In Basics tab of Create a virtual machine, enter or select the following:
Setting
Value
Project Details
Subscription
Select your Azure subscription
Resource Group
Select Create new. In Name, enter myResourceGroup. Select OK.
Instance details
Virtual machine name
Enter myVM.
Region
Select East US.
Availability Options
Select No infrastructure redundancy required.
Security type
Select Standard.
Image
Select Windows Server 2019 Datacenter - x64 Gen2.
Size
Choose VM size or take default setting.
Administrator account
Username
Enter a username.
Password
Enter a password.
Confirm password
Reenter password.
Public inbound ports
Select Allow selected ports.
Select inbound ports
Select RDP (3389).
Warning
Port 3389 is selected to enable remote access to the Windows Server virtual machine from the internet. Opening port 3389 to the internet is not recommended to manage production workloads. For secure access to Azure virtual machines, see What is Azure Bastion?.
Select the Networking tab, or select Next: Disks, then Next: Networking.
In the Networking tab, enter or select the following:
Setting
Value
Network interface
Virtual network
Accept the default network name.
Subnet
Accept the default subnet configuration.
Public IP
Select Create new. In Create public IP address, enter myPublicIP in Name. SKU: select Standard. Assignment: select Static. Select OK.
NIC network security group
Select Basic
Public inbound ports
Select Allow selected ports.
Select inbound ports
Select RDP (3389)
Note
The SKU of the virtual machine's public IP address must match the public IP SKU of Azure public load balancer when added to the backend pool of the load balancer. For details, see Azure Load Balancer.
Select Review + create.
Review the settings, and then select Create.
Warning
Do not modify the IP address settings within the virtual machine's operating system. The operating system is unaware of Azure public IP addresses. Though you can add private IP address settings to the operating system, we recommend not doing so unless necessary. For more information, see Add a private IP address to an operating system.
Note
Azure provides a default outbound access IP for VMs that either aren't assigned a public IP address or are in the backend pool of an internal basic Azure load balancer. The default outbound access IP mechanism provides an outbound IP address that isn't configurable.
The default outbound access IP is disabled when one of the following events happens:
A public IP address is assigned to the VM.
The VM is placed in the backend pool of a standard load balancer, with or without outbound rules.
The following command creates a Windows Server virtual machine. You enter the name of the public IP address created previously in the -PublicIPAddressName parameter. When prompted, provide a username and password to be used as the credentials for the virtual machine:
For more information on public IP SKUs, see Public IP address SKUs. A virtual machine can be added to the backend pool of an Azure Load Balancer. The SKU of the public IP address must match the SKU of a load balancer's public IP. For more information, see Azure Load Balancer.
View the public IP address assigned and confirm that it was created as a static address, with Get-AzPublicIpAddress:
## Retrieve public IP address settings. ##
$ip = @{
Name = 'myPublicIP'
ResourceGroupName = 'myResourceGroup'
}
Get-AzPublicIpAddress @ip | Select "IpAddress","PublicIpAllocationMethod" | Format-Table
Warning
Do not modify the IP address settings within the virtual machine's operating system. The operating system is unaware of Azure public IP addresses. Though you can add private IP address settings to the operating system, we recommend not doing so unless necessary, and not until after reading Add a private IP address to an operating system.
Note
Azure provides a default outbound access IP for VMs that either aren't assigned a public IP address or are in the backend pool of an internal basic Azure load balancer. The default outbound access IP mechanism provides an outbound IP address that isn't configurable.
The default outbound access IP is disabled when one of the following events happens:
A public IP address is assigned to the VM.
The VM is placed in the backend pool of a standard load balancer, with or without outbound rules.
The following command creates a Windows Server virtual machine. You enter the name of the public IP address created previously in the -PublicIPAddressName parameter. When prompted, provide a username and password to be used as the credentials for the virtual machine:
For more information on public IP SKUs, see Public IP address SKUs. A virtual machine can be added to the backend pool of an Azure Load Balancer. The SKU of the public IP address must match the SKU of a load balancer's public IP. For more information, see Azure Load Balancer.
View the public IP address assigned and confirm that it was created as a static address, with az network public-ip show:
az network public-ip show \
--resource-group myResourceGroup \
--name myPublicIP \
--query [ipAddress,publicIpAllocationMethod,sku] \
--output table
Warning
Do not modify the IP address settings within the virtual machine's operating system. The operating system is unaware of Azure public IP addresses. Though you can add private IP address settings to the operating system, we recommend not doing so unless necessary, and not until after reading Add a private IP address to an operating system.
Note
Azure provides a default outbound access IP for VMs that either aren't assigned a public IP address or are in the backend pool of an internal basic Azure load balancer. The default outbound access IP mechanism provides an outbound IP address that isn't configurable.
The default outbound access IP is disabled when one of the following events happens:
A public IP address is assigned to the VM.
The VM is placed in the backend pool of a standard load balancer, with or without outbound rules.