Create a virtual machine with a static public IP address using the Azure portal
A public IP address enables you to communicate to a virtual machine from the internet.
Assign a static public IP address, rather than a dynamic address, to ensure that the address never changes.
Sign in to Azure
Sign in to the Azure portal.
Create a virtual machine
On the upper-left side of the portal, select Create a resource > Compute > Virtual machine or search for Virtual machine in the search box.
In Create a virtual machine, type or select the values in the Basics tab:
Setting Value Project Details Subscription Select your Azure subscription Resource Group Select Create new. In Name, enter myResourceGroup. Select OK. Instance details Virtual machine name Enter myVM Region Select East US Availability Options Select No infrastructure redundancy required Image Select Windows Server 2019 Datacenter - Gen1 Azure Spot instance Select No Size Choose VM size or take default setting Administrator account Username Enter a username Password Enter a password Confirm password Reenter password Public inbound ports Select Allow selected ports. Select inbound ports Select RDP (3389) Warning
Portal 3389 is selected, to enable remote access to the Windows Server virtual machine from the internet. Opening port 3389 to the internet is not recommended to manage production workloads. For secure access to Azure virtual machines, see What is Azure Bastion?
Select the Networking tab, or select Next: Disks, then Next: Networking.
In the Networking tab, select or enter:
Setting Value Network interface Virtual network Accept the default network name. Subnet Accept the default subnet configuration. Public IP Select Create new. In Create public IP address, in name enter myPublicIP. For SKU, select Standard. Assignment, select Static. Select OK. NIC network security group Select Basic Public inbound ports Select Allow selected ports. Select inbound ports Select RDP (3389) Select Review + create.
Review the settings, and then select Create.
Note
Azure provides an default outbound access IP for Azure Virtual Machines which aren't assigned a public IP address, or are in the backend pool of an internal Basic Azure Load Balancer. The default outbound access IP mechanism provides an outbound IP address that isn't configurable.
For more information about default outbound access, see Default outbound access in Azure
The default outbound access IP is disabled when a public IP address is assigned to the virtual machine, or the virtual machine is placed in the backend pool of a Standard Load Balancer with or without outbound rules. If a Azure Virtual Network NAT gateway resource is assigned to the subnet of the virtual machine, the default outbound access IP is disabled.
Virtual machines created by Virtual Machine Scale sets in Flexible Orchestration mode don't have default outbound access.
For more information about outbound connections in Azure, see Using Source Network Address Translation (SNAT) for outbound connections.
Clean up resources
When no longer needed, delete the resource group and all of the resources it contains:
Enter myResourceGroup in the Search box at the top of the portal. When you see myResourceGroup in the search results, select it.
Select Delete resource group.
Enter myResourceGroup for TYPE THE RESOURCE GROUP NAME: and select Delete.
Next steps
See Add, change, or remove IP addresses:
To change a public IP address from dynamic to static.
Work with private IP addresses.
Public IP addresses have a nominal charge. There's a limit to the number of public IP addresses that you can use per subscription.
The SKU of the virtual machine's public IP address must match the public IP SKU of Azure Load Balancer when added to a backend pool. For details, see Azure Load Balancer.
You can download the list of ranges (prefixes) for the Azure Public, US government, China, and Germany clouds.
Learn more about static public IP addresses.
Learn more about public IP addresses in Azure.
Learn more about all public IP address settings.
Learn more about private IP addresses and assigning a static private IP address to an Azure virtual machine.