This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Buy or Renew
Buy or Renew

Setting static Management interface IP in Azure VM NGFW

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 

Setting static Management interface IP in Azure VM NGFW

Adrian_Jensen
L6 Presenter

‎03-23-2026 04:03 PM

Is there any way to set a static Management interface IP with PanOS 12.1 in Azure VM? There are no options in the GUI, just a show DHCP client information window. From the CLI, a static IP/GW/DNS can be set in the config and commits without error, but it does not apply to the interface. Any attempt to "set deviceconfig system type static" results in an error when committing:

Invalid configuration. Please fix errors and try again.

 

It appears that this is simply not an option in an Azure VM, but I can't find that documented anywhere. The closest I can find is this old thread that doesn't have a follow-up.

https://live.paloaltonetworks.com/t5/general-topics/settings-missing-in-management-interface/td-p/42...

 

0 Likes Likes
4 REPLIES 4

TomYoung
Cyber Elite

‎03-23-2026 04:26 PM

Hi @Adrian_Jensen ,

 

All interfaces in Azure obtain their IP addresses via DHCP.  This requirement is on the bottom of page 35 of the deployment guide -> https://www.paloaltonetworks.com/resources/guides/azure-transit-vnet-deployment-guide.

 

They don't really give a reason, but I am pretty sure that is how Azure knows how to forward packets to the IP address.  It must assign the IP address via DHCP, and then it adds the IP to its forwarding table.

 

Thanks,

 

Tom

 

 

 

 
 

 

 

 

 

Help the community: Like helpful comments and mark solutions.

Adrian_Jensen
L6 Presenter
In response to TomYoung

‎03-23-2026 04:46 PM

Hmmmm... that's weird and can't really find it anywhere else as a hard limit. The Azure template allows me to assign DHCP or static IPs to both the Management and dataplane interfaces:

2026-03-23_163919.png

 

Step 7 in the 11.1 VM-Series Deployment Guide for firewalls on Azure shows using DHCP or static IPs on the dataplane, though I can't find anything about IPs on the Management interface.

https://docs.paloaltonetworks.com/vm-series/11-1/vm-series-deployment/set-up-the-vm-series-firewall-...

 

 

0 Likes Likes

TomYoung
Cyber Elite

‎03-23-2026 04:50 PM

Oh, well!  I thought I found it for you.  It's been a while since I have done it, and I don't remember it that well.

Help the community: Like helpful comments and mark solutions.
0 Likes Likes

Adrian_Jensen
L6 Presenter

‎03-24-2026 09:47 AM

I am find all sorts of other stuff that apparently doesn't work in Azure VM instances, such as no way to override default Security Policies (to add logging). You can click the Override button and make a change, but clicking OK does nothing, you can't actually save the change. Is there any documentation about what doesn't work in a VM instance?

0 Likes Likes
  • 741 Views
  • 4 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2026 - Palo Alto Networks