How to retain Public IP Address Assigned to a host on VMSeries Firewall on Azure

Showing results for 
Show  only  | Search instead for 
Did you mean: 
Please sign in to see details of an important advisory in our Customer Advisories area.

How to retain Public IP Address Assigned to a host on VMSeries Firewall on Azure

L0 Member

Hello Community,


I want to deploy Palo Alto VM Series firewall Infront of some workloads already existing on my Azure tenant and still ensure that services calling the workloads use the existing public IP Addresses assigned to these workloads when the traffic passes through the VM Series firewall.


It is easier to deploy when workloads haven't been provisioned and are not accessible via the internet using their public IP Addresses but instances where you already have a workload with an assigned public IP Address which have to disassociate from the host and assign to the VM Series firewall is a bit of a challenge. 


I havent  seen how I can reserve this public IP Address on workloads then assign them as public IP address on the VM series firewall, maybe on the secondary interface so that I can configure a destination NAT on the firewall.


Looking for support from the community on this.


Thank You!


L1 Bithead



You should have a look on the Azure Gateway Loadbalancer option


So you can keep the PIP on your exsting workload, you just need to Chain the PIP to the Gateway Loadbalancer attach to your Palo Alto, Like that the Intenet traffic will go via the FW



  • 1 replies
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!