Thank you for reaching outIf I understand correctly, you have three servers deployed in virtual network behind a public load balancer. Now after associating Azure Firewall to the virtual network all the sites hosted on Server1, Server2, and Server3 stopped being accessible externally/outside.
Based on my understanding above, the likely cause in this case might be due to asymmetric routing issue that can break functionality with the public load balancer scenario as documented here.
Asymmetric routing is where a packet takes one path to the destination and takes another path when returning to the source. This issue occurs when a subnet has a default route going to the firewall's private IP address and you're using a public load balancer. In this case, the incoming load balancer traffic is received via its public IP address, but the return path goes through the firewall's private IP address. Since the firewall is stateful, it drops the returning packet because the firewall isn't aware of such an established session.
If this issue was not already considered, you can follow the steps here to fix this issue. You will have to create
- A host route for the firewall's public IP address.
- A NAT rule for Firewall's Public IP and Load Balancer's Public IP.
If you have already taken the steps above, you can go through the Azure Firewall Diagnostic Logs to understand if any particular Firewall rule is blocking the communication.
Hope this helps! Please let me know if you have any additional questions. Thank you!
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.