Hi,
I have an strange issue with az firewall. We have deployed it in a hub an spoke arquitecture. We have configured different route tables that forze the traffic between different vnets and subnets thought it.
To deploy different rules we have been using ipgroups. As we have been reading there is an explicit rule that if there is no rule that match,traffic will be dropped.
Surpringly we have discovered that machines could connect to SQL server wherever it's are located, traffic is not allowed in firewall rules, but all VMS frontend could connect to databases. There are configured an explicit rule in all route tables for every subnet that forze route default 0.0.0.0 to the appliance.
Also, as firewall level log, this traffic is not matched and neither logged, but having a looked at network trace, we could check that traffic goes to firewall.
Have anyone had any problem similar to it? We have also thought that there could be a bug or issue using ipgroups instead of numerical ips, but we haven't found any answer or idea about it.
I'll appreciate your suggestions.
Thanks