Hello @Behrouz Azarm
Thank you for posting this!
I would like to provide my possible observations here as well as some question in order to get familiar with this case scenario.
- Are the 2 different environments or compute resources on the same region/same subscription or different subscription?
- Is this SD-WAN NVA FW is hosted as VirtualWAN environment?
- Is this SD-WAN NVA FW is hosted as hub-and-spoke topology?
-Lets suppose that you are using hub-and-spoke topology.... Are the spokes the 2 different environments stated before and the hub is hosting the SD-WAN FW?
-Lets suppose that you are using hub-and-spoke topology... Did you configure your different environments peering's as it is shown below?
Configure the peering connection in the hub to allow gateway transit.
Configure the peering connection in each spoke to use remote gateways.
Configure all peering connections to allow forwarded traffic.
-Lets suppose that you are using VirtualWAN... Did you set up the IPsec VPN's against the VirtualWAN Hub?
-Lets suppose that you are using VirtualWAN... Did you configure Hub routing preference feature?
-Are you using UDR tables(User Defined Routes) or normal IP table (System routes default behavior)?
-Are the compute resources having IP overlapping issues?
-Are you using BGP on your scenario?
-Any Network security group?
-Any inter or intra security rule configure to permit traffic between security zones?
Hope that info will be helpful to overcome this.
Looking forward to your feedback,
Cheers,
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.