I'm on this same track too. It's all a routing issue due to those
default routes that Azure creates. I have the new route tables built, I
just need to wait for some planned downtime to flip them over and
disable NAT.
I am having this exact issue and am uncertain how to overcome it. My
server hosted at Azure also needs to be able to see the original IP of
the agents connecting in, but it only shows the private IP of the FGT's
WAN interface, which is associated to ...
