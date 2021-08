I am new to the Palo Azure environment. I have everything set up with 4 Palo VM instances between an external and internal load balancer. I am having an issue with NAT where traffic from the outside will not route to my internal VNETs unless it is first Source NATed to the internal interfaces of the firewalls. The source IP needs to be retained for security reasons on the proxy and with it only logging the internal interfaces of the firewalls I cannot implement proper policy. When I set the source NAT to "none" I can see the sessions on the firewall and they show that the traffic is doing exactly what it should but nothing ever reaches the proxy. We have even gone as far as to move the proxy to the same subnet as the internal interfaces of the firewall. I am not sure if I am running up against some asymetrical routing or something else.