Azure Firewall Troubleshooting Guide

Problem Statement

We faced issues with SNAT exhaustion on Azure Firewall leading to intermittent connectivity issues.

Root Cause

• Overlapping UDRs and custom DNS resolution.
• SNAT port depletion due to high volume outbound traffic.

Resolution

1. Enabled Forced Tunneling to reroute internet-bound traffic.
2. Added NAT rules to reduce port consumption.
3. Upgraded SKU and deployed additional IPs.

References

• Azure SNAT Troubleshooting
• Azure Firewall Logs via Log Analytics