Hi all
I have previously set up Azure S2S connections to WatchGuard XTM units. They are among the supported firewall brands. When setting up two more S2S today (on WatchGuard appliances running the latest firmware 11.8.1), the IPsec-tunnel comes up as expected, but only traffic initiated in Azure makes a successful round-trip. When trying to reach any resources in Azure thru the IPsec from on-premises, I get no reply.
The firewall shows that outgoing traffic as passing. I checked with two different ISPs and two different firewall models in order to rule out a single configuration failure. Same behavior on both installs. Further, existing S2S continue to work.
Either I have overlooked something important when creating the S2S, but this would leave me stumped since the tunnel works in one direction.
Any hint appreciated. Will post if I find out something more with WatchGuard.
/Maurice