Hello @Jani Honko ,
I understand that you wanted to know if it is possible to pass through the VPN Client IP address to the webapp when accessing it through Azure Front Door via VPN and not the client IP.
We discussed this issue in detail and collected various logs and traces but were unable to find anything concrete from the logs, so we decided to open a support request, however, you did some deeper investigations on your side and found that your VPN is configured to use split tunneling which means that not all traffic goes though it.
And because Azure Front Door IP address was not on your VPN’s remote network list, traffic to Azure Front Door was not routed through the VPN. Hence, you were seeing your local IP address and not the VPN gateway IP address when accessing the webapp through Azure Front Door via VPN.
You can allow the Azure Front Door's IP address on VPN’s remote network list to make it work.
The AzureFrontDoor.Backend service tag provides a list of the IP addresses that Front Door uses to connect to your origins.
You can download the Azure IP Ranges and Service Tags data set, which is updated regularly with the latest IP addresses for Azure Front Door and use them for whitelisting the traffic.
Kindly let us know if the above helps or you need further assistance on this issue.
----------------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.