Hello @Jan Michalski ,
Welcome to Microsoft QnA.
May I know how have you deployed the AGIC in your cluster? Have you used Helm charts?
Is your Application gateway being shared by AGICs?
If so, then you need to state shared : true in the helm-config.yaml which will configure the AGIC for AzureIngressProhibitedTarget to work correctly.
Let me know if this resolves your issue! For any queries, please feel free to reach back by dropping your comment. Thanks :)
References:
https://learn.microsoft.com/en-us/azure/application-gateway/ingress-controller-install-existing#install-ingress-controller-as-a-helm-chart
https://github.com/Azure/application-gateway-kubernetes-ingress/issues/940