Hello @Mark McGookin ,
Welcome to Microsoft Q&A Platform. Thank you for reaching out & hope you are doing well.
I understand that you would like to configure forced tunneling on your Azure P2S VPN and get a static IP address for external/Internet connectivity.
Forced tunneling is generally not supported for Azure P2S VPN unless you use Azure Firewall Manager. If you secure internet traffic via Firewall Manager, you can advertise the 0.0.0.0/0 route to your VPN clients. This makes your clients send all internet bound traffic to Azure for inspection. Then, firewall SNATs the packet to the PIP of Azure Firewall for egress to Internet.
Please note that to advertise 0.0.0.0/0 route to your VPN clients, you need to break them into two smaller subnets 0.0.0.0/1 and 128.0.0.0/1 as mentioned in the below document:
Refer : https://learn.microsoft.com/en-us/azure/vpn-gateway/vpn-gateway-p2s-advertise-custom-routes#forced-tunneling
You have deploy a secured virtual hub with firewall manager and add the P2S VPN Gateway to allow your egress traffic that will be controlled by a firewall policy.
Refer : https://learn.microsoft.com/en-us/azure/firewall-manager/secure-cloud-network
You can refer the below doc which explains how to configure forced tunneling for Virtual WAN Point-to-site VPN and take inputs on the configuration:
https://learn.microsoft.com/en-us/azure/virtual-wan/how-to-forced-tunnel
Another reference for you:
https://learn.microsoft.com/en-us/answers/questions/689877/index.html
Kindly let us know if the above helps or you need further assistance on this issue.
----------------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.