Hello @Jeffrey Lucal ,
I understand that you are consistently getting 503s when connecting to Azure Front Door with IP based backend.
Could you please confirm if your Azure Front door has HTTPS-enabled endpoints?
Classic : https://learn.microsoft.com/en-us/azure/frontdoor/front-door-custom-domain-https
Standard/Premium : https://learn.microsoft.com/en-us/azure/frontdoor/standard-premium/how-to-configure-https-custom-domain
If yes, then this is by design.
Azure Front Door has a switch called EnforceCertificateNameCheck. By default, this setting is enabled. When enabled, Azure Front Door checks that the backend pool host name FQDN matches the backend server certificate's certificate name or one of the entries in the subject alternative names extension.
To resolve this issue, you need to disable "EnforceCertificateNameCheck".
Kindly let us know if the above helps or you need further assistance on this issue.
----------------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.