Hi @Arvind Dige
I'm going to refer you to Integrate your app with an Azure virtual network - Azure App Service | Microsoft Learn Routing app settings. From what you've stated, it sounds like you enabled access restrictions from the internet but haven't configured vnet routing between your front end and backend. On the Access Restrictions blade, make sure an additional rule was added that allows traffic from the subnet vnet that your frontend app service is configured to.
You could also use the Network/Connectivity troubleshooter and/or Collect a Network Trace under the Diagnose and solve problems blade to further investigate any configuration errors. Personally, even though nslookup worked from ssh, I would update your frontend app to use the private IP and see if the traffic is flowing to rule out DNS and routing. If that works, then you know you have a configuration issue somewhere. Another thing to check, for sanity's sake, is for any identity providers on the Authentication blade of the backend app service. That could also result in a 403.