Hello @Brad ,
If you are new to Azure, there are some best practices and documentation you should review before you continue.
First, make sure to keep your SQL server & IIS server off of the OS drive. Put them on data drives (not the temp drive D:/) is the best practice in Azure.
Depending upon your SQL & IIS load, you might also want to consider running SQL & IIS on different VMs. I know this will double your VM need to 4 VMs, but it might be necessary for performance depending upon the load. You can also check out Azure SQL DB!. Here is a great doc about Azure SQL server on VM best practices.
To begin, Here is a how-to article about setting up an Always on Availability Group for SQL on Azure VMs. This can be a complicated process and has a lot of limits in what you can do inside Azure, so I highly recommend following and beginning with this doc.
For your 2nd question, This is a setup that you can do, but keep in mind that Azure Firewall creates an asymmetric routing issue, and Here is a doc that describes how to integrate an Azure Load Balancer with an Azure firewall. I would highly recommend reading the azure sql docs for more info on best practices. Here is also a great Azure Architecture center doc around generalized web applications using Azure SQL.