We have a Azure hosted Watchguard Firebox, we've added a additional NIC and configured the routes etc. as required but can't successfully connect through the firebox to resources on this optional network.
Watchguard support has confirmed that the firebox is configured accordingly and we can see the packets arrive from the internet get processed by the firebox and sent to the correct network interface but they never arrive at the destination VM, packet capture in azure confirms the packets do not arrive at the intended VM's nic. The diagnostics tools in the firebox are able to ping the destination.
How can I trace the cause of these packets being dropped and resolve the issue.