Hi there, We have deployed PA-VM in Azure and there are other 4 VMs within the same vnet. There are NSGs on each interface of PA (mgmt, trusted, untrusted) and also on the VMs. There is allowed-all rule in the PA with intrazone default rule logging enabled. Ping is also enabled. There is no switch or other device between the VMs and PA. Routing table has Next hop address of PA trusted Interface. However, we have noticed that ping/tracert to Trusted interface (10.8.1x.x) from the VMs (for example, 10.8.1.3 and 10.8.2.3) are failing. Ping to 10.8.1.3 and 10.8.2.3 is successful. Tried removing the NSG but no luck. For all the VMs, Src and Dest Address is set as Any in Azure. Because of this, internal VMs cannot access the Internet. Any help would be appreciated! C:\Windows\system32>ping 10.8.1x.x Pinging 10.8.1x.x with 32 bytes of data: Request timed out. Request timed out. Request timed out. Request timed out. Ping statistics for 10.8.1x.x: Packets: Sent = 4, Received = 0, Lost = 4 (100% loss),
... View more