I am having the same exact issue that Dirk was having in this post. Our situations sound almost identical. Unfortunately, that question was never answered and the post was closed, so I am re-asking the same question.
From what I have found elsewhere, some users are using SNAT for their SSL VPN clients when attaching to XG in Azure to allow access to LAN resources. I was able to have success doing that, but we don't have to use SNAT for our SSL VPN clients when they connect to our on-prem network and this feels like it's a patch, not a solution. This leads me to believe it's an Azure specific issue. Routing or NSG related. The VPN is receiving the packets, but the response is not making it back to the SSL client.
Another user mentioned having user defined routes that cover the VPN ip range, but that didn't seem to help me. perhaps I added them wrong.
on the lan subnet, my UDR routes are:
0.0.0.0/0 > Virtual appliance [10.4.4.4] (ip of the lan interface of the XG router)
10.4.3.0/24 > Virtual appliance [10.4.4.4] (ip of the lan interface of the XG router) - 10.4.3.x is the IP range of the SSL VPN clients.
This thread was automatically locked due to age.
