Below is the list of actions that were taken
Thanks for reaching out to the Sophos Community Forum.
Is there any way you could bypass the load balancer temporarily for testing purposes?
Thanks for your advice but we already tried this one. ISP direct to firewall but same thing happen
"Magic IP (18.104.22.168) is unreachable from the endpoint device via ICMP or via port 8347
Run packet capture and see one-way traffic"
that sounds much like masquerading is not done towards the internet for the client.