Network watcher limitation

JackStromberg · web-flow · commit 330ac3605078 · 2023-04-19T00:49:48.000-05:00
diff --git a/articles/application-gateway/application-gateway-private-deployment.md b/articles/application-gateway/application-gateway-private-deployment.md
@@ -355,6 +355,10 @@ AGIC v1.7 must be used to introduce support for private frontend IP only.
 
 If Application Gateway has a backend target or key vault reference to a private endpoint located in a VNet that is accessible via global VNet peering, traffic is dropped, resulting in an unhealthy status.
 
+### Network watcher integration
+
+Connection Troubleshoot and NSG Diagnostics will return an error when running check and diagnostic tests.
+
 ### Coexisting v2 Application Gateways created prior to enablement of enhanced network control
 
 If a subnet shares Application Gateway v2 deployments that were created both prior to and after enablement of the enhanced network control functionality, Network Security Group (NSG) and Route Table functionality is limited to the prior gateway deployment. Application gateways provisioned prior to enablement of the new functionality must either be reprovisioned, or newly created gateways must use a different subnet to enable enhanced network security group and route table features.
