Custom entry point Azure Exit-node

We have an exit-node in azure behind a nat-gateway, because we need to share the wan-ip in question.
Problem is with a Azure nat-gateway there is no inbound nat possibility, I also tried a Azure Load Balancer wich has, but somehow that also not works properly. When running the exit-node behind nothing everything goes super fast and line of sight.

But back to the issue, would it be possible to force the tailscale clients to connect to WAN2 ip to create a line of sight? I more or less already a sort of manual test:

  • In Azure portal remove exit-node from nat-gateway
  • Connect to azure exit-node
  • client has the WAN2 ip of the exit-node
  • In Azure portal add the exit-node back to the nat-gateway
  • Client now has the WAN1 ip (Azure nat-gateway frontend) and still line of sight so no traffic over DERP

Below a network drawing to make it more clear, so when conneting to a exit-node what is the first lookup for Tailscale to determine the entry point? And can this be manipulated?