Enable client access to Internal Azure Container Applications through Application Gateway

I have setup a container apps environment that is sitting within a VNET. Containers within need to be accessed externally through application gateway. Following steps in this learn.microsoft page has not given me the results I need:

https://learn.microsoft.com/en-us/azure/container-apps/waf-app-gateway?tabs=default-domain

When setup, the application gateway does its job, if I follow its public IP I get redirected to the container apps FQDN. My problem, is clients not accessing said containers. Since its behind a VNET, every request gets ERR_NAME_NOT_RESOLVED or in other words the container ip address could be found since its within private network.

From the document, in the first paragraph it says "When you host your apps or microservices in Azure Container Apps, you may not always want to publish them directly to the internet. Instead, you may want to expose them through a reverse proxy.", reverse proxy being application gateway.

How can I make my container, that is behind a VNET, accessible to outside clients that want to access it, through application gateway?

If you need any additional information just ask and I will be happy to provide it if I can.

Thank you for reading and your assistance.

When you configure a container app with the "internal" network configuration, the FQDN supplied does not work, this is only for external access. See here:

When set to internal, the environment has no public endpoint. Internal environments are deployed with a virtual IP (VIP) mapped to an internal IP address. The internal endpoint is an Azure internal load balancer (ILB) and IP addresses are issued from the custom VNet's list of private IP addresses.

You will need to set App Gateway to resolve to either the private IP of the container app, or create a private DNS zone that creates names for that IP, and then point to those names.