By setting the “Private endpoint network policy” to “Enabled” at the subnet where the Private Endpoint NIC resides, the /32 route of the Private Endpoint is getting invalid, even with a higher address range, like /24.
When using the portal to create a private endpoint, the PrivateEndpointNetworkPolicies setting is automatically disabled as part of the create process
Currently, this feature is in Public Preview, limited to some Azure Regions.


REF: Manage network policies for private endpoints – Azure Private Link | Microsoft Docs

Pantelis Apostolidis is a Cloud Solutions Architect at Microsoft and an ex Microsoft Azure MVP. For the last 15 years, Pantelis has been involved to major cloud projects in Greece and abroad, helping companies to adopt and deploy cloud technologies, driving business value. He is entitled to a lot of Microsoft Expert Certifications, demonstrating his proven experience in delivering high quality solutions. He is an author, blogger and he is acting as a spokesperson for conferences, workshops and webinars. He is also an active member of several communities as a moderator in azureheads.gr and autoexec.gr. Follow him on Twitter @papostolidis.