Hello @Andy N ,
Azure Front Door wont work in your case, as Front Door needs a public VIP or a publicly available DNS name to route the traffic to. Since ASE ILB is an App Service Environment with a private endpoint (that is, an internal load balancer), it doesn't meet the pre-requisite.
In your setup requirement, the best approach would be integrating your ILB App Service Environment with an Azure Application Gateway.
The integration of the application gateway with the ILB App Service Environment is at an app level. When you configure the application gateway with your ILB App Service Environment, you're doing it for specific apps in your ILB App Service Environment. This technique enables hosting secure multi-tenant applications in a single ILB App Service Environment.
You can refer the below article for step by step process:
https://learn.microsoft.com/en-us/azure/app-service/environment/integrate-with-application-gateway
Kindly let us know if the above helps or you need further assistance on this issue.
----------------------------------------------------------------------------------------------------------------
Please "Accept the answer" if the information helped you. This will help us and others in the community as well.