diff --git a/cni/network/invoker_cns.go b/cni/network/invoker_cns.go
index 5c752668b9..02e0ce7351 100644
--- a/cni/network/invoker_cns.go
+++ b/cni/network/invoker_cns.go
@@ -362,9 +362,9 @@ func getRoutes(cnsRoutes []cns.Route, skipDefaultRoutes bool) ([]network.RouteIn
 		}
 
 		gw := net.ParseIP(route.GatewayIPAddress)
-		// if gw == nil && skipDefaultRoutes {
-		// 	return nil, errors.Wrap(errInvalidGatewayIP, route.GatewayIPAddress)
-		// }
+		if gw == nil && skipDefaultRoutes {
+			return nil, errors.Wrap(errInvalidGatewayIP, route.GatewayIPAddress)
+		}
 
 		routes = append(routes,
 			network.RouteInfo{
diff --git a/cns/middlewares/k8sSwiftV2_windows.go b/cns/middlewares/k8sSwiftV2_windows.go
index 1a273a608c..09d7d15667 100644
--- a/cns/middlewares/k8sSwiftV2_windows.go
+++ b/cns/middlewares/k8sSwiftV2_windows.go
@@ -1,6 +1,7 @@
 package middlewares
 
 import (
+	"net"
 	"net/netip"
 
 	"github.com/Azure/azure-container-networking/cns"
@@ -71,9 +72,13 @@ func (k *K8sSWIFTv2Middleware) addDefaultRoute(podIPInfo *cns.PodIpInfo, gateway
 func (k *K8sSWIFTv2Middleware) addRoutes(cidrs []string) []cns.Route {
 	routes := make([]cns.Route, len(cidrs))
 	for i, cidr := range cidrs {
+		ip, _, err := net.ParseCIDR(cidr)
+		if err != nil {
+			return nil
+		}
 		routes[i] = cns.Route{
 			IPAddress:        cidr,
-			GatewayIPAddress: "", // gateway IP is not required for infraNIC
+			GatewayIPAddress: ip.String(),
 		}
 	}
 	return routes
diff --git a/network/endpoint_windows.go b/network/endpoint_windows.go
index edd52327f2..5b5efbd3ec 100644
--- a/network/endpoint_windows.go
+++ b/network/endpoint_windows.go
@@ -333,8 +333,15 @@ func (nw *network) configureHcnEndpoint(epInfo *EndpointInfo) (*hcn.HostComputeE
 	}
 
 	for _, route := range epInfo.Routes {
+		nextHop := route.Gw.String()
+		// If the route is for the frontend NIC, the next hop should be empty.
+		// This is because the containerd does not require next hop to configure route and the expected route entry on lcow should be like:
+		// 10.224.0.0/12 dev eth0
+		if epInfo.NICType == cns.NodeNetworkInterfaceFrontendNIC {
+			nextHop = ""
+		}
 		hcnRoute := hcn.Route{
-			NextHop:           route.Gw.String(),
+			NextHop:           nextHop,
 			DestinationPrefix: route.Dst.String(),
 		}