Network Definition (Any vs Internet IPv4 + Internet IPv6)

Sorry to bring this old thread up.......

Could somebody clarify this?

Lets say you have 4 internal interfaces and 2 external ones going to the internet (with one being tagged as the default gateway)

Would a rule INTERNAL LAN 1 > SMTP > ANY INTERNET only allow the INTERNAL LAN 1 to go out via the default gateway? As opposed to a rule of INTERNAL LAN 1 > SMTP > ANY allow INTERNAL LAN 1 to go to any interface?

I ask because when the UTM is being setup by the wizard, it allows the LAN to go to ANY rather than ANY INTERNET which may be a good idea when setting up as the UTM might not always be internet facing. However, I think there should be some kind of prompt afterwards etc to alert people to set it up with "Any Internet" as opposed to "Any"

If I follow your question, in the case of a firewall rule, there's no difference between the two traffic selectors applied to traffic going out a WAN connection. 'Internal (Network) -> SMTP -> Any' is the same as 'Internal (Network) -> SMTP -> Internet'.

In some places, like NAT rules and Remote Access definitions, choosing one or the other can have a different result.  For example in Remote Access Profiles, add "Internet" to 'Local Networks' if the VPN client should be able to access the Internet as "Any" can confuse routing.

Cheers - Bob

Hi Bob,

so just to clarify then...

If I have 2 internal lans that both nat to 1 wan. I don't want lan 1 to talk to lan 2.

lan1 > http > any     <<<< would allow lan1 to any.

lan1 > http > internet    <<< would this still allow lan1 to talk to lan2?

I would have thought the above would only allow lan1 to the internet only?

"lan1 > http > internet <<< would this still allow lan1 to talk to lan2?"- You are correct, Louis.

Cheers - Bob