Need help understanding Access Rules Source and Destination Addresses
This is something I should probably understand by now. I have a TZ400 with OS v18.104.22.168. When creating an access rule, I've always thought the Source and Destination addresses had to be within the respective From and To Zones. For example, if the From/To zones were both LAN, then both the Source and Destination addresses should be located in the LAN zones.
One of my rules is from LAN to LAN, source ANY (any address in the LAN zone) and destination is the X1 Public IP. The X1 IP is in the WAN zone, yet the rule passes traffic. I do have a loopback NAT policy defined to translate the source address to my public IP, and the destination address translates to a private server IP on my network. So, now it would appear the traffic goes from LAN to WAN and then looped back to LAN. Is it because of this loopback policy that the Access Rule considers this going from LAN to LAN, and the traffic never really goes through the WAN zone? If this is the case, could my rule be from LAN to LAN, with source ANY and destination set as my private server IP?