Sonicwall route policies / address objects

I am setting up a SonicWall TZ100 and have a few questions regarding the meaning of some of the address objects and how they work in route policies.  For example, here are the default route policies showing:

       Source                                Destination                           Service     Gateway                   Interface
 1    Any                                     255.255.255.255/32             Any            0.0.0.0                     X0  
 2    Any                                     Default Gateway                    Any            0.0.0.0                     X1    
 3    Any                                     LAN Primary Subnet             Any            0.0.0.0                     X0      
 4    Any                                     WAN Primary Subnet            Any            0.0.0.0                     X1    
 5    WAN Primary Subnet          Any                                        Any            Default Gateway     X1      
 6    Any                                     0.0.0.0/0                                 Any            68.175.1.1               X1

X0 is the LAN, and X1 is the WAN.

So here are my questions:
1.  What is the technical definition of 'ANY'?  I ask this because rule 1 makes no sense to me.

2.  Rule 1:  What is the meaning of 255.255.255.255/32?

3.  Rule 1:  Gateway 0.0.0.0 - If the above was broadcast, why would it try to broadcast it to 0.0.0.0, or presumably the internet, especially since it won't work anyway?
B1izzardAsked:
Who is Participating?

Improve company productivity with a Business Account.Sign Up

x
 
digitapConnect With a Mentor Commented:
When I need to explain the default route policies on a SW firewall, I always refer to this KB:http://www.fuzeqna.com/sonicwallkb/consumer/kbdetail.asp?kbid=5108Please review and post any followup questions.  Hope it helps!
0
 
chirkwareConnect With a Mentor Commented:
1.  You can specify specific services you wish to allow to run through certain interfaces.  For instance, if you had a web server, you would route HTTP (port 80) to the IP address of the Web Service .  "Any", means Any...any and every service is routed the same way.  Unless/until you route traffic differently for different services (email server, web server, etc), you'll see "Any" a lot.

2.  255.255.255.255/32 would be broadcasts.  The destination of X0 keeps them in your LAN.  

3.  A gateway of 0.0.0.0 is a default route...Having it there simply says your not routing broadcast traffic to a specific gateway.  Again, the X0 keeps it in the LAN.  If the Interface were X1, then, yes, it would be trying to shove it onto whatever is connected to X1 (I presume a router/modem from your ISP).  

Nice devices, Sonicwalls.  I kind of miss them as my current position uses other gear.  I presume this SonicWall is running OS Enhanced, much more complex than the old OS Standard, but incredibly flexible, especially for routing.  I would advise running their wizards as you setup routing/firewall rules until you get the hang of what they are doing, and note the changes it makes.  That will help you understand the interface better.  Also do a good backup before any major changes...that probably kept me from getting fired a time or two, as I managed to brick a couple of them (though, in most cases, not so bad that I couldn't default them and restore the backup).  

Good luck!
0
 
B1izzardAuthor Commented:
Excellent info.  Thanks!
0
 
digitapCommented:
Your welcome and thanks for the points!
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.