You are allowing "prod net rule allow any to any" - your firewall is doing exactly that!
change the rule to "allow any to !mgmt"….
Yes i know this, but id like to know can i map rules to interfaces. Eg. Packet flow
is something like this:
Packet in Int1 -> Check against int1 rules -> Packet routed to Int2 -> Check against Int2 rules.
If this is not posible i think i try to modify that Firewall: Rules page so that i cab see all my rules
in one page (like checkpoint). I think this way i can get more cleaner picture how my fw rules are checked.
Br,
Ville