Technically, the only reason you need the clients to talk to the AMS is to download settings that you apply to the computer groups, attach to their virus chest and to have reporting on them.
Sometimes, that’s not that important. The main thing is that they can get definition updates, which in any case, they will revert to Avast’s internet servers if they can’t reach the AMS.
I’d point everything to the local IP for computers that actually come back to the local LAN from time to time, and for those that don’t, I’d set it up for External IP only.