I want to set up a public wifi by connecting another router to the X6 interface, and put it on a separate subnet (192.168.10.0/24) & in the DMZ Zone to keep it away from the regular LAN. I believe I have the network settings correct: the router has acquired the IP and DNS information from the TZ210, and the TZ210 shows it as an active DHCP lease. X6 is in the DMZ.
I now have a routing/NAT/firewall problem, since I can't get any traffic to travel from the subnet to the internet. I can't get to any external websites and can't ping the TZ210 from the subnet. X0 is the regular LAN, and X1 is the WAN.
Looking for any tips or tutorials on this. Here's my current relevant rules:
Routing
Source: X6 Subnet
Destination: Any
Service: Any
Gateway: Default Gateway
Interface: X6
Source: Any
Destination: X6 Subnet
Service: Any
Gateway: 0.0.0.0
Interface: X6
NAT Policies
Source Original: Any
Translated: WAN IP
Destination Original: Any
Translated: Original
Inbound: X6
Outbound: X1
Source Original: Any
Translated: U0 IP
Destination Original: Any
Translated: Original
Inbound: X6
Outbound: U0
Firewall
DMZ > LAN : Deny All
DMZ > WAN : Allow All
LAN > DMZ : Allow All
WAN > DMZ : Allow All
Best Answer
You should try to plug a computer right in the X6 Interface, assign a static IP (the one you gave to the X6 Interface) and try to access the Internet from the computer. If you are able to access the Internet, then the second router might be causing the problem. If you still don't have access to the Internet, then your Sonicwall must have some misconfiguration.
Here is what I suggest:
Create a new Zone that you will call "Public" with whatever security options that you want. Then, you assign the zone to the desired Interface (in your case, X6) in the Static IP mode (192.168.10.1). Then, you create a DHCP range pre-populated to the X6 interface. Once this is done, get the MAC address of your second router and reserve the 192.168.10.2 IP in the SW DHCP. Then on your second router, assign the static IP 192.168.10.2 and set it as a DHCP relay. Then you can test with the WiFi of the wireless computer.
Regards,