Layer 3 Splice
I have a HA set of TZ 470's 7th gen with the following configuration. We have a sub-contractor that has a TP-Link router that needs to sit behind our Sonicwall with one of our public addresses as its WAN address and complete passthrough of our public IP to their router.
X1 our public address with a /29 subnet
X0 our LAN with a few VLAN's under it
X4 Zone created for a subcontractor - Mode/IP Assignment - Address object of one of our public IP's created as an object
The TP-Link router plugged into our X4 has internet traffic flowing in and out, but we can't access the router's web GUI from the WAN. I'm assuming there needs to a static route or a nat policy put in place I'm missing but I'm having little luck on documentation for the 7th Gen firewall.
Which router web GUI are you referring to that you can't access?
Sonicwall Web GUI is working perfectly - The TP-Link on X4 is the router we can't access from the WAN
First make sure the TP Link not configured with bridge-mode. If its bridge-mode you cannot access the TPlink from WAN.
Once the Bridge-mode enable on the back-end router, all WAN traffic is handling by Sonicwall X4 interface. For accessing the X4 Wan interface from public, You would have to enable the X4 interface HTTPS management port.
If your TP-Link configured with WAN IP & you want access that IP from WAN, You must have to enable the remote access in TPlink. For that navigate to the Security-->Remote Management and enable and save the settings.
The TP-Link does not have Bridge Mode enabled. It has one of our public IPs static in the WAN side of it. We want the web management port (80,443) to go to the web GUI over the TP-Link, not the SonicWall. Our Vendor also has some custom port forwards set in the TP-link down to devices behind it that don't appear to be working either.
let me google that for you...
Most importantly did you create an access rule allowing any traffic from the WAN to the new subcontractor zone?