Adding WAN->LAN bridge causes heavy lag on VPN and management interface
I have a SonicWall TZ670 in a data center, hooked up to a NetGear 52 port smart switch. I'm trying to do what I thought would be a very basic set-up: give each server (all hooked into the smart switch) their own public IP from the subnet provided by the data center, and internal IP. Everything is working, except that when I attempt to create a bridge (native or L2) from the WAN to the LAN port, it assigns addresses to my servers as expected but causes the VPN and the management interface to lag extremely heavily -- they become unusable until I revert the change via CLI (which is also extremely laggy).
For the sake of example, let's say my subnet is 100.100.100.128/27. The important IPs are: *.129 is the gateway, *.132 is the IP being used for the firewall management and VPN, and *.133-*.158 should be assigned to the servers.
My in port is X8, which is a fiber optic port. The configuration is set to a static IP WAN. The static IP is set to *.132 with a subnet of 255.255.255.224 and a gateway of *.129. The single fiber optic line supplied by the DC is plugged in here.
My LAN port is X6, a copper line to the smart switch. This is set up as a static IP LAN. IP is set to 10.10.10.1, subnet 255.255.0.0, gateway 0.0.0.0. This successfully assigns internal IPs to the servers via DHCP.
I also have a second copper connection to the switch on X7 that I added after running into this issue for a couple of days, hoping it would help solve the lag issue caused by bridging (it didn't).
That all works. I can VPN in, RDP into the servers via their internal IP, set static internal and public IPs. What I cannot, for the life of me, get working is forwarding the traffic on public IPs .133-.158 to the machines.
The closest I have gotten is creating a Native Bridge on a Virtual Interface to X6 (later I tried the same directly on X7 to the same effect). This allows me to connect to the machines via RDP using the public IP as expected, however, it has the devastating side effect of making VPN unusably slow, and the firewall management console unresponsive and unusable. I found the same laggy behavior when I set the bridge up as an L2 bridge.
My current theory is that this has something to do with the VPN and management IP (.132) being included on X8 and therefore being included in the bridge, causing some kind of loop or other bad behavior. I have spent countless hours trying to figure a way to only bridge .133-.158 to the switch, hoping that would fix the issue, but have been unable to figure a way.
I'm pulling my hair out at this point; this seems like a fairly common setup case and I was expecting it to be much easier, not to spend 3 days running into the same brick wall. So if anybody who has set up similar networks could drop me a hint I'd be extremely appreciative.