We have two public subnets currently in use in a Sonicwall and are moving them to an XG.
WAN
.67.180/22
DMZ
.68.192/26
The WAN interface is on .67.182. The DMZ interface is on .68.193.
On the Sonicwall, the DMZ interface has a 0.0.0.0 gateway and servers in that subnet get .68.193 as their gateway. There is an auto-added "NAT" policy for the interface by enabling "Use routed mode", which says "don't do NAT translation and route DMZ to WAN".
We're not sure how to do this on the XG, make the WAN port route traffic in/out the DMZ. There is some inward access from DMZ to a few services in the LAN and LAN can hit the DMZ directly. I've seen suggestions in this thread and the one linked in it that it's achievable.
This thread was automatically locked due to age.