I want to set up a public wifi by connecting another router to the X6 interface, and put it on a separate subnet (192.168.10.0/24) & in the DMZ Zone to keep it away from the regular LAN. I believe I have the network settings correct: the router has acquired the IP and DNS information from the TZ210, and the TZ210 shows it as an active DHCP lease. X6 is in the DMZ.

I now have a routing/NAT/firewall problem, since I can't get any traffic to travel from the subnet to the internet. I can't get to any external websites and can't ping the TZ210 from the subnet. X0 is the regular LAN, and X1 is the WAN.

Looking for any tips or tutorials on this. Here's my current relevant rules:

Routing

Source: X6 Subnet Destination: Any Service: Any Gateway: Default Gateway Interface: X6

Source: Any Destination: X6 Subnet Service: Any Gateway: 0.0.0.0 Interface: X6

NAT Policies

Source Original: Any Translated: WAN IP Destination Original: Any Translated: Original Inbound: X6 Outbound: X1

Source Original: Any Translated: U0 IP Destination Original: Any Translated: Original Inbound: X6 Outbound: U0

Firewall

DMZ > LAN : Deny All

DMZ > WAN : Allow All

LAN > DMZ : Allow All

WAN > DMZ : Allow All