Справочник Пользователя для SonicWALL 5.8.1

By creating an access rule, it is possible to allow access to a management IP address in one 
zone from a different zone on the same SonicWALL appliance. For example, you can allow 
HTTP/HTTPS management or ping to the WAN IP address from the LAN side. To do this, you must 
create an access rule to allow the relevant service between the zones, giving one or more explicit 
management IP addresses as the destination. Alternatively, you can provide an address group that 
includes single or multiple management addresses (e.g. WAN Primary IP, All WAN IP, All X1 
Management IP) as the destination. This type of rule allows the HTTP Management, HTTPS 
Management, SSH Management, Ping, and SNMP services between zones.

Access rules can only be set for inter-zone management. Intra-zone management is 
controlled per-interface by settings in the interface configuration

To create a rule that allows access to the WAN Primary IP from the LAN zone:

On the Firewall > Access Rules page, display the LAN > WAN access rules.

Click Add to launch the Add window.

Select Allow from the Action settings.

Select one of the following services from the Service menu:

Select Any from the Source menu.

Select an address group or address object containing one or more explicit WAN IP addresses 
from the Destination menu.

Do not select an address group or object representing a subnet, such as WAN 
Primary Subnet. This would allow access to devices on the WAN subnet (already 
allowed by default), but not to the WAN management IP address.

Select the user or group to have access from the Users Allowed menu.

Select the schedule from the Schedule menu. 

Enter any comments in the Comment field. 

Click Add.