Sonicwall HTTPS management from LAN using WAN IP

Solution 1:

The key appears to be that HTTP/S Management needs to be explicitly whitelisted, even if you have a firewall rule that permits regular traffic. So the entries required were:

LAN > WAN
Source: Any
Destination: All X2 Management IP
Service: HTTPS Management

A second rule for HTTP Management allowed the non-secure site to redirect to the secure one.

Thanks to TessellatingHeckler for reminding me to look harder at LAN > WAN rules.