Is there a newbie guide on how to configure a 3100's LAN ports for DMZ + separate private Network ?

JDL

Hi. I bought a 3100 a year ago to act a simple high peformance firewall for my new fibre ISP. On one side I have a public WAN going off to my ISP and on the other I have a private 10...* network. At the moment I have 1 static IP with them.

I also have 29 static IPs with my old UK ISP (Demon) sitting behind an ancient SonicWall SOHO-3, but Demon are closing down the service they have provided to me for 25 years, so I need to get all my servers shifted across.

The newer ISP will be providing me with 13 static IPs. Ideally, I'd like to run a DMZ on one of the 3100's LAN ports for the static public IP addresses and have a separate private 10...* network off of one of the LAN ports.

In the worse case, I could just buy a 2nd 3100 box and use that downstream of the 1st, but from reading VLAN comments here I guess it might be possible to set this up on a single 3100 by configuring the LAN ports somehow.

Is there a simple straightforward step-by-step document that explains how this can be done on a single 3100 ?

Is there some additional background reading documents that will allow me to get my head around the VLAN concepts involved ?

Rico

https://www.netgate.com/resources/videos/configuring-netgate-appliance-integrated-switches-on-pfsense-244.html
Enjoy

-Rico