Seperating DMZ, WLAN and LAN using VLAN and transparent firewall
I am really puzzled how to achieve the following:
I have several Clients belonging to the same subnet.
All are connected via NAT-Router to the internet.
I want pfSense to act as a firewall between the clients and the internet and between the clients itself, meaning I want to restrict access from a specific client to others. It is like restricting access from DMZ to LAN/WLAN and restricting access from WLAN to LAN, but with all clients belonging to the same subnet. My idea is to segregate the clients by assigning them to VLAN's.
Is this possible configuring pfSense as transparent firewall ?!?
Is it possible to combine VLAN's with a transparent firewall ?!?
If so, where to assign IP's (VLAN, Bridge, …) and where to place the DHCP-Service (every VLAN, Bridge, ...)?
Any help appreciated... ;)