VLAN help needed
I want to setup a situation where I can create an IPSEC VPN back to work and isoloate it internally so only my work laptophas access. I have an internal switch which has several VLANs - Outside, Inside, Work, DMZ. These are non-routable (even though it does Layer3 if I want it to).
3 NICS - WAN, LAN, DMZ
The issue is with the LAN interface. I setup 2 VLANs. On my internal switch, I am running a port with the Inside network untagged and the Work subnet Tagged which I plugged my LAN interface into. My machines plug into the associated untagged port for each VLAN.
What I don't understand is how I isolate my work traffic. On another device (Juniper), it had its own port with its own subnet. I could of course achieve the same with a 4th card but prefer to try it this way instead.
I guess my question would also apply if I wanted to VLAN off my Inside and DMZ - not sure how the routing works.
Thanks for any help/suggestions.