VLAN help needed

  • I want to setup a situation where I can create an IPSEC VPN back to work and isoloate it internally so only my work laptophas access.  I have an internal switch which has several VLANs - Outside, Inside, Work, DMZ.  These are non-routable (even though it does Layer3 if I want it to).

    My setup:
    3 NICS - WAN, LAN, DMZ

    The issue is with the LAN interface.  I setup 2 VLANs.  On my internal switch, I am running a port with the Inside network untagged and the Work subnet Tagged which I plugged my LAN interface into.  My machines plug into the associated untagged port for each VLAN.

    What I don't understand is how I isolate my work traffic.  On another device (Juniper), it had its own port with its own subnet. I could of course achieve the same with a 4th card but prefer to try it this way instead.

    I guess my question would also apply if I wanted to VLAN off my Inside and DMZ - not sure how the routing works.

    Thanks for any help/suggestions.

Log in to reply