<br />I'm trying to configure a VLAN on my PIX 535 and applying ACLs that will allow me to restrict anyone on that VLAN to the Internet only and our web servers in the DMZ.
<br />I'm not a security expert, so I don't know the best way to set this up.
<br />The physical connection for the VLAN (coming in from our core switches, Catalyst 6503E) is the same physical connection as the inside (gb-int0) interface.
<br />Could someone please give me an idea of what translation rules and configuration commands I should be using to create the VLAN properly and then have it routing properly and then applying ACLs to block access to the internal network (with maybe the exception of DNS) and DMZ with the exception of the web servers?
<br /><br />Thanks,
<br /><br /> -Josh