I have 6509 that has terminal servers as well as other types of servers connected to it. Right now I am not routing anything in 6509 and have three layer 2 vlans configured: private, dmz, terminal servers. All of those vlans are talking through PIX (different interfaces). PIX has just 10/100 cards, so it is becoming a bottleneck between terminal servers and private (all the users are running on terminal servers and access file servers, exchange , sql, etc in the private). I am thinking about moving terminal servers to the private interface of the PIX, and then using access lists on MSFC to restrict traffic between private servers and terminal servers. Are there any downsides to that? Is there a performance hit? I've read about access lists LOU limit, but that seems to be fine. I understand that with PFC everything is done in hardware.
Thanks a lot in advance>