I am trying to implement pvlans in our network and here is the simple description what I want to accoplish
I have a subnet 10.24.224.0/21 allocated for a DMZ subnet.
I configured the firewall interface as the promiscuous port.
I have 2 types of remote users (one using VPN and the other using Citrix) and I assigned a community vlan.
I also have some web servers, FTP servers and DNS servers. I want to assign these ports as isolated ports.
I have little confusion about isolated ports. When I assign the DNS server port as an isolated port, will it affect any queries directed towards it? I want external users and internal users to do a nslookup against this DNS server. In this case, do I need to configure this port as isolated or promiscuous?
Any help would be appreciated.