Dear all 

Calling to get some help because I'm going somewhere without really knowing what I'm doing ! Just bought the Cisco SG500-28 for me at home and want to use it in L3 mode to learn the most as I can (my knowledge is more Windows servers/apps based). All network masks are /24

What I want to have :

* 3 different VLANs : 10 - Internet / 20 - Clients / 30 - Servers

* 3 different IP ranges : 192.168.10.XX (range on my Internet modem, used for external computers) / 192.168.20.XX for client computers and 192.168.30.XX for server & network devices.

* VLANs 20 & 30 needs to be able to communicate with each others. VLAN 10 needs to be "isolated"

* Use a VM as firewall between VLAN 10 & 20/30

What I've already done so far :

* Configured all VLANs

* Configured an interface on VLAN 30 (192.168.30.1)

* Configured an interface on VLAN 20 (192.168.20.1)

* Configured ESX+switch ports with tagged VLAN 10 & 30 (with the necessary vSwitches)

What I'm really lacking is :

* How to configure routing so VLANs 20/30 have access to Internet by using my firewall in VLAN 30 (address 192.168.30.6)

* How to ensure that VLAN 10 is "isolated", so no client from this network can have access to VLANs 20/30.

Hope somebody can help me a little bit, documentation is unfortunately not really helping in this matter !