Hello,
I have VMware ESXi in the DMZ in test lab.
The DMZ sits between an external and internal firewall see attached image.
What needs to be configured so that Host 1 and Host 2 can access the internet and LAN but cannot communicate or ping each other using saprate networks but keeping the existing ip addressing 192.168.255.0/24 for uplinks to firewalls ?
Guest Host 1 vlan 10 and Guest Host 2 vlan 20 have the same default gateway with is the external firewall. This acts as router. The switches are layer 2.
When I use vlans on on hosts they cant ping the LAN.
I was told Pvlans and Vshield enterprise is the way to go to restrict host on single /24 network.
Is vshield good enough or do I need checkpoint.
Any help appreciated.
Regards,