I'm working on a Cisco home network so I can increase my overall networking skills. This should be an easy question for you gurus. I have a Cisco PIX 501 and I want to set up three completely different subnets internally. I would like each of these subnets to have different rules in the firewall. example follows:
10.1.100.0 255.255.255.0 DMZ1 with my web server (this server will be natted through the firewall) and can only be reached by coming in the firewall or through my home computer. I dont want people to be able to access this server from my access point
10.1.200.0 255.255.255.0 DMZ2 with my wireles access point. I want this to be able to go out to the internet but not reach my home computers or my web server in DMZ1
10.1.300.0 255.255.255.0 inside with my home computers. I want this to be able to reach the internet and DMZ1 where my web server sits but not the DMZ2.
The PIX 501 has an external ethernet interface and an internal ethernet interface. the internal ethernet interface has a 4 port built in. There are no other ports on the firewall except the console port.
So to my question: How many routers do I need to make this happen? And what kind? I was looking at Cisco 2501 but they dont appear to have any way to interface with the PIX. I'm sorry this is basic stuff, but I'm just getting in to this field. I would assume the routers have to have ethernet inputs and ethernet outputs to do what i am asking but im not sure which routers i can use to do this. Will a cisco 2505 work? Any help will be appreciated.
To further help.... I have uploaded a picture of what I am trying to accomplish. Check out this image to see what I am trying to explain poorly in this question: