I need to create an environment using VLAN's for virtual machines. Each machine on the host will need its own subnet and vlan. I will be giving remote access to each VM via a VPN connection.
I plan to divide the 172.20.x.x network in /30 or /29 assigning each a vlan using access lists to allow each vlan to have internet access to the firewall where the vpn connection is and preventing unauthorized access to other VLANs.
I want to make sure my theory is sound before I move forward with the project.