I want to use a ASAv to connect an internal management VLAN to many external tenant management VLANs. I do not want to allow traffic to flow between VLANs unless they flow through the firewall. I have six physical NICs (data, dirty internet and management two of ea). Thus, I want all the management VLANs trunked on the same physical NICS and thus same vSwitch. I am trying to avoid deploying many ASAv's. i.e. ASAv connects a vNIC to each VLAN. Thus, I'd like to trunk multiple external VLANs into the firewall on a single vNIC, whilst, also having the managed tenant VMs connecting to their own VLAN.
To achieve this, I'd like to create say four port groups:
VLAN 10 - external tenant 1 management VLANs
VLAN 11- external tenant 2 management VLANs
VLAN 10, 11 - external tenant 2 management VLANs Trunk - Firewall
VLAN 99 - Internal Management
Can this be done on both standard and distributed vSwitches?