Firebox T30 - interface configuration

[joecool]

Can you advise if this is the best way to separate LAN for small business / restaurant?
I would like to use the 3 physical Ethernet interfaces as follows:

Trying to do 3 different networks / interfaces on the T30 firewall:
1) 10.1.1.1/24 - trusted | office WIFI access pints
2) 10.1.10.1/24 - trusted | POS system on ethernet switch
3) 10.1.20.1/24 - trusted | SONOS music system

Don't really see the difference from trusted / optional - can you help elaborate on the modes? Also I noticed I can ping cross network. If I don't want that and just have the network separate for internet access only and not talk to other network - how to do it?

 

[Solaris17]

Also I noticed I can ping cross network. If I don't want that and just have the network separate for internet access only and not talk to other network - how to do it?

You need to configure VLANs. Good on you for looking into this. Public L2 networks are a big nono.

 

[joecool]

Public L2? I'm concerned about private LAN trusted networks.
Is it not possible to setup each port with different network as indicated?

Good tutorial for VLAN setup in my case ?

This is what im trying to accomplish:

Create separation between 3 sections of the network with T30 wachguard:

Trying to do 3 different networks / interfaces:
0 - external WAN
1 - 10.1.1.1/24 - trusted | office WIFI access points
2 - 10.1.10.1/24 - trusted | POS system on ethernet switch
3 - 10.1.20.1/24 - trusted | SONOS music system

Is this feasible to do? If not do I need to setup VLAN on the physical interface? I want different physical interfaces linked to 24-p managed switch that will handle traffic VLAN.

Is it impossible to do as I initially wanted with different network on different interface?