I have an ASA with one port for my LAN traffic and one port for my DMZ traffic. I used to have a switch that was dedicated only for my DMZ traffic (it died). My LAN traffic hits my Cisco WS-C3750X-24T-L which does my vlan routing. 10.x.x.x network. My DMZ traffic is on 172.x.x.x network. I have two Cisco 3560 switches. Is it possible to take the last 12 ports on the second Cisco 3560 switch and dedicate them to my DMZ traffic only. The DMZ port would plug into port 24 on that switch with servers plugging into ports 13-23. Is that possible to isolate that traffic while having my LAN traffic with different vlans on ports 1-12?
You can use your DMZ interface on ASA as a default-gateway for your dmz network. Create just vlan90, put all dmz ports on WS-C3750X-24T-S into vlan 90, just dont create interface vlan 90 and use your ASA dmz interface as a default gateway for your dmz network