Hello Dear Colleagues,

I have 4 vlans and all of them are communicating on Cisco Core L3 switch. Right now, I want to put a firewall for VLAN 40 to prohibit some access to other vlans. I also have external firewall for internet access. What I want to do is to put an internal firewall for prohibit some clients to access some other hosts on other vlans. I know I can do this with ACL but this is how it is supposed to be. 

I deleted vlan 40 SVI on core switch and created it on ASA and created an access port on ASA to enable it to communicate with switch. All the traffic and interfaces should stay on core switch except vlan 40. I tried to route the traffic to ASA with trunk port and created vlan names on ASA but couldnt do it. Also checked all necessary things like ICMP inspection enabled. Routing is done like "vlan40 0.0.0.0 0.0.0.0 192.168.30.1 (vlan 30 SVI on the switch) 

I couldn't do it, tried everything. Also created vlan 2 to create a connection between SW and ASA but didnt work.

I really appreciate for any kind of help. (I was successfull when I moved all the vlan interfaces to ASA but this is not wanted)

I need your step by step instructions with even port types and routing commands etc. 

External firewall is OK, no need to configure it. All my problem is this internal firewall for this specific VLAN 40. IP routing is enabled on L3 core switch.

Thank you so much in advance.

Firewall is Cisco Firepower 1010 and switch is Cisco Layer 3 switch

vlan 10 - 192.168.10.1/24

vlan 20 - 192.168.20.1/24

vlan 30 - 192.168.30.1/24

vlan 40 - 192.168.40.1/24