Hi,
I have a question that I am hoping someone can help me with. I need to create a test environment in which there will be DNS, DHCP, AD, and other servers for a SCCM test environment, ergo the isolation from the production network. However, I do need internet access for much of the test environment. I was looking forward to doing this with RRAS and NAT, and the RRAS server is a physical box, Server 2008 R2, 3 NIC cards total.
I have followed several guides on the internet. The “public” IP address, in my case, is 192.168.1.50, mask of 255.255.255.0, gateway of 192.168.1.1, DNS primary as 192.168.1.31 and DNS alternate as 192.168.1.32. The IP of NIC 2 is 192.168.236.1, mask of 255.255.255.0 (no other configurations beyond this), and the IP of NIC 3 is 192.168.237.1, mask of 255.255.255.0 (again, no other configurations beyond this).
I have set up RRAS and NAT as per several websites, added the public interface as a public interface and interfaces 2 and 3 as private interfaces. It works well except for one thing. If I take a switch and connect it to the interface assigned to NIC 2, and then connect a PC to the switch and get an IP address in the 192.168.236.x range, I can still ping other servers in the public network (for example, ping 192.168.1.10, which is a server, from 192.168.236.40). I am able to access websites on this PC just fine.
Am I missing something? I need the 192.168.23x.x machines to be totally isolated from 192.168.1.x network, save for sharing the internet connection. What am I doing wrong?
Thanks in advance for all of your help!
A. M. Casey