Sandboxed virtual network
I'm trying to create a sandboxed virtual network that has access to the internet from my physical home network/router. I have got so far but need a bit of assistance.
The pfSense firewall/router VM is configured with two virtual network adaptors, em0/WAN being the physical home network/router with an IP range of 192.168.0.x and em1/LAN being the virtual network with a network range of 192.168.1.x.
So far the router VM is working as the gateway, DHCP server and DNS forwarder but any test VMs I create can still ping IPs within the 192.168.1.x range, which I'd like to avoid as that means the virtual network isn't fully sandboxed. I have tried enabling "Block private networks" on the LAN adaptor (em1) but this seems to prevent any test client VMs from accessing the router all together, even internet access.
Can someone please point out what I am doing wrong? Am I going to have do do something with VLANs to achieve this? If so, how?