I have setup a 2012 R2 Server with RRAS and a single NIC behind my sonicwall. I am replacing a 2003 Server that handled RRAS and worked perfectly handling access to the infrastructure via PPTP VPN. I can connect to the new server via RRAS.
What is failing is the restriction of access to network resources. We only want the end user to be able to access systems by name, using the RDP protocol. We do not want File share access, and we do not want ping responses or any other type of traffic.
I have tried to setup IP filters in a new NPS policy restricting TCP and UDP ports 137,138,139 and 445 and ICMP. I can still access the File shares on systems by FQDN or IP across the RRAS. We are relaying DHCP to our internal DHCP server.
Any ideas how to STOP SMB file sharing?