Hi

I have an HPE Proliant with 4 Network Cards.
At Router level, NIC 1 is on ‘INSIDE’ (vlan2) and NIC 2 is on DMZ (vlan 10) with no ACL Permitting communication.

NIC 1 is the Debian host itself… NIC 2 (vlan 10) is for [a] VM for a Email Server. I have done pass through, direct, private etc but no matter what I do, NIC 2 keeps pinging and connecting to the ssh on NIC 1 (vlan 2).

At Router level I am confident this is not possible as there are NO ACL’s, Firewall permissions allowing it, so this routing must be happening on Debian, being all NICS’s reside there.
Is there a way to simply NOT let NIC 2 see or talk to NIC 1?

But here’s the thing….. once I know they are completely isolated, I THEN want to allow specific access from NIC 1 to NIC 2 VIA those Router ACL’s and Rules. I know it’s weird but the point is NIC 2 is supposed to be in a DMZ and should NOT have connectivity unless given, so it’s more the vulnerability aspect I am concerned with… if ssh and ping work when it shouldn’t, what else is? At least by 100% isolating them, I can then build the secure connections with confidence.

You need to disclose the network topology of your VM (host and guest networks). Are you using VMware or something else?