I am running Windows Small Business Server 2k3. I have a vpn setup using remote access and the windows xp client. Everything on the vpn is working fine. The problem I am having is restricting access to the mobile users group. I have 1 client that needs access to remote desktop through the vpn and that works fine. I don't want the other 3 clients to have access to remote desktop at all. I also don't want them to have any access to the few file shares I have inside the network. Actually the only access they need is to the internal webserver and my MS sql server via access. Any help would be greatly appreciated. Thanks.