How to limit a group's acces to one host inside the network

I have created a group to which I want to give access to a single server for their dev. work.  How can I limit them to just that IP?  I tried creating a filter and applying a rule for the group but they can still ping other machines.  The rule drops by default unless they try to hit the machine I want them to access.  Its like the rule isn't working.  I know I am missing something simple but I can't see it.
LVL 4
freymishAsked:
Who is Participating?
 
Alan Huseyin KayahanConnect With a Mentor Commented:
  Hi freymish
        Following is an example, I hope you find out what you have missing after comparing. Lets say that 10.18.1.100 is the inside server that you want to allow access only

ip local poo VPNpool 172.20.0.0-172.20.255.254 netmask 255.255.0.0
tunnel-group TestVPN general-attributes
 address-pool VPNpool
 default-group-policy TestPolicy

group-policy TestPolicy attributes
  vpn-filter value restrict_ACL

access-list restrict_ACL permit tcp 172.20.0.0 255.255.0.0 host 10.18.1.100 eq 3389
access-list restrict_ACL deny ip any any
       
0
 
Voltz-dkConnect With a Mentor Commented:
If it isn't a must that they need to tunnel everything, the easiest way is to make a split-tunnel for that 1 IP.
0
All Courses

From novice to tech pro — start learning today.