How to limit a group's acces to one host inside the network

I have created a group to which I want to give access to a single server for their dev. work.  How can I limit them to just that IP?  I tried creating a filter and applying a rule for the group but they can still ping other machines.  The rule drops by default unless they try to hit the machine I want them to access.  Its like the rule isn't working.  I know I am missing something simple but I can't see it.
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

If it isn't a must that they need to tunnel everything, the easiest way is to make a split-tunnel for that 1 IP.
Alan Huseyin KayahanCommented:
  Hi freymish
        Following is an example, I hope you find out what you have missing after comparing. Lets say that is the inside server that you want to allow access only

ip local poo VPNpool netmask
tunnel-group TestVPN general-attributes
 address-pool VPNpool
 default-group-policy TestPolicy

group-policy TestPolicy attributes
  vpn-filter value restrict_ACL

access-list restrict_ACL permit tcp host eq 3389
access-list restrict_ACL deny ip any any

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today

From novice to tech pro — start learning today.