I have created a group to which I want to give access to a single server for their dev. work. How can I limit them to just that IP? I tried creating a filter and applying a rule for the group but they can still ping other machines. The rule drops by default unless they try to hit the machine I want them to access. Its like the rule isn't working. I know I am missing something simple but I can't see it.