I am having a little trouble customizing PPTP. I want some PPTP users to have access to a certain network and not another. However, I only can seem to VPN in if I have users in the "PPTP-Users" group. The reason I don't want to keep using the PPTP-Users group is because I want some users to be able to access only certain parts of the network. If I empty PPTP-Users group and make new groups and apply that in the TO section of particular PPTP policies rather than ANY, I am unable to log on. Also, is it possible to only allow certain ports for those connecting via VPN? I am working at a start up company that is trying to secure their network after having been hacked for the first time.