I need to allow VPN access to a couple of outside vendors to gain access to two of my servers. I have RRAS set up, and an AD security group that users must be a member of before RRAS will allow them in. Is there a way to create a RRAS policy that will limit which servers inside my network a user or user group can RDC into once they have established the VPN connection? I would prefer that they can only RDC to the server(s) I select and not to my entire network. I do not have a DMZ, or a public website.