I have Cisco Anyconnect working with Radius and I have 2 Anyconnect policy’s. The first group-policy VPNGR01CorpFull internal gives the users full access to the entire network and this works perfectly. The second group-policy VPNGR02CorpLimited internal however is not working the way I need. I can block the users access by create a split tunnel rule to only allow the user to route to certain IPs inside my network. But I need to limit the port access to the hosts. So I need them only to get to the IP and PORT of the 3 servers. So the question is how do a create an ACL and apply it to the VPNGR02CorpLimited policy so they can only get to 3 servers on port 80?