Grettings. My Cisco CLI is a bit rusty, so any help would be appreciated.
We have an IPSEC tunnel terminating on our PIX whereby a third party gains access to a certain resource on our LAN. Which is well and good and traffic flows fine. However, (I have not verified this empirically) it seems that anything coming across the VPN tunnel destined to our network is able to access every resource for which a route exits... this I absolutely do not want. I wish this were simple as I want to apply an ACL to restrict the traffic entering our network via the tunnel to just one host/port. From trial and error and by what I have been reading... this seems impossible. I find that hard to believe given how capable the PIX is...
Is this in fact possible to do with an ACL and if so, how?