I have a PIX 515 which currently has a RAS policy on it for remote administration of said PIX. Is it possible to add a second RAS policy for a third party, but this policy will be restricted so they can only access one internal device. I have tried adding a second RAS policy using the RAS wizard in PDM 3.0 - this seemed to be successful, no errors. When I connect using Cisco VPN client to the original remote administration group, it all works fine. When I connect to the new group, the client times out saying the peer is not responding and there is nothing in the debug crypto on the PIX.
Is there something I am missing? Is there a better way to define access control over RAS VPN tunnels for different users?
Any advice greatly appreciated.