I currently have Mircrosoft IAS server validating ssh connections to our routers and firewalls. I would like to use IAS for authenticating vpn clients. The only problem I see is that there is no way to link a certain Remote Access Policy to a specific client in IAS. So technically a vpn client (who is connecting to a pix firewall) could use their logins to connect to one of our routers correct? I do have access-lists setup to prevent this, but does anyone know of a way to link a client to a remote access policy? (use this policy for this client) From what I am understanding if a user is not validated in the first policy and will try the second and third....