I am upgrading my PIX to an ASA 5510. How difficult is it to set up HW to HW VPN's and have specific users/groups route only to those tunnels? For example I have 3 distinct remote customers that I would like to create connections to without them being able to see my internal network. On the same note I want to connect remote client users to these connctions based on the group login the user chooses. I also want to create an admin group that can see everything. Is this very difficult to pull off? Waiting for questions.