Dont know if anyone has tried the below but here goes.
We have various remote access support staff who come in via vpn clients into our 6.3(3) firewall .They are given an ip address from the 192.168.255.0 network range. There are remote access policies in Microsoft IAS then that is pushing an access-list to the users allowing them only access to a a particular ip address. So once the condition of them being in a group in IAS is meet the polcy then pushes out an access-list in the format
of ip:access-list 120 permit tcp any host 184.108.40.206 eq 23.
This is detailed in this document
here is my question if anyone can answer.
1) Does the access list have to existon the firewall before hand
2) is the syntax above correct.
thanks in advance as I am really stumped on this .