Can the 'selector' ACL for a tunnel be created using object-groups? I want to permit only certain hosts and TCP ports thru the IP tunnel.
I'm fairly sure this is NOT true for the NAT-0 or NoNAT ACL though.
Can anyone clarify?
I have this problem too.