Is there any doccumentation on how VPN client isolation is implemented with IPsec clients terminating on an ASA.
I have a situation where there are multiple VPN clients, using different connection profiles. However they all share the same pool of IP addreses. I need to prove that clients using connection profile A cannot communicate with clients using connection profile B, even though they are on the same subnet.
I have not enabled "same-security-traffic permit intra-interface" and currently have no need to do so.