We currently use Active Directory to authenticate through IPsec VPN.
Employee was let go..so his AD account was disabled
However, he has another AD username and password that can not be disabled since it
is being used under other services
Our entire company is under one Group Policy
My question is.how would I block him from accessing the network.?
No you wont have to configure any new group-policy. All you have to do is create a create a dap policy saying that if a user comes with this attribute from radius or ldap (username in ur case) apply a certain policy ( terminate ) to it. For rest all users, since they don't match that criterion, they will hit the default dap policy which will alow them normally without applying any policy for them.