I am currently running a PIX which is a VPN head-end to several clients using the VPN client version 4.0.1.
Each client has different requirements so I have setup a different vpngroup for each one which references a different access-list and hence accessible servers.
The clients authenticate against a Cisco ACS box.
Is this the best solution or is there another way considering I am being asked to setup more and more users now?