Hi, We are using ASA FW on multi pal location and all are connected via Site to Site Tunnel and recently I have set up Remote VPN on DC location and the remote users have access the all network of all branches as I have done bypass all VPN traffic to other FW and exempt with local network as well. Now I want that the few remote users (A,B,C) could have permissions to access the DC FW only and not able to access the other local network and few users (D,E,F) could able to access the all locations. Please suggest... Is it possible by AAA Server?? Thanks