you could control access using a deny in your "no nat" access-list before the permit,
e.g. access-list no_nat deny ip host 'serverip' 'vpn client ip subnet'
hth
Getting Started
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: