Use the VPN Tunneling Access Control tab to write a resource policy that controls resources users can connect to when using VPN tunneling.
To write a VPN tunneling access resource policy:
Note: When a packet is fragmented, fragment #1 contains more information than all subsequent fragments. Fragment #1 contains the IP address, protocol, and port information. All subsequent fragmented packets contain just the IP address and protocol information. Therefore the VPN Tunneling ACL evaluates the first packet fragment different from the subsequent packet fragments. For the subsequent packet fragments, the system applies the VPN Tunneling ACL based on just the IP address and protocol since the port number is not available.