Hi, Have a Cisco ASA - lots of IPSec VPN's to lots of places. The allowed service in the Cryptomap was IP to all - we decided to narrow this down to SSH, RDP etc. I created a group for the ports and added to a test VPN - all worked well. I then appli...