Just figured it out. Just set the Filter-Id in the profile to the acl nr. Noting more to it.
But when I have been working to solve my problem I discovered that sometimes between reconfig split-tunnel and the acl on the radius, pix autherize you whiteout asking the radius server for authentication. Anybody else how have notice this?