The attached document .pdf describes the configuration details for deploying Clientless SSL VPN ACLs via Dynamic Access Policies (DAPs). Multiple ACLs will be aggregated for VPN policy enforment. The same concept can be applied for Network (Layer 3) ACLs to be enforced on AnyConnect SSL/IKEv2 VPN, and IPsec IKEv1 (legacy) clients,
This information is also explained in the DAP Deployment Guide,
Related Information