Hi,
Yes you could do this by using any standard radius server. What you need to do is to:
1. Configure ezvpn using dynamic VTI, so that a virtual access interface is created when the user connects
2. Enable network authorization using radius for ezvpn, this would allow the per-user attributes to be applied to the virtual access interface for the user
3. Configure the radius server for the user profile using cisco avpair (radius attribute type 26, vendor id 9, vendor type 1). The avpair to be used is ipsec:inacl=xxx.
For more details, please see:
http://www.cisco.com/en/US/partner/docs/ios/sec_secure_connectivity/configuration/guide/sec_easy_vpn_srvr_ps10592_TSD_Products_Configuration_Guide_Chapter.html#wp1519508
Hope this helps.
Thanks,
Wen