What I would like to do is restrict an outsider vendor to just be able to access a single IP resource (HVAC) on the internal network when they connect to our VPN through the MX100.Obviously, I don't want to give them full network access.
Currently, our VPN auth is being done by AD for the handful of users that use VPN. I haven't seen a way to apply a group policy to a Meraki user account or I might try that. But I am at a loss and any help would be appreciated.