Depending on whether you are using pptp or l2tp, you can create a
firewall/packet filtering rule to control access to your vpn server.
Assuming you are using pptp for instance, a rule could be created that would
allow inbound traffic to your vpn server through port 1723 tcp and protocol
47 gre from only the allowed ip address. You could also do something
similar in rras via remote access policies where you could edit the profile,
select ip and then input filters and possibly select permit only the packets
below where you could create rules for allowed ip addresses to your vpn
server/lan. --- Steve
http://tinyurl.com/ea5d --- Example of firewall setup for various vpn
configurations.