I already set up a SSTP Server with ppp onboard users and also AD integration. What I want to do is to have the Mikrotik router allow certain users access to certains subnets or hosts only. I know it can be done on IP basis (e.g. allow masquerading from certain sources to certain destinations only), but how could I enable the router to do this for certain users that connected to the SSTP server and are all in the same subnet?
I also know I could assign fixed remote addresses to certain onboard users, but I don't think this is possible for AD users too, or is it?