@ggovek
I completely agree with how you have it working however I have users on Instant Clone pools and I would need to now create a group by VM name and effectively allow 100 users RDP access to the destination instead of just 5 of those users having that access. If it was on persistent VMs I agree that this would be the workaround. Also, with your rules I believe that anyone who would log in to WIN-1 and WIN2 would now have https and SSH access to WEB 80 therefore rules 2077 and 2072 wouldn't be applicable right?
