Is it possible to restrict access to only one host on my LAN for the VPN users?
They only need to use my local Jabber XMPP server in order to voice and video conference and do not need access to any other servers or file shares etc.
Here is the procedure of restrict access to only 1 host on the LAN for VPN.
Create a new group-policy that has the split-tunnel with only the host/network I want the VPN user to access. Then create a ACL to only allow network access to what you want. Apply this ACL to the GP with the following command: vpn-filter value (you have to apply this when you are in the GP attributes). Then make a new group-tunnel and tie it back to the new GP. Now you can give this user the new PCF and the user will be locked down to the host / network you specified.
I hope this guide helps you, If you want to do that with VPN for security so check this Fastest VPN Service list.