vpn access-list

This might be a simple access-list question but I'm not seeing it
logically: I need to limit access to hosts on a dmz where we terminate
a vpn. The hosts are in the same dmz we terminate the vpn. Could I
use a access list to block which hosts are accessiable by the vpn?
only allow this vpn connection to go through this resources?