Modification : it's very bad solution ;)
I don't think the option exists. Source filtering is global to the SSL configuration.
If I had to do something unconventional. I will do for example: 1) Add a different realm per user group (feature to be activated) 2) Listen SSL VPN on a Loopback interface port 10443 3) Add a VIP on the WAN interface port 30443 to the loopback vpn ssl interface 10443 4) Add a rule with authorized wan source IPs to the loopback vip. 5) Use another port for the VIP and another Realm for other users who do not have this limitation.
it will work as long as the port of unfiltered users is not known by other users.
I don't like my solution... but it works