PHP

How to configure ezvpn and acl on cisco 2911?

Good day to all colleagues!

Configured on 2911 2 ezvpn connections. The first phase works well for both, vpn rises. But in the second case there is no access inside the network. According to my assumptions, the problem is in ports inside with filtering through acl. Because with permit ip src dst works, but when you try to filter by ports, it no longer works. Please help me figure out what I'm doing wrong.

Config

ip local pool 1c-admin 10.10.13.9 10.10.13.14

crypto isakmp client configuration group 1c-admin
key XXXXXXXXXXXXXXXXXXXXX
pool 1c-admin
acl buh-admin-access
save-password
include-local-lan

crypto isakmp profile 1c-admin-isakmp
description --1c-admin--
match identity group 1c-admin
client authentication list Userlist
isakmp authorization list groupauthor
client configuration address respond
virtual-template 4

crypto ipsec profile 1c-admin-ezvpn
set transform-set aes-sha aes256-sha
set isakmp-profile 1c-admin-isakmp

crypto dynamic-map IPSEC 97
set transform-set aes256-sha
set isakmp-profile 1c-admin-isakmp
reverse-route

interface Virtual-Template4 type tunnel
ip unnumbered GigabitEthernet0/0
ip nat inside
ip virtual-reassembly in
tunnel mode ipsec ipv4
tunnel protection ipsec profile 1c-admin-ezvpn


ip access-list extended buh-admin-access
Permit TCP HOST 192.168.170.5 10.10.13.8 0.0.7 EQ 139 445 Domain
Permit UDP HOST 192.168.170.5 10.10.13.7 EQ Domain Permit TCP HOST
192.168.10.10.13.8 0.0.7 EQ 139 4444 1438 3
192.168.170.6 10.10.13.8 0.0.7 Range 1540 1540 1591 Permit
TCP HOST 192.168.170.11 10.10.13.8 0.0.7 EQ Domain 135 138 139 445 389 636 3268
Permit tcp Host 192.168.170.11 10.10.10.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0AL 42
permit udp host 192.168.170.11 10.10.13.8 0.0.0.7 eq 135 netbios-ns netbios-dgm 445 389 88 domain 1512 nameserver

interface GigabitEthernet0/0
description PrimaryLAN
ip address 192.168.170.1 255.25 ip nat ip inside5
directed-broadcast
ip inside5.255.0
ip virtual reassembly in
duplex auto
speed auto
end