To add to this:
A single line in a cisco ACL can result in 50-100 or even more in the VPN acl since you can only do 1 source, one destination and one port in each acl rule. Is this not a problem for anyone else?
The only other thing I thought of was making a IP forwarding virtual server on the F5 that would catch all traffic from the VPN subnet so I could use AFM to create the rules...the problem there is that I miss out on being able to apply ACLs per session easily without having to check and make sure everything lines up perfectly between these two ways of setting acls.
Should I put in a feature request for VPN acls to get a more modern configuration interface/functionality?