Thank you. I was able to see that the role is RAPWiredPhone. In the UI I see that a number of policies are applied. So I think I have the right role now.
To be clear in what I want to accomplish: Users on the RAP are assigned an IP in the 192.168.92.0 subnet. I'm internal, say 10.10.50.0 subnet. I want my machine on 10.10.50.x to be able to get to 192.168.92.x.
I have a group already defining our internal subnets and a rule at says source: any, Destination: <my subnets>, permit. Do I need one reversed, for example source <my subnets>, destination: any?