What is sounds like is a 2 part problem:
Subnet X is allowed to get to VS1 but no other VS. No subnet except Subnet X is allowed to get to VS1.
With VS1 you can specify a Source under the General Properties of the VS1. This will block all except Subnet X from accessing VS1. To attack the second half of your issue, you may need an iRule to prevent Subnet X from accessing VS2,3,4, etc.. this can get unwieldy, I would suggest looking at the Network Firewall module if you have it and kill two birds with one stone. You can allow Subnet X to VS1 and prevent all others and prevent Subnet X from accessing all the other Virtual Servers.