We have a Cisco ASA that has VPN support. Currently it authenticates via RADIUS based on the users domain user/password. What we would like to do is also restrict access based on computer name so that users can only connect with corporate owned comptuers. As such these computers would be a member of "domain computers". For example if Jill Smith has a corporate laptop, she should be able to VPN from her house using the corporate laptop, but not using her personal computer. Additionally we would like to be able to make a couple of exceptions for certain users such as the company owner. I don't really want to have a rule that says "owner can connect with any computer" but rather have the ASA authenticate via the Domain Computers group and a custom list someplace where the connecting computer must be a member of one of those lists.
Any help with this will be greatly appreciated.