I have VPN setup and working fine on our ASA 5550 using LDAP. I have a Windows 2k8 server setup and successfully running NPS (new name for IAS) which is working great so far for other things. Now I'd like to join the two together and use "Radius" on the NPS server to authenicate my VPN users. But I'd also like it to look at the computer name they are coming from so we can allow only company owned laptops/PCs to connect. I see in the policies on NPS that you can specify a group that the machine needs to belong to as an additional criteria but looking at the event logs on the NPS server it looks like the client's computer name is not being passed to NPS so it ignores a policy that has this additional criteria in it and goes on to other policies. If I take the computer name critera out of the policy then it gets used. Anyone got something like this working?