Hi,
Thanks for the reply.
The users authenticate via AD accounts and they will be using the same accounts wherever they go, so I assume the PS device will need to decipher if they are on a "secure" device or not and then assign access accordingly.
I've had a look at host checker but I think that's either just an allow or deny policy right, can you say i.e. if they don't have these mac addresses then only give them limited VPN tunnel access?
Thanks!