I have a few 5505s running L2L to a 5520. At all of the locations where i have 5505s there is just one PC. I have disabled DHCP, static IP on the PC, and disabled unused ports. This is to prevent people from bringing laptops from home. Well there is a company that needs someone to access the internet to update their software. Is there any kind of Mac address filters in an ASA? I want to block everything except a few MAC's. Of course i don't want that person to access the L2L.