04-16-2013 02:55 PM - edited 03-10-2019 08:19 PM
I have some older devices on the network that only support RADIUS (not TACACS) for authentication and would like to have them use SecureACS 5.3
I understand that by default, ACS only supports TACACS for device administration. So I'll get this error when trying RADIUS:
11033 Selected Service type is not Network Access
Description:
RADIUS requests can only be processed by Access Services that are of type Network Access
Resolution Text:
Verify that the Service Selection Policy rules are correct
However, even after adjusting the Service Selection rules and seeing hits, I still see the same message in the logs, as if it has no affect. Any Ideas?
Solved! Go to Solution.
04-16-2013 11:09 PM
If you use the protocol as radius you can not use a device admin service. You can only use network access. That will allow you for authentication to the devices.
Regards,
Amjad
Rating useful replies is more useful than saying "Thank you"
04-16-2013 11:09 PM
If you use the protocol as radius you can not use a device admin service. You can only use network access. That will allow you for authentication to the devices.
Regards,
Amjad
Rating useful replies is more useful than saying "Thank you"
07-29-2013 10:54 AM
That's correct, thanks. I went to "Default Network Access" -> "Identity" and creating a custom rule for the devices I want to administer via RADIUS. I found setting the "NAS-Identifier" field was very useful.
08-05-2013 04:28 AM
Glad that your isue is now resolved.
Rating useful replies is more useful than saying "Thank you"
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide