2 of our managed UPS's are currently being used with an incorrect secret and Radius only authentication. Due to this we recently discovered that we are unable to login. Is there a way to allow ACS (we have 5.5) to tell us what the shared secret is that the 2 UPS's are sending us in some logs, or is there a way to allow access from these 2 IP addresses, even though the shared secret is wrong?
The cost to get someone out to the branch and console in would be very high, so we wanted to make sure there was not a cheaper/easier way.
No, the secret key is not sent in the radius packets, it is used to protect the users password when being sent over radius, which is why your authentication fails. If you have configured a fallback to a local user in your APS radius config, you could try to block it's access to the radius server to login.