I have a group and i want to block them from succesfully authenticating on a specific ip address. I have define ip-based restrictions check. I am denying all AAA clients, on any port, and the address. Everything looks correct. My group users are still getting passed authenticating.
Not sure what I am missing. I am running acs 3.0 too