Hi there, According to the information above your main goal is to assign different access according to the group membership, even though the ACS 5.x is totally different now to 4.x because it's based on Conditions in order to assign different Results, however you can duplicate your previous configuration in the ACS 5.x like this: -You can use as the Conditions the Group Membership and Network Devices to allow or restrict access. If you say that only the users that are members of the Wireless group and coming from the Wireless devices should be allowed access, if these Conditions doesn't match, the user will fall into the Default rule which is Deny Access. Probably this is a little bit confusing, so let me attach a screenshot with an example: You can create multiple rules to simulate your previous configuration. Rate if it helps!
... View more