I tried to make a NAR (IP based or CLI/DNIS based) to permit access from AAA client 1.2.3.4 for ACS group 10.
AAA client 5.6.7.8 must use group 20, but users still get authenticated in Group 10. Auth is ok, but overall process failed. Why does NAR work this way ? I thought that AAA client 5.6.7.8 should "see" that it cannot use Group 10 and continues till Group 20.
Thanx.