I am trying to limit the access to the routers via NAR using ACS 4.1 but I get some strange results.
My worksation is 192.168.249.210 and the ACS's per-user NAR is set as follows :
Table Defines : Permitted Calling/Point of Access Locations All AAA Clients , port 23, IP address 192.168.249.210
With the above settings, I cannot login to the router while I expect I should be able to.
When I change the Table Defines to Denied Calling / Point of Access Locations, then I can login, not only from .210 but from everywhere.
I thought the "Permitted" means allowed, and Denied means "not allowed".
Any advice is greatly appreciated,
DT