I have many devices that are authenticated by ACS by one user account, it was required to seperate the access to security devices (firewall) from network devices (switches and router).
i have created 2 users and used NAR. in this case i was able to access network devices with only the account created (all these devices uses tacacs)
but the problem is that when i access ASA firewall ( uses radius protocol) i can access by the second account created and also the account for the switches and routers.
Any idea how to work on radius protocol.