Have had a ACS 4.2 solution installed across 2 servers (master/slave), everything working fine with devices using it for both RADIUS and TACACS+ authentication. This week however, I have had an issue with a network group that use RADIUS as switches (Nortel) can no longer authenticate. On closer inspection, firstly the shared secret entry has disappeared, if re-enter and submit/apply it's still not there when you query the network interface configuration. I know that the basics of the ACS work, as other devices (PIX,ASA) that use TACACS+ are authenticating fine and that the problem is isolated to RADIUS as another network device (AS5300) has the same issue. This started to happen at the end of last week and I found the service CSRadius had stopped on the server, it was re-started and that solved the problem, however the problem has happened again and this time the relevant services are running.
The only change to the configuration has been additional subnets added to the network interface in question, maybe there's a limit to how many subnets one interface is allowed?