ACS 5.1 Managed Device Count Exceeded Error

Unanswered Question


I've just installed ACS 5.1 and noticed that it seems to count managed devices differently than previous versions.

I have a 500 count license which should be fine as I have about 100 devices which will use ACS for TACACS.  On ACS 3.x and 4.x, I would set up AAA clients by using a wild card for the subnets that host our routers/switches, say, and  when I do this with ACS 5, I get a Managed Device Count Exceeded error messasge becasue of the potential of more than 500 AAA clients.  It seems to be counting every IP address in the subnet as a managed device, even if there are only a handful actually in use.  Is there a way around this short of having to manually enter (and maintain) the exact IP Address of every managed switch and rotuer which will use the ACS server for TACACS?

thanks in advance!


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (1 ratings)
wtribble80 Wed, 06/08/2011 - 08:39
User Badges:

Can someone please answer this question?  I am running into the same exact issue.

Thanks for your help.

ewood2624 Wed, 06/08/2011 - 11:51
User Badges:

We ran into the same problem.  Bob had subnets,, and which is 768 hosts.  We had to add each device we wanted to use with TACACS in manually with a single IP address.

wtribble80 Wed, 06/08/2011 - 12:01
User Badges:

That is a ton of work.  Is there any way to automate this process somehow, or some kind of bulk CLI method?

ewood2624 Wed, 06/08/2011 - 12:07
User Badges:

You can add all the devices as a template or limit your subnets to under 500 hosts.

tecnician23 Tue, 03/27/2012 - 04:16
User Badges:

Are there any issue when you get this message "managed device count exceeded" on ACS?

I just add 50 Device to the ACS 5.1. ACS count 520 hosts but actually it´s working 300 device. I know ACS count all host included in the networks masks, for example, with /24 ACS count 256 devices. I get the alert "managed device count exceeded" but device authentication is working properly. Are ther any issue when I get this message. I think is only an advertisement but I´m not sure.

Can you help me?

antero Tue, 03/27/2012 - 04:49
User Badges:

The device count in ACS 5.x is made by the number of hosts inserted when adding Network device. so if you configure the device with a full class C ip range, it's counted on 254 devices.

the error appears but you can continue workking, and being authenticated.

the other option is to buy a licence of ACS 5 Large Deployment Add.


tecnician23 Tue, 03/27/2012 - 05:49
User Badges:

So, If I insert 501 host with mask /32 device won´t can work but, If I insert 300 host /32 and 1 network /24 I´ll can work properly despite I get the error message.

This is true?

wtribble80 Tue, 03/27/2012 - 06:01
User Badges:

Use the Default Network Device .  I find that works best for device authentication.

dselfridge Fri, 01/18/2013 - 09:52
User Badges:

Wesley, Thanks for this. I'm now re-attaching the hair I've pulled out after days trying to figure my customers migration out :-)

5 stars



wtribble80 Fri, 01/18/2013 - 09:59
User Badges:

You are very welcome.  I lost a few hairs over this one myself!


This Discussion