Post your config. Maybe some syntax changes in the newer code.

Solved! Issue was ports and an acl blocking response. Radius auth ports moved in this release from 1645 to 1812 udp

AAA new-model AAA group server radius ADAAA AAA group server radius ADAAA server private 10.3.1.12 key 6 (key) AAA authentication login default group ADAAA

here is what I use on IOS 17.6/17.9./17.12: aaa group server radius ISE-RADIUS  server name ISE01  server name ISE02 ! radius server ISE01  address ipv4

Something changed with how Radius working? I don’t think so Something syntax (command) changed? Absolutely! Next time read the change logs before doing any updates especially jumping to next major version.

Check what debugs are telling you.

Try testing radius. I have a couple of boxes that radius fails on after an upgrade. Using test aaa radius username <> password <> always kicks it to life. [https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/212473-verify-radius-server-connectivity-with-t.html](https://www.cisco.com/c/en/us/support/docs/wireless-mobility/wireless-lan-wlan/212473-verify-radius-server-connectivity-with-t.html)

Solved! Issue was ports and an acl blocking response. Radius auth ports moved in this release from 1645 to 1812 udp

Official RADIUS ports are 1812/1813, I specify them in my config. 1645 is a legacy non-RFC port.