OpenVPN with External Radius Authentication Fail-over Order

  • Hello,
    I have a PFSense with the OpenVPN package we use to terminate users' vpn tunnels.
    Currently I have an external Radius server providing authentication working fine.

    Within the OpenVPN server configuration, there is an option to pick what to use as the user authentication. Currently I have both (local & Radius) selected.
    This creates an issue as the VPN account can now login via local and Radius.

    Is there option or can I force an authentication fail-over sequence so;
    PFSense will only use local auth when the Radius is unavilable?
    Like most network gear. If it can reach (gets a response from Radius) that is it. you cannot login via local credentials.


Log in to reply