OpenVPN with External Radius Authentication Fail-over Order
I have a PFSense with the OpenVPN package we use to terminate users' vpn tunnels.
Currently I have an external Radius server providing authentication working fine.
Within the OpenVPN server configuration, there is an option to pick what to use as the user authentication. Currently I have both (local & Radius) selected.
This creates an issue as the VPN account can now login via local and Radius.
Is there option or can I force an authentication fail-over sequence so;
PFSense will only use local auth when the Radius is unavilable?
Like most network gear. If it can reach (gets a response from Radius) that is it. you cannot login via local credentials.