Create a Post
cancel
Showing results for 
Search instead for 
Did you mean: 
Patrick_Lajda
Explorer

local authentication only if RADIUS is not reachable

Jump to solution

Hi,

is there any way to enable local authenticaion (i.e. admin user) only if the RADIUS servers is not reachable? That way only RADIUS users can authenticate on the firewall. If a network outage occurs (and RADIUS servers aren't reachable) the admin user could be used as fallback.

BR,
Patrick

1 Solution

Accepted Solutions
PhoneBoy
Admin
Admin
3 Replies
PhoneBoy
Admin
Admin
MR_K
Participant

Hi,

That is exactly what I was looking for, thanks!

Just one thing:

The file states at the beginning:

#%PAM-1.0
# This file is auto-generated.
# User changes will be destroyed the next time authconfig is run.

And timestamps of the file shows that it was modified around the last power-up.

Is there a way to persist the setting?

BR Marcus

0 Kudos
PhoneBoy
Admin
Admin

You'd have to set the immutable flag on the file (using chmod +i).

This will cause the file to not be overwritten.

To modify the file further, you will have to unset the immutable flag. 

0 Kudos