Multiple Authentication Servers for ikev2 MUVPN failing
I'm attempting to migrate users for ikev2 muvpn from firebox-db users to RADIUS / AD Authentication. I have confirmed my RADIUS setup is working.
I will be moving these users in batches as I coordinate with them but for now would like to keep some authenticating against firebox-db and others against the RADIUS server (Windows 2019 with NPS) as I move them over.
The issue I'm having is a RADIUS/ AD User cannot authenticate if the default Authentiation Server is set to Firebox-DB (in the muvpn ikev2 settings in WSM) even though I have the RADIUS server also ticked off as an authentication server. Checking the logs it appears this user is trying to authenticate as a Firebox-db user (user@firebox-db) instead of the RADIUS/ AD user (user@radiusdomain).
If I change the default authentication server to the RADIUS / AD Server, these AD users can authenticate, but none of the firebox-db users. Logs here show all users attempting to authenticate as RADIUS domain (user@radiusdoman vs user@firebox-db)instead of the firebox-db user they currently belong to. Any help resolving this is appreciated.