one of our clients has an ssl vpn setup of firewall -- ACS -- Domain database.
There is a requirement that we have a fallback for authentication to vpn in case domain database is unavailable/fails.
i.e. if this happens, ACS checks the domain & if it is not available, goes in for local database authentication.
But in no way they want the local usernames on the firewall. the acs has to do the job.
Is this possible.Please advise.