You would have to have the authentication code chunk repeated since you can't do an "OR" in a filter in authentication. Just leave the failed redirect blank in the first validation and then it would run the second set of code if the first failed.
Another option is to not add the status to the filter and instead add it to the list of saved session variables. Then update your access rule to check for the Status value of 1 or 4.