000033866 - How to determine the RSA SecurID Access identity router (IDR) health status from a load balancer

Document created by RSA Customer Support Employee on Aug 25, 2016Last modified by RSA Customer Support Employee on Apr 21, 2017
Version 4Show Document
  • View in full screen mode

Article Content

Article Number000033866
Applies ToRSA Product Set:  SecurID Access
IssueIf using a cluster of Identity Routers (IDR) behind a load balancer it is important that the load balancer be aware of the health of each IDR.  This will ensure that portal traffic is routed only to fully functioning IDRs.
TasksInformation about IDR health status URLs are documented in an article on load balancer requirements.
Note that the two URL options are either http://<IDR MGMT IP>:8080/status/v2/lbstatus or https://<IDR MGMT IP>/status/v2/lbstatus.
  1. To use port 8080, each IDR must have a firewall rule added  via the Administration Console (Platform > Identity Routers > Edit > Settings).  
  2. The Connection Method value must be set to ALL to allow entering port 8080 and the Source Network value must include your load balancer, as in the example here:
User-added image


  1. When done. click Save and Next Step.
  2. Click Close.
  3. When done , click Publish to apply  the changes.
NotesUsing the https version of the URL does not require any additional firewall rules be added to the IDR settings.