SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.
New Contributor
New Contributor

Is possible to exclude Token for network source IP ?


Do you know if it's possible to exclude from RSA Token an authentication from specific network ip ?

For exemple a login exclude if it's coming from subnet.


Thank you,

3 Replies
Employee (Retired) Employee (Retired)
Employee (Retired)

Stephane Gilliers‌,


I've moved your question to the RSA SecurID Access" data-type="space space where it will be seen by the product's support engineers, other customers and partners.  Please bookmark this page and use it when you have product-specific questions.


Alternatively, from the RSA Customer Support" data-type="space page, click on Ask A Question on the blue navigation bar and choose Ask A Product Related Question.  From there, scroll to RSA SecurID Access" data-type="space and click Ask A Question.  That way your question will appear in the correct space.




Trusted Contributor Trusted Contributor
Trusted Contributor

RSA Authentication Manager has two types of agents: Restricted and Unrestricted. Restricted agents are only available to users specifically enabled on the agent. Unrestricted agents are available to any user with a token. 


There's no such limitation based on a token, only based on a user. For restricted agents, user and agents are associated with groups and their respective associations are used to determine access control. Both the user and restricted agent must both belong to a common group or nested sub-group. Internal (AM-database) or external (LDAP) group memberships can be used to limit access of specific users to specific restricted agents.

Hello Piers,

Thank you for your reply, so if I understand correctly it’s not possible ?