SecurID® Discussions

Browse the SecurID discussion board to get product help and collaborate with other SecurID users.

RSA Authentication Manager Self Service Console exposing to internet

Our RSA AM servers are on our internal network, but we have 2 webtiers in the DMZ, want to know if there is any way to expose the SSC portal externally mainly to activate RSA tokens with QR Code

3 Replies
Valued Contributor Valued Contributor
Valued Contributor

https://<virtual-host-name>/ssc will get you to the self service console running on the webtiers.  Features will be the same as if you hit the SSC directly on the primary. You may need to modify the settings for the webtier in the operations console. If you want a  completely different internet-facing SSC you should look into the Primekit add-on.


Hi Steven,
Thanks, we do have the PRIME SSP portal on the web tiers and can access the SSP page from external network. But I am looking at the token activation through QR code from the AM SSC portal.


Why not just use the SSP to get the token? The external SSP should let you use the QR code to get a token. Many customers who use an externally-visible SSP configure the webtier (or firewall) to rewrite requests to the webtier SSC to use SSP. Does your system do that? If so, you probably won't be able to access the webtier SSC without jumping through extra hoops.  The webtier SSC might also be disabled in the Operations Console.