SecureID Replica as an Authenticator in different net
is it possible to authenticate with a SecureID Replica instead of the primary? Well, the situation is, I got 2 separated VLANs. I want to set a replica in the LAN B and sure connect it to the primary(firewall). Users will use the Replica to authenticate the logging into Service of the LAN B. But is there anyway to make the replica active on a separate lan although it is connected to the primary.
And I do not want to add a new Primary to the LAN B cuz the users need same logging date for other service in the main LAN.
Replicas actively authenticate users similar to the Primary. You just cannot fully manage users with Replicas. You will still manage the tokens from the Primary. A Replica is a kind of read-only, active system. You can place the Replica in a separate VLAN and use your network appliance's access control list and/or routing to allow the communication between the Primary and Replica and still limit what you want the user's access to be between the VLANs. And, if the users' systems are connected to more than one network at the same time, you can configure their RSA client agents to always use a specific interface on them for authenticating with an RSA appliance.