As part of the Edge Security Pack (ESP), the LoadMaster supports the RSA SecurID authentication scheme. This scheme authenticates the user on an RSA SecurID Server. When RSA is enabled as the authentication method, during the login process the user is prompted to enter a password that is a combination of two numbers – a Personal Identification Number (PIN) and a token code which is the number displayed on the RSA SecurID authenticator (dongle).

There are two additional challenge-response modes: next token and new PIN. These are described in the sections below.

The above diagram shows both next token and new pin modes which are only applicable under the conditions described below. This flow allows for three login attempts, after which login failure is final. The actual number of login attempts users are allowed to have is configurable.

Document Purpose

This document describes how to configure the LoadMaster to use the RSA two factor authentication method.

The RSA Security Console screenshots and steps in this document are examples. Progress Kemp will not be notified of any changes made in the RSA Security Console so please refer to the RSA documentation for the latest information, if needed.