Forum Discussion

Altocumulus

Jun 18, 2016

RSA SecurID Multiple domain partitions

hello, I have 2 partition domains sharing the same RSA securid aaa. As the 2 partitions are using the same self-ip, the RSA server does not accept the connection from 2 apm instances at the same time, so the authentication is rejected.

did you guys experiment such a scenario ? any idea how to get over this issue ?

thank you.

aaa

application delivery

BIG-IP Access Policy Manager (APM)

securid

1 Reply

Lucas_Thompson_
Historic F5 Account
Jun 18, 2016
RSA can handle this OK, it's a configuration item called "Secondary node address". It's meant to be used in the situation that the authentication clients are behind a source-NAT or other similar situation.

The root of the problem is that there is only one copy of the linux RSA authentication daemon in BIG-IP at a time that runs in user space.

DevCentral Quicklinks

* Getting Started on DevCentral
* Community Guidelines
* Community Terms of Use / EULA
* Community Ranking Explained
* Community Resources
* Contact the DevCentral Team
* Update MFA on account.f5.com

Discover DevCentral Connects

* Podcasts
* Social Channels
* Video Streaming

GitHub Awesome-F5

Forum Discussion

RSA SecurID Multiple domain partitions

1 Reply

F5 Academy at AppWorld 2026

Aswin MK - November 2025 Featured Member

Introducing the F5 AI Assistant for BIG-IP

Recent Discussions

AST Configuration Assistance

F5 HA deployment in Azure using Azure Load Balancer

WAF Block Request

Protocol Profiles in LTM Chains

Illegal Request in Learning Suggestion for 200 OK response

Related Content

Using n8n To Orchestrate Multiple Agents

User roles per partition: are multiple possible?

Remove iRule From Multiple Virtual Servers (Fork /w multiple partition support)

Double Trouble: Multiple Controllers Handling the Same Kubernetes LoadBalancer Service

BigIP VE - Multiple VLANs on single partition with single interface

ABOUT DEVCENTRAL

RESOURCES

SUPPORT

PARTNERS