yes, I have done this many times with both Checkpoint and Pix firewall for Remote access VPN. I used Cisco ACS 3.2 and pix use Radius
authentication to the ACS 3.2. Then the ACS will proxy off that radius request to the RSA
SecurID server.
You need the following:
1) in the ACS Server, make sure you install
the RSA agent and configure it properly.
2) Create external users database for certain
group/users. When user is unknown, forward
it to the RSA SecurID server.
3) on the RSA SecurID, make sure you create
the ACS server as an agent. you need to create a sdconf.rec file and place it in the
ACS server.
The ACS server SecurID agent has a tool for you to verify the connectivity.
The setup is actually very simple.
David
CCIE Security