I believe the RSA part is done by the connection server not the security server. If I turn on RSA on the connection server it will be RSA internal and external. I just heard back from VMWare tech support. They said it can be done I need to create a "replica" connection server and enable RSA on it the other connection server would not have RSA. I will try what they suggest and let you know how it comes out. Thanks for the suggestion.
How is it going with the RSA security?
I also want to use RSA, just for security server login. How did you did it?
Now we have an connection server with 3 different pools, but only 1 pool is for external and internal use. So internal we do not want use RSA.
So should we make an replica server and configure this one for RSA and connect this replica to the security server? and internal vmware clients connectin to the normal connection server?
Yes, you will need a separate connection server with RSA authentication turned on. Also making sure that it uses a different external URL than your connection server without RSA. Afterwards your security server should then be configured for the external url of the RSA enabled connection server.
In the end internal users will access one server address and external users accessing the new/different address.