Authentication with RSA SecurID Token & LDAP password

Hi,

I am are currently evaluating the authentication of mobile VPN users
(using StoneGate Firewall) using SecurID Tokens. I successfully got
this working using passcode (i.e. PIN & SecurID Token). Now I am
thinking about doing authentication with SecurID Token and an LDAP
password (2 factor authentication). As the mobile VPN client supports
only one password field I would need to pass the information (Token &
password) onto a RADIUS server (preferably FreeRADIUS). The RADIUS
server then would need to split the information into its parts (e.g.
first part LDAP password with variable length and second part 6 digit
token) and authenticate both parts (I was thinking about using the
FreeRADIUS proxy mechanism) separately against the RSA Authentication
Manager (using RADIUS) and an LDAP directory. If both authentication
requests are successful then the user should get access.

Is such an scenario possible with FreeRADIUS and how could that be
implemented?

Thomas