Site-to Site VPN FIPS 140-2

Answered Question
Sep 29th, 2010

Need advice/suggestions on being compliant with FIPS-140, I have configured IPSEC VPN tunnels between C2811 routers and passing unclassified traffic using 3DES encryption and SHA MD5 and shared password and in transport mode. Thanks for any help

I have this problem too.
0 votes
Correct Answer by Rudresh V about 6 years 3 months ago

Hi Steve,

This link would provide you with all the information regarding the FIPS complicant encryption algorithms for theIPSec  vpn tunnel:

http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1038.pdf

(In the above link, refer to section 3.3, IPsec Requirements and cryptographic requirements)

Following algorithms are not FIPS compliant.

DES
MD-5 for signing
MD-5 HMAC

Let me know if this provides you with the required information.

Cheers,

Rudresh V

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
Correct Answer
Rudresh V Sun, 10/03/2010 - 06:18

Hi Steve,

This link would provide you with all the information regarding the FIPS complicant encryption algorithms for theIPSec  vpn tunnel:

http://csrc.nist.gov/groups/STM/cmvp/documents/140-1/140sp/140sp1038.pdf

(In the above link, refer to section 3.3, IPsec Requirements and cryptographic requirements)

Following algorithms are not FIPS compliant.

DES
MD-5 for signing
MD-5 HMAC

Let me know if this provides you with the required information.

Cheers,

Rudresh V

Actions

This Discussion