We have recently purchased some firewalls for a new environment that we configured to use in FIPS mode. Because the firewalls are in FIPS mode, the only RADIUS authentication protocol they can use is CHAP/SHA-1. We originally were having issues authenticating internal users in ACS v5.4 because (based off the Authentication_Trend logs), it looks like the ACS was looking for CHAP/MD5. We upgraded to v5.5 because we saw there was the ability to put the ACS into FIPS mode, however, it looks like CHAP has to be disabled as a RADIUS authentication protocol due to MD5 not being FIPS compliant. Just curious if there was anyway to have the ACS look for CHAP that uses a different hashing algorithm (like a SHA-*). If not, this would be a useful enhancement for the future.