Lantronix SLC 8000 Advanced Console Manager User Guide - Page 117
VPN Commands, Security, Network -> Security, FIPS Mode
View all Lantronix SLC 8000 Advanced Console Manager manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 117 highlights
6: Basic Parameters crypto isakmp policy 5 encr 3des authentication pre-share group 5 crypto isakmp policy 10 lifetime 120 crypto isakmp key cisco123 address 192.168.1.100 crypto ipsec transform-set ISR esp-3des esp-sha384-hmac mode tunnel crypto map CM 10 ipsec-isakmp set peer 192.168.1.100 set transform-set ISR set ikev2-profile IKEv2_Profile match address VPN-TRAFFIC crypto map IPSEC-SITE-TO-SITE 10 ipsec-isakmp set peer 192.168.1.100 set transform-set ISR set pfs group2 match address VPN-TRAFFIC VPN Commands Go to VPN Commands to view CLI commands which correspond to the web page entries described above. Security The SLC 8000 advanced console manager supports a security mode that complies with the FIPS 140-2 standard. FIPS (Federal Information Processing Standard) 140-2 is a security standard developed by the United States federal government that defines rules, regulations and standards for the use of encryption and cryptographic services. The National Institute of Standards and Technology (NIST) maintains the documents related to FIPS at: http://csrc.nist.gov/publications/PubsFIPS.html FIPS 140-2 defines four security levels, Level 1 through Level 4. The SLC unit uses a FIPS module certified at Level 1. FIPS 140-2 compliance requires a defined cryptographic boundary around the cryptographic module on a device. In FIPS mode, the console manager allows only FIPS-approved cryptographic algorithms, and algorithms, such as MD5 and DES are disabled.The SSH client keyboard-interactive authentication type is not supported while the SLC unit is in FIPS mode. To enable FIPS mode, the Network -> Security, enable the FIPS Mode flag and reboot the console manager. Each time the SLC unit is booted in FIPS mode, it performs a power up self test to verify the integrity of the SLC unit's cryptographic module. If there are any issues with the integrity of the cryptographic module, the application will terminate, and an error will be logged in the system log. SLC™ 8000 Advanced Console Manager User Guide 117