Unsupported Junos-FIPS Configuration Statements
The following configuration statements are not supported on Junos-FIPS:
Statement |
Description |
---|---|
|
Junos-FIPS does not allow an unencrypted or weakly encrypted or a connection that relies on a vulnerable key establishment protocol. |
|
Junos-FIPS allows the SSHv2 setting only. |
|
You must encrypt administrator passwords using strong algorithms, such as Secure Hash Algorithm (sha-256 and sha-512). |
|
Junos-FIPS does not support preconfigured proposal sets. You must configure an IKE proposal explicitly. |
|
Junos-FIPS does not support Message Digest 5 (MD5). However it does support (sha-256 and sha-384). |
|
Junos-FIPS does not support Data Encryption Standard (DES). However it does support Advanced Encryption Standard (AES). |
|
Authentication Header (AH) protocol provides authentication but not encryption. Enhanced Security Protocol (ESP) is required. |
|
Junos-FIPS does not support Diffie-Hellman (DH) groups 1 and 2. However, DH-groups 14, 19 and 20 are supported on Junos-FIPS. |