FIPS 140-2 compliance and Ubiquiti VPN
-
I'm working on a project that requires FIPS 140-2 security. I'm trying to figure out if a IPsec tunnel is compliant. I'm using an Edge Router X. From what I can find, it looks like triple-DES is compliant, but DES is not compliant. Is there any option for a compliant VPN tunnel with a Ubiquiti ER X or other Ubiquiti router?
-
OpenVPN is FIPS compliant.
-
It looks like Ubiquiti writes it as 3des instead of triple-DES. That's why my searches weren't turning anything up. Now trying to figure out how to make sure it's using 3des instead of des.
-
@mike-davis said in FIPS 140-2 compliance and Ubiquiti VPN:
It looks like Ubiquiti writes it as 3des instead of triple-DES. That's why my searches weren't turning anything up. Now trying to figure out how to make sure it's using 3des instead of des.
3DES is the traditional way to write it
Triple DES is how you normally pronounce 3DES so that humans can hear what you are saying because saying THREE-D-E-S is hard to hear. -
@mike-davis said in FIPS 140-2 compliance and Ubiquiti VPN:
It looks like Ubiquiti writes it as 3des instead of triple-DES. That's why my searches weren't turning anything up. Now trying to figure out how to make sure it's using 3des instead of des.
Ubiquiti does not even have the ability to select DES.
-
Also, I just had a thread on this.
https://mangolassi.it/topic/14955/old-ass-ipsec -
@scottalanmiller said in FIPS 140-2 compliance and Ubiquiti VPN:
OpenVPN is FIPS compliant.
It's a cryptographic module that can be inside solutions so the term would be "FIPS 140-2 Inside" technically (As the implementation hasn't been validated).
