Buy or Renew
Buy or Renew
Duo Security forums now LIVE! Get answers to all your Duo Security questions. Learn more
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results forĀ 
Search instead forĀ 
Did you mean:Ā 
cancel
Start a conversation
7615
Views
5
Helpful
3
Replies

Anyconnect & FIPS

Go to solution
jeff6strings
Level 1
Level 1

ā€Ž09-06-2013 01:29 PM - edited ā€Ž02-21-2020 07:08 PM

We are testing using Anyconnect for our VPN needs and I have a question or concern regarding FIPS. Our test ASA is a 5510 with 8.2 and we are using the Anyconnect client version 3.1 and testing on Windows 7 Pro (32 bit). The VPN works fine but we noticed when the Anyconnect client is installed FIPS is enabled in the local security policy and when manually disabled the VPN won't connect. FIPS does cause a couple local applications to not function properly so is there a way of not using FIPS with the Anyconnect client?

Thanks for any help.

Jeff

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
npokhriy
Level 1
Level 1

ā€Ž09-06-2013 04:02 PM

We can disable FIPS on client machine from following location.

On Windows 7 machine, you need to go to following location:- 

C:\ProgramData\Cisco\Cisco AnyConnect VPN Client

and open a file named "AnyConnectLocalPolicy.xml"

You need to make following change:-

<FipsMode>false>

Please let me know if it helps.

View solution in original post

3 Replies 3

Go to solution
npokhriy
Level 1
Level 1

ā€Ž09-06-2013 04:02 PM

We can disable FIPS on client machine from following location.

On Windows 7 machine, you need to go to following location:- 

C:\ProgramData\Cisco\Cisco AnyConnect VPN Client

and open a file named "AnyConnectLocalPolicy.xml"

You need to make following change:-

<FipsMode>false>

Please let me know if it helps.

Go to solution
jeff6strings
Level 1
Level 1
In response to npokhriy

ā€Ž09-07-2013 05:37 AM

Naresh,

That worked. On my computer the path is "C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client"

Thank you.

Jeff

0 Helpful

Go to solution
john.minorini1
Level 1
Level 1

ā€Ž10-16-2015 01:31 PM

I know this is an old post but this was the exact answer I needed. Setting

HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa\fipsalgorithmpolicy

to 0 would reset back to 1 after every restart. changing the fipsmode in 

C:\ProgramData\Cisco\Cisco AnyConnect Secure Mobility Client

fix the issue. thank you !

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents