cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1065
Views
0
Helpful
5
Replies

2504 WLC FIPS compliance

newbieftd
Level 1
Level 1

How can I easily check/verify FIPS-2 compliance of each SID my WLC?

Model: 2504

VER: 8.5.151.0

 

Thanks-

5 Replies 5

balaji.bandi
Hall of Fame
Hall of Fame

Try below command :

 

show switchconfig

 

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

(Cisco Controller) >show switchconfig

802.3x Flow Control Mode......................... Disable
FIPS prerequisite features....................... Disabled
WLANCC prerequisite features..................... Disabled
UCAPL prerequisite features...................... Disabled
Last login information display................... Disabled
DTLS WLC MIC .................................... SHA2
secret obfuscation............................... Enabled
Strong Password Check Features
case-check.................................... Enabled
consecutive-check............................. Enabled
default-check................................. Enabled
username-check................................ Enabled
position-check................................ Disabled
case-digit-check.............................. Disabled
Min. Password length.......................... 3
Min. Upper case chars......................... 0
Min. Lower case chars......................... 0
Min. Digits chars............................. 0
Min. Special chars............................ 0
Mgmt User
Password Lifetime [days]...................... 0

--More-- or (q)uit
Password Lockout.............................. Disabled
Lockout Attempts.............................. 3
Lockout Timeout [mins]........................ 5
SNMPv3 User
Password Lifetime [days]...................... 0
Password Lockout.............................. Disabled
Lockout Attempts.............................. 3
Lockout Timeout [mins]........................ 5

(Cisco Controller) >

This line means it's disabled: 

FIPS prerequisite features....................... Disabled

FIPS prerequisite features....................... Disabled

You like to enable here is the proceedure

 

https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/cisco_wlc_security.html

BB

***** Rate All Helpful Responses *****

How to Ask The Cisco Community for Help

patoberli
VIP Alumni
VIP Alumni

Never used FIPS, but here is the (very short) manual for it: https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/cisco_wlc_security.html

It doesn't mention anything about SSID configuration though. 

 

Another manual (although for the successor platforms): https://csrc.nist.gov/csrc/media/projects/cryptographic-module-validation-program/documents/security-policies/140sp2065.pdf

This one should still be valid for your platform though, the commands should not have changed.

 

I don't think there is a command to quickly check the SSIDs though. 

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: