Buy or Renew
Buy or Renew
Cisco Virtual Engineer generative AI bot now active in Wireless Discussion Forum. Learn more.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
233
Views
0
Helpful
1
Replies

FIPS 140-2 & FlexConnect APs

flyingframes
Level 1
Level 1

‎08-09-2022 03:59 PM

Does enabling FIPS on Controller, enable it on the FlexConnect APs too?

AireOS:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/cisco_wlc_security.html

 

IOS-XE:
https://www.cisco.com/c/en/us/td/docs/wireless/controller/9800/config-guide/b_wl_16_10_cg/fips.html


Because in “local auth local switching mode”, the FlexConnect AP is responsible for client authentication, encryption cipher and switching client data packets locally. I am not sure if a FIPS knob on WLC, enable it on the AP too?

Labels:
0 Helpful
1 Reply 1

ammahend
VIP
VIP

‎08-10-2022 06:57 AM - edited ‎08-10-2022 06:59 AM

https://www.cisco.com/c/en/us/td/docs/wireless/controller/8-5/config-guide/b_cg85/flexconnect.html#flexconnect-operation-modes

there are many variations you can have in flexconnect mode, read the flexconnect authentication section here. 

FlexConnect AP is responsible for client authentication

not necessarily true, you can have flexconnect for local data switching but your authentication can still be central. 

I looked through several documents at Cisco and NIST but I did not find anything on fips in flexconnect mode. Hopefully someone else have some experience deploying it and can share. 

-hope this helps-
0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card