Remote Access; Obtaining Documentation; World Wide Web - Cisco 2621 User Manual

Non-FIPS Approved Algorithms
The following algorithms are not FIPS approved and should be disabled:
•
•
•
•
•
Protocols
The following network services affect the security data items and must not be configured: NTP,
TACACS+, RADIUS, Kerberos.
SNMP v3 over a secure IPSec tunnel may be employed for authenticated, secure SNMP gets and sets.
Since SNMP v2C uses community strings for authentication, only gets are allowed under SNMP v2C.

Remote Access

Auxiliary terminal services must be disabled, except for the console. The following configuration
disables login services on the auxiliary console line.
line aux 0
no exec
Telnet access to the module is only allowed via a secure IPSec tunnel between the remote system and
the module. The Crypto officer must configure the module so that any remote connections via telnet are
secured through IPSec.

Obtaining Documentation

The following sections provide sources for obtaining documentation from Cisco Systems.

World Wide Web

You can access the most current Cisco documentation on the World Wide Web at the following sites:
•
•
•
78-13824-01
RSA for encryption
MD-4 and MD-5 for signing
ah-sha-hmac
esp-sha-hmac
HMAC SHA-1
http://www.cisco.com
http://www-china.cisco.com
http://www-europe.cisco.com
Cisco 2621 Modular Access Router Security Policy
Obtaining Documentation
11