FIPS cipher mode for OCI and GCP FortiGate VMs 7.0.1
FIPS cipher mode is supported on OCI and GCP FortiGate VMs. All VPN configurations must be removed before FIPS CC mode can be enabled.
In fips-ciphers
mode, only a restricted set of ciphers are allowed for features that require encryption, such as SSH, IPsec, SSL VPN, and HTTPS. Insecure protocols, such as Telnet, TFTP, and HTTP, cannot be used to access the FortiGate VM. For details, see FIPS cipher mode for AWS and Azure FortiGate VMs
A factory reset is required to disable fips-ciphers
mode.
To enable fips-cipher mode:
config system fips-cc set status fips-ciphers end Warning: entering fips-ciphers mode. To exit this mode, factory reset is required. Do you want to continue? (y/n) y