Using an Encryption Method That Complies with FIPS 140-2

If you select 'On' for this mode, you can make the encryption method for the following settings comply with the United States government-approved FIPS 140-2:
[IPSec Settings] for [Preferences] (Settings/Registration). (See "IPSec Settings.")
If you set [Format Encryption Method to FIPS 140-2] to 'On', policies using AES-GCM for the authentication/encryption algorithm of IPSec communication are disabled. At the same time, the authentication algorithm for these policies is automatically changed to SHA1 and the encryption algorithm for these policies is automatically changed to 3DES-CBC. Policies with a certificate using the RSA-MD5 or RSA-MD2 signature algorithm are also disabled.
NOTE
For instructions on confirming the signature algorithm for the certificate you are using, see "Editing Key Pairs and Server Certificates."

1.
Press (Settings/Registration).
2.
Press [Management Settings] → [Device Management] → [Format Encryption Method to FIPS 140-2].
3.
Press [On] → [OK].
Select [Off] if you do not want to use an encryption method that complies with FIPS 140-2.
0CYR-210