Cisco 2811 Series Operations - Page 18

Browse online or download pdf Operations for Network Router Cisco 2811 Series. Cisco 2811 Series 31 pages. 2800 series integrated services routers
Also for Cisco 2811 Series: Datasheet (20 pages), Installing And Upgrading (14 pages), Operations (31 pages), Quick Start Manual (47 pages)

Print Page

1. Initial Setup

Cisco 2811 and Cisco 2821 Routers

Table 9

Cryptographic Keys and CSPs (Continued)

Enable secret

Shared

Secret

RADIUS secret Shared

Secret

TACACS+

Shared

secret

Secret

All RSA operations are prohibited by policy, and commands that can be executed by Officer are shown

Note

"# command".

Table 10

Note: An empty entry indicates that a particular SRDI is not accessible by the corresponding service

SRDI/Role/Service Access Policy

Security Relevant Data Item

PRNG Seed

DH private exponent

DH public key

Cisco 2811 and Cisco 2821 Integrated Services Router FIPS 140-2 Non Proprietary Security Policy

The ciphertext password of the CO role. However,

the algorithm used to encrypt this password is not

FIPS approved. Therefore, this password is

considered plaintext for FIPS purposes. This

password is zeroized by overwriting it with a new

password.

The RADIUS shared secret. This shared secret is

zeroized by executing the "no radius-server key"

command.

The TACACS+ shared secret. This shared secret is

zeroized by executing the "no tacacs-server key"

command.

Role and Service Access to CSP

NVRAM

Overwrite with new

(plaintext)

password

NVRAM

"# no radius-server key"

(plaintext),

DRAM

(plaintext)

NVRAM

"# no tacacs-server key"

(plaintext),

DRAM

(plaintext)

OL-8663-01