When FIPS-CC mode is enabled on the FortiGate (specifically those running FIPS Certified/CVE-Patched firmware), FortiOS will enforce restrictions imposed by FIPS 140 and FIPS Common-Criteria standards.

Notably, FortiOS v7.0 had been certified for FIPS 140-2, whereas v7.2 and v7.4 (at the time of this writing) are undergoing certification for the newer FIPS 140-3 standard, and one of the newest limitations imposed in FIPS 140-3 has been the removal of MD5, MD4, and DES as accepted cryptographic algorithms. There have also been additional limitations that prevent unprotected plaintext authentication.

This has a significant impact on the RADIUS authentication protocol, as it prevents the usage of CHAP, MSCHAP, and MSCHAPv2 (since these schemes use the aforementioned weak crypto), as well as PAP (when used with unprotected standard RADIUS) when operating in FIPS-CC mode. As such, it is no longer possible to configure standard unprotected RADIUS authentication when FIPS mode is enabled on FortiOS v7.2 and later.

However, the FIPS standards do allow encrypted RADIUS authentication to be utilized, and so the FIPS Certified/CVE-Patched branches of FortiOS v7.2 and v7.4 support the configuration of RADSEC (aka RADIUS over TLS) with PAP as the inner authentication protocol (allowed now since it is protected by TLS; CHAP/MSCHAP/MSCHAPv2 remain disallowed). In fact, when configuring RADIUS on a FIPS-enabled FortiGate, it will automatically default to using RADSEC/RADIUS-over-TLS (which uses TCP/2083 for communication, rather than UDP/1812) with no option to revert to standard RADIUS.

Important: The General Availability (GA) version of FortiOS v7.4 also implements support for RADSEC (see: Add RADSEC client support), but FortiOS v7.2 GA does not support RADSEC. This means that for FortiOS v7.2, only the FIPS Certified/CVE-Patched builds will support RADIUS authentication when FIPS mode is enabled.

Recommendations for users upgrading from earlier FIPS Certified/CVE-Patched FortiOS versions:

In general, consider first setting up a lab environment with the same FortiGate model and FIPS FortiOS configuration as found in production, where possible, then upgrade the firmware to check for potential incompatibilities. Configurations that were acceptable with FIPS 140-2 and FortiOS v7.0 may become non-compliant after upgrading to FortiOS v7.2 and FIPS 140-3.

In this particular case, check the production FortiGates to see if they are configured for RADIUS-based authentication, and if that authentication is still required (as opposed to being replaced with another method like LDAPS or SAML). If RADIUS authentication is mandatory, then the next step is to check the associated RADIUS server and enable RADSEC support, as well as allowing PAP as the inner authentication method, or add a RADSEC proxy to bridge the FortiGate to an existing RADIUS server.

Finally, validate that the FortiGate can generally reach the RADSEC server over the network (e.g., with telnet over TCP/2083), then upgrade the FortiGate when ready.

Additional notes regarding IPsec/IKEv2 and User Authentication:

• As a reminder, IKEv2 requires the usage of EAP to handle authentication (as opposed to XAUTH with IKEv1).
• When FortiClient is authenticating directly against the FortiGate (i.e., when using any non-RADIUS and non-SAML authentication, such as LDAP or Local Users), FortiClient supports either EAP-MSCHAPv2 or, more recently, EAP-TTLS/PAP to the FortiGate (acting as an EAP authenticator/terminator)
  Since MSCHAPv2 is disallowed when the FortiGate is running in FIPS mode, EAP-TTLS/PAP must be used on FortiClient instead.
• RADIUS-based authentication for IKEv2 users on FIPS-enabled FortiGates is still allowed, provided that it is done with RADSEC/RADIUS-over-TLS (EAP communication passes through the FortiGate and is negotiated between the client and RADIUS server directly).
• For more info on this subject, refer to the following article: Technical Tip: FortiOS IKEv2 EAP user authentication operation.

Related articles:

Technical Tip: FortiOS FIPS Resource List

Technical Tip: Upgrading FortiOS Firmware when FIPS-CC is enabled