LoadMaster Functionality/Configuration that is not Supported in FIPS
- Last Updated: October 15, 2025
- 1 minute read
- LoadMaster
- LoadMaster GA
- Documentation
There is some LoadMaster functionality that is not supported in FIPS:
- Remote Access Dial In User Service (RADIUS) authentication
- Single-arm network topology configurations
- Software Defined Networking (SDN) adaptive load balancing
Some functionality is not available in FIPS, for example:
- TLS1.3 Cipher Selection - In FIPS mode, TLS 1.3 ciphers are presented in the cipher sets (unlike in the base non-FIPS system). There are only two FIPS-approved TLS 1.3 ciphers. They can be removed by creating and using a custom cipher set, if desired.
- Supported TLS Protocols - In FIPS mode, the only supported protocols are TLS 1.2 and TLS 1.3. Support for those can be configured by adding and removing ciphers from the predefined cipher sets.
- OpenSSL version - In FIPS mode, you cannot change the version of OpenSSL used.
- Update Verification File - In non-FIPS LoadMasters you can optionally upload a Verification File when updating the LoadMaster software. In FIPS, it is mandatory to upload a Verification File.
- Enable SSL Renegotiation - In FIPS mode, this setting has no effect, because SSL renegotiation is not supported under FIPS compliance.