You can easily configure IPsec to comply with FIPS 140 requirements on a FIPS 140-enabled system. You are responsible for choosing only FIPS 140-validated algorithms to create keys and certificates. The procedures and examples in this guide use FIPS 140-approved algorithms except when the algorithm any is specified.
The following mechanisms are available to IPsec and approved for use in Oracle Solaris in FIPS 140 mode:
AES in CBC, CCM, GCM, and GMAC modes in 128-bit to 256-bit key lengths
3DES
SHA1
SHA2 in 256-bit and 512-bit key lengths
For the definitive list of FIPS 140-validated algorithms for Oracle Solaris, see http://www.oracle.com/technetwork/topics/security/140sp2061-2082028.pdf. For a fuller discussion, see Using a FIPS 140 Enabled System in Oracle Solaris 11.2 .