Fault fltAaaCtrlrFipsStateCtrlr_fips_mode_changed
                

Rule ID:2560


Explanation:
This fault occurs when FIPS 140-2 is enabled or disabled on the node

Recommended Action:
If you see this fault, a node reboot is required


  1. Check if a similar fault is generated on other nodes on fabric
  2. Reboot all such nodes where this fault is seen


Raised on MO: aaa:CtrlrFipsState

Fault Name: fltAaaCtrlrFipsStateCtrlr_fips_mode_changed

Unqualified API Name: ctrlr_fips_mode_changed
Code: F2560
Applied Mo DN Format:
     topology/pod-[id]/node-[id]/sys/ctrlrfipsstate
     sys/ctrlrfipsstate

Type: operational
Cause: change-in-fips-state
Severity: minor
Weight: 100
Tags:
Message: Fips mode changed. Reboot needed. Follow these guidelines before rebooting the system: 1. Disable Telnet. Users should login using SSH only 2. Disable remote authentication through Radius/Tacacs+ 3. Disable SNMP v1 and v2. Snmp v3 should be configured only with SHA for authentication and AES for privacy 4. Delete all policies that have MD5 for authentication or DES for encryption 5. Do not use RSA1 Keypairs for SSH.

Help:

Triggered By:
        ctrlrReboot equals yes