Fault fltAaaFipsStateSwitch_fips_mode_changed
                

Rule ID:2709


Explanation:
This fault occurs when FIPS 140-2 is enabled or disabled on the node

Recommended Action:
If you see this fault, a node reboot is required


  1. Check if a similar fault is generated on other nodes on fabric
  2. Reboot all such nodes where this fault is seen


Raised on MO: aaa:FipsState

Fault Name: fltAaaFipsStateSwitch_fips_mode_changed

Unqualified API Name: switch_fips_mode_changed
Code: F2709
Applied Mo DN Format:
     topology/pod-[id]/node-[id]/sys/fipsstate
     sys/fipsstate

Type: operational
Cause: change-in-fips-state
Severity: minor
Weight: 100
Tags:
Message: Fips mode changed. Reboot needed. Follow these guidelines before rebooting the system: 1. Disable Telnet. Users should login using SSH only 2. Disable remote authentication through Radius/Tacacs+ 3. Disable SNMP v1 and v2. Snmp v3 should be configured only with SHA for authentication and AES for privacy 4. Delete all policies that have MD5 for authentication or DES for encryption 5. Do not use RSA1 Keypairs for SSH.

Help:

Triggered By:
        reboot equals yes