Cisco System Model: Fault fltAaaFipsStateSwitch_fips_mode_changed Cisco System Model: Class ifc:policyelem:fltAaaFipsStateSwitch_fips_mode

Fault fltAaaFipsStateSwitch_fips_mode_changed

Rule ID:2709

Explanation:
This fault occurs when FIPS 140-2 is enabled or disabled on the node

Recommended Action:
If you see this fault, a node reboot is required

Check if a similar fault is generated on other nodes on fabric
Reboot all such nodes where this fault is seen

Raised on MO: aaa:FipsState

Fault Name: fltAaaFipsStateSwitch_fips_mode_changed

Unqualified API Name: switch_fips_mode_changed
Code: F2709
Applied Mo DN Format:
topology/pod-[id]/node-[id]/sys/fipsstate
sys/fipsstate

Type: operational
Cause: change-in-fips-state
Severity: minor
Weight: 100
Tags:
Message: Fips mode changed. Reboot needed. Follow these guidelines before rebooting the system: 1. Disable Telnet. Users should login using SSH only 2. Disable remote authentication through Radius/Tacacs+ 3. Disable SNMP v1 and v2. Snmp v3 should be configured only with SHA for authentication and AES for privacy 4. Delete all policies that have MD5 for authentication or DES for encryption 5. Do not use RSA1 Keypairs for SSH.

Help:

Triggered By:
reboot equals yes