FIPS Mode Operation Configuration Guide

Prev Next

The Federal Information Processing Standards (FIPS) mode of operation ensures that a cryptographic module uses only approved security functions.

To enable FIPS mode, certain features must be disabled first.

Using the command line interface, follow the steps below to configure your system to support FIPS mode.

  1. Disable the WEB server.

    system edit os-service http-server http-service disable

  2. Disable the Telnet server.

    session edit telnet-server disable.

  3. Enable FIPS mode.

    fips edit state enable

  4. Restart the device to activate FIPS mode.

    reboot

  5. (Optional) Verify the FIPS mode status.

    fips show

    If successful, both operational and administrative statuses indicate Enabled and the cryptographic library version displays.

    Example output:

    FIPS administrative status: Enabled

    FIPS operational status:    Enabled

    Library version: CiscoSSH 1.14.56, OpenSSH_9.6p1, CiscoSSL 1.1.1y.7.3.377-fips

© 2025 Cisco and/or its affiliates. All rights reserved.
 
For more information about trademarks, please visit: Cisco trademarks
For more information about legal terms, please visit: Cisco legal terms

For legal information about Accedian Skylight products, please visit: Accedian legal terms and tradmarks