Cisco ASR 9000 Series Aggregation Services Router System Security Command Reference, Release 5.1.x
FIPS commands
Downloads: This chapterpdf (PDF - 1.24MB) The complete bookPDF (PDF - 3.79MB) | Feedback

FIPS commands

FIPS commands

This module describes the commands used in enabling the FIPS mode.

For detailed information about FIPS configuration tasks, and examples, see the Configuring FIPS Mode chapter in Cisco ASR 9000 Series Aggregation Services Router System Security Configuration Guide.

crypto fips-mode

To configure FIPS, use the crypto fips-mode command in the global configuration mode. To remove FIPS configuration, use the no form of this command.

crypto fips-mode

no crypto fips-mode

Syntax Description

This command has no keywords or arguments.

Command Default

None

Command Modes

Global configuration

Command History

Release Modification
Release 4.3.1

This command was introduced.

Usage Guidelines

Install and activate the asr9k-k9sec-px.pie file before using this command.

To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.


Note


For the configuration to take effect, reload the router by using the reload command in the admin mode.


Use the show logging command to display the contents of logging buffers. You can use the show logging | i fips command to filter FIPS specific logging messages.

Task ID

Task ID Operation

crypto

read, write

Examples

This example shows how to configure FIPS:

RP/0/RSP0/CPU0:router# configure
RP/0/RSP0/CPU0:router(config)# crypto fips-mode