To configure FIPS, use the crypto fips-mode command in the global configuration mode. To remove FIPS configuration, use the no form of this command.
Install and activate the hfr-k9sec-px.pie file before using this command.
To use this command, you must be in a user group associated with a task group that includes appropriate task IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator for assistance.
For the configuration to take effect, reload the router by using the reload command in the admin mode.
Use the show logging
command to display the contents of logging buffers. You can use the show logging | i fips
command to filter FIPS specific logging messages.
This example shows how to configure FIPS:
RP/0/RP0/CPU0:router(config)# crypto fips-mode