This website uses Cookies. By clicking Accept, you agree to the storing of cookies on your device to enhance your community and translation experience. Read our Privacy Policy.
Click Preferences to customize your cookie settings.
Accept
Reject
Preferences

Enhanced Security Measures in Place:   To ensure a safer experience, we’ve implemented additional, temporary security measures for all users.

FIPS

cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Show  only  | Search instead for 
Did you mean: 
Announcements

FIPS

john.imperial
L1 Bithead

‎10-30-2015 02:48 PM

show fips-mode does not work on PA-500, V6.1.  I get "Invalid syntax" error message.  Any advice/insight is greatly appreciated.

2 people had this problem.
0 Likes Likes
2 REPLIES 2

pankaku
L5 Sessionator

‎11-01-2015 04:05 AM - edited ‎11-01-2015 04:12 AM

That command might be pulled out now. If you want to check the FIPS mode you can use the command "show system info"

 

Here it the output of the command from a firewall running in FIPS mode

 

admin@lab-fw65> show system info

hostname: lab-fw65
ip-address: 10.50.243.65
netmask: 255.255.255.0
default-gateway: 10.50.243.75
ipv6-address: unknown
ipv6-link-local-address: fe80::21b:17ff:feeb:556a/64
ipv6-default-gateway:
mac-address: 00:1b:17:eb:55:6a
time: Sun Nov  1 17:33:09 2015
uptime: 16 days, 13:50:20
family: 3000
model: PA-3050
serial: 001701003204
sw-version: 7.0.1
global-protect-client-package-version: 0.0.0
app-version: 497-2688
app-release-date: unknown
av-version: 0
av-release-date: unknown
threat-version: 0
threat-release-date: unknown
wf-private-version: 0
wf-private-release-date: unknown
url-db: paloaltonetworks
wildfire-version: 0
wildfire-release-date: unknown
url-filtering-version: 0000.00.00.000
global-protect-datafile-version: 0
global-protect-datafile-release-date: unknown
logdb-version: 7.0.9
platform-family: 3000
vpn-disable-mode: off
multi-vsys: off
operational-mode: fips

 

Follwing is the output of show system info from a firewall running in normal mode

hostname: lab-fw66
ip-address: 10.50.243.66
netmask: 255.255.255.0
default-gateway: 10.50.243.75
ipv6-address: unknown
ipv6-link-local-address: fe80::21b:17ff:feeb:5546/64
ipv6-default-gateway:
mac-address: 00:1b:17:eb:55:46
time: Sun Nov  1 17:34:27 2015
uptime: 5 days, 19:48:50
family: 3000
model: PA-3050
serial: 001701003207
sw-version: 6.1.0
global-protect-client-package-version: 0.0.0
app-version: 528-2901
app-release-date: unknown
av-version: 1648-2125
av-release-date: unknown
threat-version: 528-2901
threat-release-date: unknown
wf-private-version: 0
wf-private-release-date: unknown
url-db: paloaltonetworks
wildfire-version: 74652-81450
wildfire-release-date: unknown
url-filtering-version: 2015.10.30.601
global-protect-datafile-version: 0
global-protect-datafile-release-date: unknown
logdb-version: 6.1.3
platform-family: 3000
vpn-disable-mode: off
multi-vsys: off
operational-mode: normal

0 Likes Likes

reaper
Cyber Elite
Cyber Elite

‎11-02-2015 12:09 AM

That command has been replaced by 

 

> show operational-mode

as CCEAL-4 mode has become available as well

 

 

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization
0 Likes Likes
  • 2455 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!

LEGAL NOTICES
RESOURCES
Khoros awards 2022
Copyright 2007 - 2024 - Palo Alto Networks