FIPS

cancel
Showing results for 
Show  only  | Search instead for 
Did you mean: 

FIPS

L1 Bithead

show fips-mode does not work on PA-500, V6.1.  I get "Invalid syntax" error message.  Any advice/insight is greatly appreciated.

2 REPLIES 2

L5 Sessionator

That command might be pulled out now. If you want to check the FIPS mode you can use the command "show system info"

 

Here it the output of the command from a firewall running in FIPS mode

 

admin@lab-fw65> show system info

hostname: lab-fw65
ip-address: 10.50.243.65
netmask: 255.255.255.0
default-gateway: 10.50.243.75
ipv6-address: unknown
ipv6-link-local-address: fe80::21b:17ff:feeb:556a/64
ipv6-default-gateway:
mac-address: 00:1b:17:eb:55:6a
time: Sun Nov  1 17:33:09 2015
uptime: 16 days, 13:50:20
family: 3000
model: PA-3050
serial: 001701003204
sw-version: 7.0.1
global-protect-client-package-version: 0.0.0
app-version: 497-2688
app-release-date: unknown
av-version: 0
av-release-date: unknown
threat-version: 0
threat-release-date: unknown
wf-private-version: 0
wf-private-release-date: unknown
url-db: paloaltonetworks
wildfire-version: 0
wildfire-release-date: unknown
url-filtering-version: 0000.00.00.000
global-protect-datafile-version: 0
global-protect-datafile-release-date: unknown
logdb-version: 7.0.9
platform-family: 3000
vpn-disable-mode: off
multi-vsys: off
operational-mode: fips

 

Follwing is the output of show system info from a firewall running in normal mode

hostname: lab-fw66
ip-address: 10.50.243.66
netmask: 255.255.255.0
default-gateway: 10.50.243.75
ipv6-address: unknown
ipv6-link-local-address: fe80::21b:17ff:feeb:5546/64
ipv6-default-gateway:
mac-address: 00:1b:17:eb:55:46
time: Sun Nov  1 17:34:27 2015
uptime: 5 days, 19:48:50
family: 3000
model: PA-3050
serial: 001701003207
sw-version: 6.1.0
global-protect-client-package-version: 0.0.0
app-version: 528-2901
app-release-date: unknown
av-version: 1648-2125
av-release-date: unknown
threat-version: 528-2901
threat-release-date: unknown
wf-private-version: 0
wf-private-release-date: unknown
url-db: paloaltonetworks
wildfire-version: 74652-81450
wildfire-release-date: unknown
url-filtering-version: 2015.10.30.601
global-protect-datafile-version: 0
global-protect-datafile-release-date: unknown
logdb-version: 6.1.3
platform-family: 3000
vpn-disable-mode: off
multi-vsys: off
operational-mode: normal

Cyber Elite
Cyber Elite

That command has been replaced by 

 

> show operational-mode

as CCEAL-4 mode has become available as well

 

 

Tom Piens
PANgurus - Strata specialist; config reviews, policy optimization
  • 2509 Views
  • 2 replies
  • 0 Likes
Like what you see?

Show your appreciation!

Click Like if a post is helpful to you or if you just want to show your support.

Click Accept as Solution to acknowledge that the answer to your question has been provided.

The button appears next to the replies on topics you’ve started. The member who gave the solution and all future visitors to this topic will appreciate it!

These simple actions take just seconds of your time, but go a long way in showing appreciation for community members and the LIVEcommunity as a whole!

The LIVEcommunity thanks you for your participation!