Troubleshooting a FIPS error state with the syslog

This topic lists several causes of a FIPS error state and explains how to view the syslog to research possible causes on the Security Network IPS appliance.

About this task

Many situations can cause a FIPS error state including the following options:
  • Someone modifying a check-summed file on the appliance might trigger the FIPS error state. If the appliance is running firmware version 4.1 or older, restore the unmodified version of the check-summed file before restoring from backup to an earlier FIPS version or before using the FIPS-140 Information option.
  • Someone installing an EMG patch that is not FIPS certified can cause an error state.
  • Failure of boot time integrity checks can cause an error state.

Procedure

  1. Connect to the appliance using information fromEnabling FIPS mode by using a serial communication session.
  2. At the unconfigured login prompt, log on to the appliance by using the root credentials.
  3. Go to /var/log/messages file to view the syslog for possible causes of the FIPS error state.
Parent topic: Troubleshooting and support
Related concepts:
FIPS considerations for Network IPSappliances
FIPS error state and Security Network IPS appliance actions
Symptoms of a FIPS error state
Backup and restore options from FIPS errors
Configuring web browsers and Java for FIPS-supported ciphering
Implementing FIPS on Network IPS appliances