Turning on FIPS mode in Palo Alto
12/10/20241 min read
SSH to the 192.168.1.1 and use credentials admin admin to authenticate
type command
debug system maintenance-mode
type ' y ' to confirm. The device will reboot.
SSH back into the device. The login credential will have changed. The username will be maint and the password will be the serialnumber of the device
Use the arrow keys to highlight the enable FIPS mode option and press Enter to select. A progress bar will appear at the bottom of the SSH window showing the progress of the system reconfiguration and then it will reboot again
When the system comes back online, use the new credentials admin paloalto to authenticate.
It will have a banner stating that it is FIPS enabled.
Or you can run this command in the CLI
show system info | match operation
If you are FIPs enabled, the output will be
operational-mode: FIPS-CC
Learn technology trends based on past projects
© 2024. All rights reserved.