McDewey

Multi-vendor documentation library · semantic search · MCP endpoint at /mcp

Page 322

↗ View in doc context
page
322
source
cucm/v15/cli-reference/cucm-15-cli-reference.md
chunk_id
cucm::v15::cli-reference::cucm-15-cli-reference::308

Requirements Command privilege level: 1 Allowed during upgrade: Yes Applies to: Unified Communications Manager, IM and Presence Service on Unified Communications Manager, and Cisco Unity Connection utils fips FIPS mode is only supported on releases that have been through FIPS compliance. Be warned that FIPS mode should be disabled before you upgrade to a non-FIPS compliance version of Unified Communications Manager. For information about which releases are FIPS compliant and to view their certifications, see the FIPS 140 document at https://www.cisco.com/c/en/us/solutions/industries/government/global-government-certifications/ fips-140.html. Caution This command enables, disables, or displays the status of FIPS 140-2 mode. FIPS 140-2 mode is disabled by default; only an administrator can enable FIPS. utils fips {enable | disable | status} Syntax Description Description Parameters Activates FIPS 140-2 mode. enable Deactivates FIPS 140-2 mode. disable Displays the status of FIPS 140-2 mode. status Command Modes Administrator (admin:) Usage Guidelines Before enabling FIPS mode, we recommend that you perform a system backup. If FIPS checks fail at start-up, the system halts and requires a recovery CD to be restored. Consider the following information before you enable FIPS 140-2 mode: • When you switch from non-FIPS to FIPS mode, the MD5 and DES protocols will not be functional. • After FIPS mode is enabled on a server, please wait until the server reboots and the phones re-register successfully before enabling FIPS on the next server. • In FIPS mode, the IM and Presence Service uses Red Hat Openswan (FIPS validated) in place of Racoon (non-FIPS validated). If the security policies in Racoon contain functions that are not FIPS approved, the CLI command asks you to redefine the security policies with FIPS approved functions and abort. Certificates and SSH key are regenerated automatically, in accordance with FIPS requirements. Note Command Line Interface Reference Guide for Cisco Unified Communications Solutions, Release 15 and SUs 298 Utils Commands utils fips