FIPS Level 1 Support

Problem: If you have FIPS level 1 support enabled and your browser does not support the required cipher suites, you cannot access the device. If this happens to an administrator account, you can no longer administer or configure the system.

Solution: You can turn off FIPS level 1 support and reset the encryption strength from the device’s serial console. After choosing that option, SSL options are reset to Accept only TLS 1.0 and later and to Maximize Compatibility (Medium Ciphers).

Open a serial console to your device and select option 8. Turn off FIPS Mode and reset allowed encryption strength for SSL.

Turning Off FIPS Level 1 and Resetting Encryption Strength from the Serial Console

Please choose the operation to perform:

1. Network Settings and Tools
2. Create admin username and password
3. Display log/status
4. System Operations
5. Toggle password protection for the console (Off)
6. Create a Super Admin session.
7. System Maintenance
8. Turn off FIPS Mode and reset allowed encryption strength for SSL
   Choice: 8

Once you turn off FIPS level 1 support, option 8 is relabeled “Reset allowed encryption strength for SSL.”