Solved: Restoring backup on FIPS enabled ISE box

sampathss · ‎02-21-2018

Hi,

Trying to find out if there are any restrictions or known issues when restoring backup on a FIPS enabled ISE box.

ISE Version 2.2 P5.

Thanks

Sampath

Nidhi · ‎02-21-2018

I would suggest you restore in a test machine first to check for any issues which might crop up.

From the admin guide -

"

FIPS Mode Operational Parameters

The FIPS standard places limitations on the use of certain algorithms. In order to enforce this standard, you must enable FIPS operation in Cisco ISE. Cisco ISE enables FIPS 140-2 compliance via RADIUS shared secret and key management measures. While in FIPS mode, any functions using non-FIPS-compliant algorithms fail, and certain authentication functionality is disabled.

Enabling FIPS mode also automatically disables Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP) protocols, which the guest login function of Cisco ISE requires. "

View solution in original post

Nidhi · ‎02-21-2018

I would suggest you restore in a test machine first to check for any issues which might crop up.

From the admin guide -

"

FIPS Mode Operational Parameters

The FIPS standard places limitations on the use of certain algorithms. In order to enforce this standard, you must enable FIPS operation in Cisco ISE. Cisco ISE enables FIPS 140-2 compliance via RADIUS shared secret and key management measures. While in FIPS mode, any functions using non-FIPS-compliant algorithms fail, and certain authentication functionality is disabled.

Enabling FIPS mode also automatically disables Password Authentication Protocol (PAP) and Challenge Handshake Authentication Protocol (CHAP) protocols, which the guest login function of Cisco ISE requires. "