Help
FortiGate
FortiGate Next Generation Firewall utilizes purpose-built security processors and threat intelligence security services from FortiGuard labs to deliver top-rated protection and high performance, including encrypted traffic.
pmeet
Staff
Staff

Created on ‎08-25-2023 06:03 AM Edited on ‎02-17-2025 10:47 AM By Moderator

Article Id 270426

Technical Tip: Getting Started with FIPS-CC enabled

Description This article describes how to get started once the FIPS-CC is enabled.
Scope FortiGate.
Solution

To enable FIPS, refer to Technical Tip: How to enable FIPS-CC mode.

 

  • Once the FIPS is enabled on FortiGate, all the interfaces are administratively down along with the admin access will be reduced to only allow ping.
  • It is necessary to bring each interface up from the CLI and enable the proper admin access necessary to continue configuration, especially if GUI access is required.
  • If all internal interfaces are part of a software or hardware switch, each interface must be removed from the switch, enabled, and then reassigned to the switch.
 

FIPS-4.PNG

 

config system interface

    edit internal

        set status up

        set ip <ip_address> <netmask> 

        set allowaccess ping https

end

 

Note: Once FIPS-CC is enabled on FortiGate, it is not possible to disable via the command set status disable.

 

FIPS-3.PNG

 

Run the execute factoryreset command to reset the device to the factory default configuration to disable the FIPS-CC on FortiGate.
3014
Suggest New Article
Article Feedback
Broad. Integrated. Automated.

The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.

Social Media
Security Research
Company
News & Articles
Contact Us

Copyright 2025 Fortinet, Inc. All Rights Reserved.