Users Guide
3. Then, specify the VLAN priority for the external chassis management network:
racadm config -g cfgLanNetworking -o
cfgNicVLanPriority <VLAN priority>
The valid values for <VLAN priority> are 0–7. Default is 0.
For example:
racadm config -g cfgLanNetworking -o
cfgNicVLanPriority 7
You can also specify both the VLAN ID and the VLAN priority with a single command:
racadm setniccfg -v <VLAN id> <VLAN priority>
For example:
racadm setniccfg -v 1 7
4. To remove the CMC VLAN, disable the VLAN capabilities of the external chassis management network:
racadm config -g cfgLanNetworking -o
cfgNicVLanEnable 0
You can also remove the CMC VLAN using the following command:
racadm setniccfg -v
Federal Information Processing Standards
The agencies and contractors of the Federal government of the United States use Federal Information Processing Standards (FIPS), a
computer security standard, which is related to all applications that have communicative interfaces. The 140–2 comprises of four levels —
Level 1, Level 2, Level 3, and Level 4. The FIPS 140–2 series stipulate that all communicative interfaces must have the following security
properties:
• authentication
• confidentiality
• message integrity
• non-repudiation
• availability
• access control
If any of the properties depend on cryptographic algorithms, then FIPS must approve these algorithms.
By default, the FIPS mode is disabled. When FIPS is enabled, the minimum key size for OpenSSL FIPS is SSH-2 RSA 2048 bits.
NOTE: PSU firmware update is not supported when the FIPS mode is enabled in the chassis.
For more information, see CMC Online Help.
The following features/applications support FIPS.
• Web GUI
• RACADM
• WSMan
• SSH v2
• SMTP
• Kerberos
• NTP Client
• NFS
NOTE:
SNMP is not FIPS-compliant. In FIPS mode, all SNMP features except Message Digest algorithm version 5
(MD5) authentication work.
Configuring CMC 75