Manualshelf

Users Guide

ManualsBrandsDell ManualsActive System ManageriDRAC9 - 3.0x Series
81828384858687888990
The last byte of the range mask is set to 252, the decimal equivalent of 11111100b.
For more information, see the iDRAC RACADM CLI Guide available at www.dell.com/idracmanuals.
FIPS mode
FIPS is a computer security standard that United States government agencies and contractors must use. Starting from version iDRAC
2.40.40.40, iDRAC supports enabling FIPS mode.
iDRAC will be officially certified to support FIPS mode in the future.
Difference between FIPS-mode supported and FIPS-validated
Software that has been validated by completing the Cryptographic Module Validation Program is referred to as FIPS-validated. Because of
the time it takes to complete FIPS-validation, not all versions of iDRAC are validated. For information about the latest status of FIPS-
validation for iDRAC, see the Cryptographic Module Validation Program page on the NIST website.
Enabling FIPS Mode
CAUTION: Enabling FIPS mode resets iDRAC to factory-default settings. If you want to restore the settings, back up
the server configuration profile (SCP) before you enable FIPS mode, and restore the SCP after iDRAC restarts.
NOTE: If you reinstall or upgrade iDRAC firmware, FIPS mode gets disabled.
Enabling FIPS mode using web interface
1. On the iDRAC web interface, navigate to iDRAC Settings > Connectivity > Network > Network Settings > Advanced Network
Settings.
2. In FIPS Mode, select Enabled and click Apply.
NOTE:
Enabling FIPS Mode resets iDRAC to the default settings.
3. A message appears prompting you to confirm the change. Click OK.
iDRAC restarts in FIPS mode. Wait for at least 60 seconds before you reconnect to iDRAC.
4. Install a trusted certificate for iDRAC.
NOTE:
The default SSL certificate is not allowed in FIPS mode.
NOTE: Some iDRAC interfaces, such as the standards-compliant implementations of IPMI and SNMP, do not support
FIPS-compliance.
Enabling FIPS mode using RACADM
Use RACADM CLI to execute the following command:
racadm set iDRAC.Security.FIPSMode <Enable>
Disabling FIPS mode
To disable FIPS mode, you must reset iDRAC to the factory-default settings.
Configuring services
You can configure and enable the following services on iDRAC:
Local
Configuration
Disable access to iDRAC configuration (from the host system) using Local RACADM and iDRAC Settings utility.
Web Server Enable access to iDRAC web interface. If you disable the web interface, remote RACADM also gets disabled. Use
local RACADM to re-enable the web server and remote RACADM.
Configuring iDRAC 81