Following an OS restore of the operating system and restoration of the configuration from backup, a Symantec Messaging Gateway (SMG) scanner or control center which was previously configured to operate in FIPS mode is no longer operating in FIPS mode. Similarly, new SMG scanners added to an exising installation are not automatically set to FIPS mode.

 The FIPS state configuration is not being correctly stored in the backup file.

This is a known issue.

To check the FIPS status of an SMG system, please do the following:

1. Login to the affected Scanner's CLI command prompt as "admin"
2. At the prompt enter in the following command and press enter:
3.     fipsmode status
4. A non-FIPS mode response indicates that the system is not operating in FIPS mode.

Example:

SMG> fipsmode status
non-FIPS mode

Workaround:

You will need to manually re-enable FIPS mode on the affected systems as follows:

1. Login to the affected Scanner's CLI command prompt
2. At the prompt enter in the following and press enter:
3.     fipsmode on
4. When prompted press Enter or Y to allow the scanner to reboot.