Firewall auto reboots into Maintenance recovery mode when FIPS is enabled

Firewall auto reboots into Maintenance recovery mode when FIPS is enabled

578
Created On 09/16/25 00:48 AM - Last Modified 10/07/25 22:22 PM


Symptom


  • When a slot fails on a Palo Alto firewall, that is configured in FIPS-CC mode, it auto reboots into Maintenance recovery.
  • Firewall will log something similar under system logs (show log system).

System Log 

Environment


  • Palo Alto modular NGFWs.
  • Supported PAN-OS
  • FIPS-CC mode

Cause


Slot failure when Firewall is configured in FIPS-CC mode.

Resolution


  1. This is expected behavior in FIPS mode.
  2. If the device is in FIPS-CC mode, you must power off the firewall before adding or replacing an the module otherwise the device will boot into maintenance mode. 
  3. Refer to PA-7000 Guide and PA-5400 Guide.

Additional Information


PAN-299785
Other users also viewed:
Actions
  • Print
  • Copy Link

    https://knowledgebase.paloaltonetworks.com/KCSArticleDetail?id=kA1Ki000000TNuZKAW&lang=en_US&refURL=http%3A%2F%2Fknowledgebase.paloaltonetworks.com%2FKCSArticleDetail