Hello all. Still a newbie - here's how today went:
1. Started with CSPM 2.3i, one 4210 (2.5(0)), and one 4230 (3.0(1)S4). At this point could communicate well with the 4210, not the 4230.
2. Upgraded the CSPM to 2.3.3i, sensors to 3.0(1)S4, and was able to communicate well without errors at 3.0(1)S4.
3. Read I needed to upgrade to 3.0(2)S9 or better so upgraded the CSPM, then the sensors and immediately started getting the errors on the sensors that "Specified IDS Sensor Version 3.0(2)S9 is not an exact match to a supported version. All features may not be supported."
4. Ignored error (brave, I know) and upgraded all to 3.0(2)S11. When I nrver both servers show the 3.0(2)S11 versions and I now get the same error as three above but says "...Version 3.0(2)S11...All features may not be supported."
1. Is this normal?
2. What do I do to get rid of the errors?
3. My Approve now button is greyed out. Any way to work around this?
This error message is innocuous and will be fixed in a future CSPM . To get the Approve button to show up. Select the "Generated Commands" radio button above the Approve button. This should allow you to approve new configurations.
The message is actually a Warning and not an Error.
You can usually ignore the Warnings, but not the Errors.
The reason it gives a Warning is that the CSPM 2.3.3i was tested with being able to configure sensors up to version 3.0(1)Sx. It had not been tested to support 3.0(2)Sx sensors. Sometimes new features requiring new configuration tokens will come out in the Service Packs, and the CSPM engineers are letting you know that any new features that came out in 3.0(2)Sx can not be configured through CSPM.
For the 3.0(2)Sx Service Pack we didn't put in any new features so you can ignore the warning, the CSPM can configure it the same way it did for 3.0(1)Sx sensors.
DocumentationCode download linksGoalRequirementLimitationsSupported ISR
and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationConfigure one of the connectivity
options to access the Cisco IMC from the n...
Firepower Threat Defense (NGFWv) on UCS E-series - Transparent Mode in
HA DocumentationCode download linksGoalRequirementLimitationsSupported
ISR and UCS-E ModelSupported ISRG2 and UCS-E Blades:Supported ISR4K and
UCS-E Blades:Step by Step ConfigurationCo...
Question I am currently unable to specify "crypto keyring" command when
configuring VPN connection on my cisco 2901 router. The following
licenses have been activated on my router :