Just got NCM up and running, (yay). Having a lot of fun with it, so far pretty easy to use and makes sense. I've run into a problem where some of my devices are ignoring Crypto for change management as they should, while others are not. Some are the same device, same ios etc. Here's the rule (default from NCM):
Ignoring crypto lines
^[ \t\r\n\v\f]*crypto.*certificate
I thought that meant ignore lines that start with cypto and certificate. Here's the output of one of the failed configs:
058 | certificate self-signed 01 | 058 | certificate self-signed 01 nvram:IOS-Self-Sig#1.cer |
Not sure why, but it brings those up as a changed even though they both start with certificate. It's happened on 2800's, 3560's running base. So no real common ground on the device.