%SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Logs on Catalyst 9500
I just migrate our Edge Switch from Cisco Catalyst 3850 to Cisco Catalyst 9500 (Catalyst L3 Switch Software (CAT9K_IOSXE), Version 16.12.02, RELEASE SOFTWARE).
My switch has logs every two minutes a terminated ssh connection from the Ip address of the host we usually use to connect to our network devices.
Aug 9 20:34:11.334: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 10.170.1.134 Aug 9 20:36:13.952: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 10.170.1.134 Aug 9 20:38:11.203: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 10.170.1.134 Aug 9 20:40:11.656: %SSH-4-SSH2_UNEXPECTED_MSG: Unexpected message type has arrived. Terminating the connection from 10.170.1.134
This message did not appear on the old Switch. I have tried the following but the problem continues:
Crypto key zerosize and then regenerate the crypto key
Use the commands "ip ssh rsa keypair-name SSH" and "cry key generate rsa modulus 2048 label SSH"
Removing the known host on client side
Below the switch configuration:
aaa authentication login default local aaa authentication login EXAMPLE1 group SERVERS-Tacacs local aaa authentication enable default group SERVERS-Tacacs enable ! aaa group server tacacs+ SERVERS-Tacacs server-private 10.170.1.134 key xxxxxxxxxxxx server-private 10.170.1.133 key xxxxxxxxxxxx !
ip ssh version 2
crypto key generate rsa modulus 1024
line vty 0 4
access-class 75 in access-class 75 in vrfname Mgmt-vrf exec-timeout 15 0 logging synchronous login authentication EXAMPLE1 transport input ssh
Listen: https://smarturl.it/CCRS8E37Follow us: twitter.com/ciscochampionSometimes, situations require temporary fixes. Sometimes, the network becomes an afterthought in overall office design and planning. In either situation, it may require netw...
In this special edition of the Insider Series, we hear from Cisco partners who have taken steps to be more eco-friendly and sustainable. We hear what inspires ASHRAE, Southwire, Igor, and NTT to create a workplace that is centered around people and how th...
We know that the Type-1 LSA describes the link type connected to the router, the neighbor router and the subnet number.In this topology, assume we dont have a Type-2 LSA, so each router will create its own Type-1 LSA, the Type-1 LSA will describe the neig...
Here are some commonly asked questions and answers to help with your adoption of Cisco DNA Center Wireless. Subscribe to this post to stay up-to-date with the latest Q&A and recommended Ask the Experts (ATXs) sessions to attend.
Q. I have a Cisco Appl...
Why IETF changed and inverted OSPF Type-7 LSA VS Type-5 LSA election In RFC 3101 compared to OLD RFC 1587?Many people learns that the Type-7 LSA and Type-5 election (ON Versus OE routes) depends on RFC 3101 for NSSA published in 2003 and RFC 1587 for NSSA...