Running Traceroute on a Cisco ASA via Native SSH client throws an error
Running Traceroute on a Cisco ASA via Native SSH client throws an error
I ran a traceroute from my ASA (latest firmware) today via RDM and when I did so I received "An unknown SSH error was encountered. Disconnected: Server protocol violation: unexpected SSH2_MSG_UNIMPLEMENTED packet" and then killed the connection. When I ran the same command in PuTTY it worked but I did notice that he ASA essentially buffered a number of the responses and then sent them all at once.
All Comments (4)
Hi Jim
Thanks for the buffer information. That being said, what type of session are you using? Did you test with a SSH Shell entry or with Putty session.
Best regards,
David Grandolfo
Yes i have the same problem with ASAs. Using SSH SHELL, it happens anytime i run a ping from an ASA and it fails. Also traceroutes will randomly crash, but they also hang. So i have to press enter after each step in the trace path. and on routers an unsuccessful ping will hang up until you press enter, but no crash that i've seen on an IOS router. Everything is running SSH V2. I get the same error as well SSH2_MSG_UNIMPLEMENTED
Not sure if this could help but there appears to be a way to fix the issue in putty if the Kex protocol DH settings are adjusted
https://www.chiark.greenend.org.uk/~sgtatham/putty/wishlist/handle-unimplemented.html
Thanks for this explanation, unfortunately we do not have any Cisco ASA to test it. But with the information found I will ask the engineering department to have a look at the information.
David Grandolfo