Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
5284
Views
0
Helpful
1
Replies

%SSH-3-DH_RANGE_FAIL:

situwayne
Level 1
Level 1

‎01-20-2012 03:39 PM - edited ‎03-04-2019 02:58 PM

Can someone please explain what this syslog message means?  Being getting this on my 3945e series routers.  My gut tells me they are caused by our Security guys scanning my routers with invalid login attempts.

%SSH-3-DH_RANGE_FAIL: Client DH key range mismatch with maximum configured DH key on server

2 people had this problem
Labels:
0 Helpful
1 Reply 1

nkarpysh
Cisco Employee
Cisco Employee

‎01-20-2012 07:53 PM

Hi,

The message in the logs:

"SSH-3-DH_RANGE_FAIL: Client DH key range mismatch with maximum configured DH key on

server" on the device.

is only informational meaning "client DH key size were not the same as those available on the sever and hence the DH keys could not be exchanged." It seems that some client/server/scan is trying to access the device and credentials do not match, thus the message is generated. You can correlate if this message correspond to the valid user logn attempts or not. Possibly debug ip SSH may help to get more details.

Hope this helps,

Nik

HTH,
Niko
0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card