Please follow these steps if you cannot can connect to a router. For example
ssh [email protected]
Unable to negotiate with blog.wapnet.nl port 22: no matching key exchange method found. Their offer: diffie-hellman-group-exchange-sha1,diffie-hellman-group14-sha1,diffie-hellman-group1-sha1
use the -o parameter
ssh -o KexAlgorithms=+diffie-hellman-group1-sha1 [email protected]
Unable to negotiate with blog.wapnet.nl port 22: no matching cipher found. Their offer: aes128-cbc,3des-cbc,aes192-cbc,aes256-cbc
and add the -c parameter
ssh -o KexAlgorithms=+diffie-hellman-group1-sha1 -c aes256-cbc [email protected]
and you are connected 🙂
The authenticity of host 'blog.wapnet.nl' can't be established.
RSA key fingerprint is SHA256:XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
Are you sure you want to continue connecting (yes/no/[fingerprint])?
I had 2x HP DL 380 G6 servers with Windows 2012 R2 whit the same problem. When I start a download (I try a lot of different sites) the download drops and fluctuate. When I connect my laptop or another server on the same cable the download is stable. So my conclusion was the onboard nic.
What I tried:
- Update latest HP SSP (2014_2)
- Update firmware NIC
- Update driver NIC
- Update Windows (patches)
- change all the default nic settings like disable tcp offload for example
- Try another switch
Bandwidth during download:
I thought the problem must be the NIC so I added an intel pro to my server with the same result 🙁
Then I found the command netsh interface tcp show global
C:\Windows\system32>netsh interface tcp show global
Querying active state...
TCP Global Parameters
Receive-Side Scaling State : enabled
Chimney Offload State : disabled
NetDMA State : disabled
Direct Cache Access (DCA) : disabled
Receive Window Auto-Tuning Level : enabled
Add-On Congestion Control Provider : none
ECN Capability : enabled
RFC 1323 Timestamps : disabled
Initial RTO : 3000
Receive Segment Coalescing State : enabled
Non Sack Rtt Resiliency : disabled
Max SYN Retransmissions : 2
I dived in to these settings and I found the “Receive Window Auto-Tuning Level on enabled”. So I disabled the setting with:
netsh int tcp set global autotuninglevel=disabled
After that setting the network connection to the internet was stable 🙂
I found an article on the net that Cisco PIX IOS 8.0 doesn’t support “TCP Window Scaling”. Source: http://www.cisco.com/c/en/us/support/docs/security/ios-firewall/71613-iosfw-tcp-scaling-ts.html
So I use the workaround to disable the Automatic Windows Scaling in Windows because I can’t update our old PIX.
Problem solved 😀
If you want to create a Cisco lab use GNS3.