Avocent DSR4030 KVM JNLP



  • Hi,

    I have a Avocent DSR4030 and this used to work on my Cisco Router but I may have something configured wrong in my pfense router. I want to remote Java Network Launch Protocol (JNLP) to view remote desktop over my LAN. I have attached my snort alerts. It says the viewing computer has too many pipelines. I turned off snort. That didn't work. I added LAN firewall rules to allow all actions.  That also didn't work.

    I even tried to modify my jdk http://community.emerson.com/networkpower/support/avocent/f/105/t/5165  which says

    "
    This permanent fix works:

    Found this solution for a different brand KVM and it worked for Autoviews. Edit the Java.security file found \Program Files (x86)\Java\jre1.8.0_65\lib\security

    Looks like java new default is rejects key sizes less than 768. remove this setting and you can get into the KVM's.

    Remark out the first line (already #), replace with second line.

    jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768

    jdk.tls.disabledAlgorithms=SSLv3, RC4
    "

    This also didn't fix it. If you have any ideas lets me know.

    The following is an edit JNLP generated by my KVM

    <jnlp spec="1.0+" codebase="http://192.168EDITED/webstart2"><information><title>Video Session Viewer</title>
          <vendor>Avocent</vendor>
          <description>Video Session Viewer</description>
          <description kind="short">Video Viewer</description></information>

    <security><all-permissions></all-permissions></security>

    <resources><j2se version="1.5+"><jar href="avctVideo.jar"><jar href="avctVM.jar"><nativelib href="avctWin32Lib.jar"><nativelib href="avmWin32Lib.jar"><nativelib href="avctLinuxLib.jar"><nativelib href="avmLinuxLib.jar"><nativelib href="avctSolarisLib.jar"><nativelib href="avmSolarisLib.jar"><nativelib href="avctMacOSXLib.jar"><nativelib href="avmMacOSXLib.jar"><nativelib href="jpcscdll.jar"><nativelib href="jpcscso.jar"></nativelib></nativelib></nativelib></nativelib></nativelib></nativelib></nativelib></nativelib></nativelib></nativelib></jar></jar></j2se></resources>

    <application-desc main-class="com.avocent.video.Stingray"><argument>title="Avocent DSR4030 - EDITED4-5"</argument>
          <argument>devicetype=avsp</argument>
          <argument>path=a:192.168EDITED,p:14,c:0,e:1,s:"Video Viewer - EDITED4-5",l:30</argument>
          <argument>oem=Avocent</argument>
          <argument>user=Admin</argument>
          <argument>password= EDITED</argument></application-desc></jnlp>

    ![network connect error.png](/public/imported_attachments/1/network connect error.png)
    ![network connect error.png_thumb](/public/imported_attachments/1/network connect error.png_thumb)
    ![SNORT ALERT.png](/public/imported_attachments/1/SNORT ALERT.png)
    ![SNORT ALERT.png_thumb](/public/imported_attachments/1/SNORT ALERT.png_thumb)



  • In general it was suggested to white list (snort stuff)

    https://forum.pfsense.org/index.php?topic=36228.msg186815#msg186815

    suppress gen_id 122, sig_id 3
    suppress gen_id 122, sig_id 23

    I just turned off snort

    I found that I had to change one additional setting in addition to jdk.tls.disabledAlgorithms.

    #jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
    jdk.certpath.disabledAlgorithms=MD2

    #jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768
    jdk.tls.disabledAlgorithms=SSLv3, RC4

    This is for jre1.8.0_73.

    Edit the Java.security file found \Program Files (x86)\Java\jre1.8.0_65\lib\security

    and restart


Log in to reply