Netgate Discussion Forum
    • Categories
    • Recent
    • Tags
    • Popular
    • Users
    • Search
    • Register
    • Login

    Avocent DSR4030 KVM JNLP

    Scheduled Pinned Locked Moved General pfSense Questions
    2 Posts 1 Posters 2.6k Views
    Loading More Posts
    • Oldest to Newest
    • Newest to Oldest
    • Most Votes
    Reply
    • Reply as topic
    Log in to reply
    This topic has been deleted. Only users with topic management privileges can see it.
    • N
      nihunter
      last edited by

      Hi,

      I have a Avocent DSR4030 and this used to work on my Cisco Router but I may have something configured wrong in my pfense router. I want to remote Java Network Launch Protocol (JNLP) to view remote desktop over my LAN. I have attached my snort alerts. It says the viewing computer has too many pipelines. I turned off snort. That didn't work. I added LAN firewall rules to allow all actions.  That also didn't work.

      I even tried to modify my jdk http://community.emerson.com/networkpower/support/avocent/f/105/t/5165  which says

      "
      This permanent fix works:

      Found this solution for a different brand KVM and it worked for Autoviews. Edit the Java.security file found \Program Files (x86)\Java\jre1.8.0_65\lib\security

      Looks like java new default is rejects key sizes less than 768. remove this setting and you can get into the KVM's.

      Remark out the first line (already #), replace with second line.

      jdk.tls.disabledAlgorithms=SSLv3, RC4, DH keySize < 768

      jdk.tls.disabledAlgorithms=SSLv3, RC4
      "

      This also didn't fix it. If you have any ideas lets me know.

      The following is an edit JNLP generated by my KVM

      <jnlp spec="1.0+" codebase="http://192.168EDITED/webstart2"><information><title>Video Session Viewer</title>
            <vendor>Avocent</vendor>
            <description>Video Session Viewer</description>
            <description kind="short">Video Viewer</description></information>

      <security><all-permissions></all-permissions></security>

      <resources><j2se version="1.5+"><jar href="avctVideo.jar"><jar href="avctVM.jar"><nativelib href="avctWin32Lib.jar"><nativelib href="avmWin32Lib.jar"><nativelib href="avctLinuxLib.jar"><nativelib href="avmLinuxLib.jar"><nativelib href="avctSolarisLib.jar"><nativelib href="avmSolarisLib.jar"><nativelib href="avctMacOSXLib.jar"><nativelib href="avmMacOSXLib.jar"><nativelib href="jpcscdll.jar"><nativelib href="jpcscso.jar"></nativelib></nativelib></nativelib></nativelib></nativelib></nativelib></nativelib></nativelib></nativelib></nativelib></jar></jar></j2se></resources>

      <application-desc main-class="com.avocent.video.Stingray"><argument>title="Avocent DSR4030 - EDITED4-5"</argument>
            <argument>devicetype=avsp</argument>
            <argument>path=a:192.168EDITED,p:14,c:0,e:1,s:"Video Viewer - EDITED4-5",l:30</argument>
            <argument>oem=Avocent</argument>
            <argument>user=Admin</argument>
            <argument>password= EDITED</argument></application-desc></jnlp>

      ![network connect error.png](/public/imported_attachments/1/network connect error.png)
      ![network connect error.png_thumb](/public/imported_attachments/1/network connect error.png_thumb)
      ![SNORT ALERT.png](/public/imported_attachments/1/SNORT ALERT.png)
      ![SNORT ALERT.png_thumb](/public/imported_attachments/1/SNORT ALERT.png_thumb)

      1 Reply Last reply Reply Quote 0
      • N
        nihunter
        last edited by

        In general it was suggested to white list (snort stuff)

        https://forum.pfsense.org/index.php?topic=36228.msg186815#msg186815

        suppress gen_id 122, sig_id 3
        suppress gen_id 122, sig_id 23

        I just turned off snort

        I found that I had to change one additional setting in addition to jdk.tls.disabledAlgorithms.

        #jdk.certpath.disabledAlgorithms=MD2, MD5, RSA keySize < 1024
        jdk.certpath.disabledAlgorithms=MD2

        #jdk.tls.disabledAlgorithms=SSLv3, RC4, MD5withRSA, DH keySize < 768
        jdk.tls.disabledAlgorithms=SSLv3, RC4

        This is for jre1.8.0_73.

        Edit the Java.security file found \Program Files (x86)\Java\jre1.8.0_65\lib\security

        and restart

        1 Reply Last reply Reply Quote 0
        • First post
          Last post
        Copyright 2025 Rubicon Communications LLC (Netgate). All rights reserved.