Avocent DSR8020 KVM/IP - Network Connect Error - Solution

This error is commonly due to Java security or TLS settings but there is a second issue with forwarded ports that also causes it.

 

1. Java Security/TLS Settings issue:

This article has the solution to change them all in Linux automatically

2. Port Forwarding Issue if your Avocent DSR is behind NAT/private IP

One would assume if you can get to the interface successfully via port 80/443 that all would be well but it's not enough.

Actually a port scan shows the following ports are open on the DSR:

PORT     STATE SERVICE
80/tcp   open  http
443/tcp  open  https
2068/tcp open  advocentkvm
3211/tcp open  avsecuremgmt
3871/tcp open  avocent-adsap
8192/tcp open  sophos

You could forward all above ports but for normal functionality they are not required unless you are using the Avocent software I believe.

Forward these ports to your private IP of the Avocent DSR:

80,443,2068,8192

An example in iptables of how to forward the ports:

-s 192.168.5.4/32 #this is the only public IP that can access it (you can do away with this line if you want any remote IP to have access but for security this is recommended.  I find the unit itself tends to crash from attacks/hacking attempts when left wide open to the public.

iptables -A PREROUTING -t nat -s 192.16.5.4/32 -d 103.2.5.2/32 -p tcp -m multiport --dports 80,443,2068,8192,3871,3211 -j DNAT --to 192.168.10.5

The same portforwarding can also be achieved with OpenSSH like this:

*Replace 192.168.10.5 with the NAT IP of your Avocent DSR unit

ssh -L 80:192.168.10.5:80 -L 443:192.168.10.5:443 -L 2068:192.168.10.5:2068 -L 8192:192.168.10.5:8192  user@remotehost.com

#bash script

remoteip=publicip

internalip=lanip

ssh -L 80:$internalip:80 -L 443:$internalip:443 -L 2068:$internalip:2068 -L 8192:$internalip:8192  user@$remoteip
 

Other related Avocent DSR issues

http://realtechtalk.com/Avocent_Unable_to_load_resource_avctVideojar-1646-articles

http://realtechtalk.com/Avocent_8020_KVM_Java_Icedtea_Viewer_-1702-articles


Tags:

avocent, dsr, kvm, ip, solutionthis, commonly, tls, settings, forwarded, ports, linux, automatically, forwarding, nat, interface, successfully, via, scan, tcp, http, https, advocentkvm, avsecuremgmt, adsap, sophos, functionality, software, iptables, recommended, tends, attacks, hacking, attempts, prerouting, multiport, dports, dnat, portforwarding, achieved, openssh, ssl, user, remotehost, realtechtalk, avocent_unable_to_load_resource_avctvideojar, articles, avocent_, _kvm_java_icedtea_viewer_,

Latest Articles

  • ImageMagick Convert PDF Not Authorized
  • ImageMagick Converted PDF to JPEG some files have a black background solution
  • Linux Mint Mate Customize the Lock screen messages and hide username and real name
  • Ubuntu/Gnome/Mint/Centos How To Take a partial screenshot
  • ssh how to verify your host key / avoid MIM attacks
  • Cisco IP Phone CP-8845 8800/8900 Series How To Reset To Factory Settings Instructions
  • ls how to list ONLY directories
  • How to encrypt your SSH private key file id_rsa
  • Linux Mint 18 Disable User Name List from showing on Login Screen
  • Firefox Cannot Hit Enter Key In Address Bar and Location History Not Working
  • Cisco Unified Communications Manager / CUCM IP 8.6,10,12 Install Error Solution
  • Ubuntu Debian Mint Linux SSHD OpenSSH Server Not Starting After Reboot Solution
  • nmap how to scan for all ports and not just the 1000 most common ports
  • Windows 7,8,10 and Server 2008, 2012, 2016, 2019 Read Only Attribute Won't Go Away
  • bind / named how to make a wildcard record and retain defined A records
  • Cisco Unified Communications Manager 12 Install Errors on Proxmox/KVM
  • Local Vs Universally Administered MAC Address NIC Refuses to come up
  • Cisco Unified Communications Manager 12 CUCM 12 - How To Enable Video Calling
  • Windows 7, 8, 10, Windows Server 2008, 2012, 2016, 2019 How To AC97 Audio Drivers and Other Unsigned Drivers
  • Cisco Unified Communications Manager / CUCM IP Telephony Definitions