Server Management - Remote Server Management
cancel
Showing results for 
Search instead for 
Did you mean: 

java.net.ConnectException: Operation timed out: connect

HomieOC
Occasional Visitor

java.net.ConnectException: Operation timed out: connect

I'm trying to help my friend with his debian linux server

 

im trying to access KVM on lights out server here http://il100422.online.net/kvms.html

 

i get this error

 

java.net.ConnectException: Operation timed out: connect

 

i forwarded port 5901 on my router... and i keep getting that error? what do i have to do to get this to work? I added the online.net link to secure websites in my java config. I turned my laptop firewall off and everything

 

Thanks!

2 REPLIES
HomieOC
Occasional Visitor

Re: java.net.ConnectException: Operation timed out: connect

heres what my java debug console window says

 

 


HomieOC wrote:
cache: Initialize resource manager: com.sun.deploy.cache.ResourceProviderImpl@158e4ee
basic: Added progress listener: sun.plugin.util.ProgressMonitorAdapter@2cba0a
security: Expected Main URL: http://il100422.online.net/M2.JAR
basic: Plugin2ClassLoader.addURL parent called for http://il100422.online.net/M2.JAR
security: Blacklist revocation check is enabled
security: blacklist: created: NEED_LOAD, lastModified: 1402297966047
security: blacklist: hasBeenModifiedSince 1402298949772 (we have 1402297966047)
security: Trusted libraries list check is enabled
security: Trust for: http://il100422.online.net/M2.JAR has ended: Thu Oct 28 16:59:59 PDT 2010
security: Reset cached validation for http://il100422.online.net/M2.JAR.
network: Cache entry found [url: http://il100422.online.net/M2.JAR, version: null] prevalidated=false/0
cache: Adding MemoryCache entry: http://il100422.online.net/M2.JAR
cache: Resource http://il100422.online.net/M2.JAR has expired.
network: Connecting http://il100422.online.net/M2.JAR with proxy=DIRECT
network: Connecting http://il100422.online.net:80/ with proxy=DIRECT
network: Connecting http://il100422.online.net/M2.JAR with cookie "PHPSESSID=0190c1b9644623478044034146ab5cb0bb895fc1"
cache: http://il100422.online.net/M2.JAR is not cacheable.
network: ResponseCode for http://il100422.online.net/M2.JAR : 200
network: Encoding for http://il100422.online.net/M2.JAR : null
network: Disconnect connection to http://il100422.online.net/M2.JAR
CacheEntry[http://il100422.online.net/M2.JAR]: updateAvailable=false,lastModified=Wed Dec 31 16:00:00 PST 1969,length=684795
cache:  Read manifest for http://il100422.online.net/M2.JAR: read=131 full=15245
cache: Loading full manifest for http://il100422.online.net/M2.JARcache: Reading Signers from 4878 http://il100422.online.net/M2.JAR | C:\Users\Homie\AppData\LocalLow\Sun\Java\Deployment\cache\6.0\51\4bb268b3-662501ba.idx
cache: Done readSigners(http://il100422.online.net/M2.JAR)
security: Trust for: http://il100422.online.net/M2.JAR has ended: Thu Oct 28 16:59:59 PDT 2010
security: Missing Codebase manifest attribute for: http://il100422.online.net/M2.JAR
security: Missing Application-Library-Allowable-Codebase manifest attribute for: http://il100422.online.net/M2.JAR
security: Loading Deployment certificates from C:\Users\Homie\AppData\LocalLow\Sun\Java\Deployment\security\trusted.certs
security: Loaded Deployment certificates from C:\Users\Homie\AppData\LocalLow\Sun\Java\Deployment\security\trusted.certs
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Deployment session certificate store
security: Loaded certificates from Deployment session certificate store
security: Loading certificates from Internet Explorer TrustedPublisher certificate store
security: Loaded certificates from Internet Explorer TrustedPublisher certificate store
security: Loading certificates from Internet Explorer DISALLOWED certificate store
security: Loaded certificates from Internet Explorer DISALLOWED certificate store
security: Validate the certificate chain using CertPath API
security: The certificate has expired, need to check timestamping info
security: Timestamping info is available
security: The certificate has expired, and is timestamped in valid period
security: Start checking TSA certificate path
security: Loading certificates from Internet Explorer ROOT certificate store
security: Loaded certificates from Internet Explorer ROOT certificate store
security: Loading Root CA certificates from C:\Program Files (x86)\Java\jre7\lib\security\cacerts
security: Loaded Root CA certificates from C:\Program Files (x86)\Java\jre7\lib\security\cacerts
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Obtain certificate collection in Root CA certificate store
security: Even though certificate has expired, it is timestamped in valid period and has valid TSA
security: Loading blacklisted.certs file: C:\Users\Homie\AppData\LocalLow\Sun\Java\Deployment\security\blacklisted.certs
security: SHA-256Certificate finger print: 440FB1769F7B790BE72CAF84768CFF84E3F6A679F876AC4211D6A00B969E4BF0
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: EAFD04985F970107502870A3CAC36D0AEC7CA8CD3F68EBEEE3448FB68B68DCD7
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: SHA-256Certificate finger print: E7685634EFACF69ACE939A6B255B7B4FABEF42935B50A265ACB5CB6027E44E70
security: Checking if certificate is in Internet Explorer DISALLOWED certificate store
security: The OCSP support is enabled
security: The CRL support is enabled
security: Failing over to CRLs: Certificate does not specify OCSP responder
network: Cache entry found [url: http://crl.verisign.com/pca3.crl, version: null] prevalidated=false/0
cache: Adding MemoryCache entry: http://crl.verisign.com/pca3.crl
cache: Resource http://crl.verisign.com/pca3.crl has expired.
network: Connecting http://crl.verisign.com/pca3.crl with proxy=DIRECT
network: Connecting http://crl.verisign.com:80/ with proxy=DIRECT
network: ResponseCode for http://crl.verisign.com/pca3.crl : 304
network: Encoding for http://crl.verisign.com/pca3.crl : null
network: Disconnect connection to http://crl.verisign.com/pca3.crl
network: Connecting http://ocsp.verisign.com/ with proxy=DIRECT
network: Connecting http://ocsp.verisign.com:80/ with proxy=DIRECT
security: OCSP Response: GOOD
security: Certificate validation succeeded using OCSP/CRL
security: Saving certificates in Deployment session certificate store
security: Saved certificates in Deployment session certificate store
security: Saving certificates in Deployment session certificate store
security: Saved certificates in Deployment session certificate store
basic: updateValidationResultsForApplet update
cache: Mark prevalidated: http://il100422.online.net/M2.JAR true tm=1402301931373 cert=1288310399000
security: Grant socket perm for http://il100422.online.net/M2.JAR : java.security.Permissions@b5ef94 (
 ("java.net.SocketPermission" "il100422.online.net" "connect,accept,resolve")
)

security: Trust for: http://il100422.online.net/M2.JAR has ended: Thu Oct 28 16:59:59 PDT 2010
security: Missing Codebase manifest attribute for: http://il100422.online.net/M2.JAR
security: Missing Application-Library-Allowable-Codebase manifest attribute for: http://il100422.online.net/M2.JAR
security: Validate the certificate chain using CertPath API
security: The certificate has expired, need to check timestamping info
security: Timestamping info is available
security: The certificate has expired, and is timestamped in valid period
security: Start checking TSA certificate path
security: Even though certificate has expired, it is timestamped in valid period and has valid TSA
basic: Plugin2ClassLoader.getPermissions CeilingPolicy allPerms
security: The certificate has expired, need to check timestamping info
security: Timestamping info is available
security: The certificate has expired, and is timestamped in valid period
security: Start checking TSA certificate path
security: Even though certificate has expired, it is timestamped in valid period and has valid TSA
Missing Permissions manifest attribute in main jar: http://il100422.online.net/M2.JAR
security: Missing Codebase manifest attribute for: http://il100422.online.net/M2.JAR
security: Missing Application-Library-Allowable-Codebase manifest attribute for: http://il100422.online.net/M2.JAR
security: Validate the certificate chain using CertPath API
security: The certificate has expired, need to check timestamping info
security: Timestamping info is available
security: The certificate has expired, and is timestamped in valid period
security: Start checking TSA certificate path
security: Even though certificate has expired, it is timestamped in valid period and has valid TSA
security: SSV validation:
    running: 1.7.0_60
    requested: 1.7.0.60
    range: null
    javaVersionParam: 1.7.0_60
    Rule Set version: null
network: Created version ID: 1.7.0.60
network: Created version ID: 1.7.0.60
security: continue with running version
network: Created version ID: 1.7.0.60
network: Created version ID: 1.7
network: Created version ID: 2.2.60
security:  --- parseCommandLine converted :
into:
[]
basic: Applet loaded.
basic: Applet resized and added to parent container
basic: PERF: AppletExecutionRunnable - applet.init() BEGIN ; jvmLaunch dt 137499 us, pluginInit dt 2095033 us, TotalTime: 2232532 us
basic: Applet initialized
basic: Starting applet
basic: completed perf rollup
basic: Applet made visible
basic: Applet started
basic: Told clients applet is started
network: Cache entry not found [url: file:/C:/Program%20Files%20(x86)/Java/jre7/lib/ext/sunec.jar, version: null]
network: Cache entry not found [url: file:/C:/Program%20Files%20(x86)/Java/jre7/lib/ext/sunjce_provider.jar, version: null]
network: Connecting http://10.190.33.150:443/ with proxy=DIRECT




Matti_Kurkela
Honored Contributor

Re: java.net.ConnectException: Operation timed out: connect

So you're connecting over the public Internet?

 

In that case, what is happening is that your browserfirst connects to the URL you specified, and receives a Java KVM client and an information package for it. The browser starts the Java KVM client and supplies it with the information package. 

Unfortunately, the information package seems to contain the IP address and port number the client is supposed to connect to:

> network: Connecting http://10.190.33.150:443/ with proxy=DIRECT

 

This is a 10.*.*.* address, which is one of the "private use" address blocks. As a result, it is not globally unique: you may use any of the 10.*.*.* addresses in your home network, your ISP may use those same addresses for another purpose, and your friend's ISP for yet another.
In situations like this, only the instance of the 10.*.*.* address physically closest to you (when measured over the network) is likely to be reachable, and the other instances will be inaccessible.

 

You mentioned:

> i forwarded port 5901 on my router.

> I turned my laptop firewall off and everything

 

This was probably not useful and might actually be risky for you: forwarding port 5901 on your router might be appropriate for incoming access, i.e. when you're trying to let someone else access your system remotely over the VNC remote access protocol, but it is not typically needed for outgoing access.

 

KVM clients that integrate with the web browser (like Lights-Out) can sometimes be difficult or impossible to use if there is a NAT between you and the server you wish to access remotely. Newer versions handle this usually better than the old ones.

A VPN connection directly to the network segment the KVM is connected to might be one way to solve this problem.

A SSH connection with dynamic port forwarding might be able to do the same, although it requires getting multiple non-obvious items right:

- the remote endpoint of the SSH connection must be somewhere that allows a non-NATted connection to the target KVM

- the remote endpoint must allow SSH port forwarding

- your browser AND your Java must be configured to use a SOCKS proxy that is created by your SSH client when setting up a SSH connection with dynamic port forwarding

MK