weizhouapache commented on issue #3296: [master] noVNC Console Integration URL: https://github.com/apache/cloudstack/pull/3296#issuecomment-588167987 > So the error seems to be "Invalid client ip address" after looking in the novnc.log... Is this some security feature? @ustcweizhou > > ``` > root@v-1-VM:~# tail -f /var/log/novnc.log > WebSocket server settings: > - Listen on :8080 > - Web server. Web root: /root/noVNC > - No SSL/TLS support (no cert file) > - Backgrounding (daemon) > - proxying from :8080 to None:None > 172.20.0.1 - - [19/Feb/2020 10:41:36] 172.20.0.1: Plain non-SSL (ws://) WebSocket connection > 172.20.0.1 - - [19/Feb/2020 10:41:36] 172.20.0.1: Path: '/accc60e6[...]2f9bd836fc5' > 172.20.0.1: Not accepted: Invalid client ip address > ``` yes @DennisKonrad in novnc it checks if the source ip to novnc server and management server are the same. ``` # Check client ip address if self.client_ip != self.client_address[0]: self.send_close() raise self.server.EClose('Not accepted: Invalid client ip address') ``` (self.client_ip is source ip to management server, self.client_address[0] is source ip to novnc) If you use reverse proxy or load balancer (nginx, haproxy, pfsense,etc), it might be an issue.
---------------------------------------------------------------- This is an automated message from the Apache Git Service. To respond to the message, please log on to GitHub and use the URL above to go to the specific comment. For queries about this service, please contact Infrastructure at: [email protected] With regards, Apache Git Services
