Re: [FreeRDP-devel] RDP via gateway gets RPC_S_INVALID_TAG

Jon Schneider Mon, 10 Nov 2014 11:14:15 -0800

I'm still having problems connecting to this tsgateway externally.  I
recompiled with debugging enabled to get a better idea of the output and
here is what I'm seeing (with some markup):


root@ubuntu:~/FreeRDP# xfreerdp /v:WORKSTATION /d:DOMAIN /u:USER
/p:PASSWORD /g:GATEWAY /gd:DOMAIN /gu:GWUSER /gp:GWPASS
getaddrinfo: Name or service not known (it would appear that even though a
gateway was specified, it still tries to connect directly to the server)
[11:26:48:134] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers: 82
[11:26:48:135] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers_minor: 80
[11:26:48:135] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] - ptype:
PTYPE_UNKNOWN (67)
[11:26:48:135] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
pfc_flags (0x5F) = {
[11:26:48:135] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_FIRST_FRAG
[11:26:48:135] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_LAST_FRAG
[11:26:48:135] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_PENDING_CANCEL
[11:26:48:135] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_RESERVED_1
[11:26:48:135] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_CONC_MPX
[11:26:48:135] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -  }
[11:26:48:135] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
packed_drep[4]: 49 4E 5F 44
[11:26:48:135] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
frag_length: 21569
[11:26:48:135] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
auth_length: 8257
[11:26:48:135] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
call_id: 1668313647
[11:26:48:174] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers: 82
[11:26:48:174] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers_minor: 80
[11:26:48:174] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] - ptype:
PTYPE_UNKNOWN (67)
[11:26:48:174] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
pfc_flags (0x5F) = {
[11:26:48:174] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_FIRST_FRAG
[11:26:48:174] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_LAST_FRAG
[11:26:48:174] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_PENDING_CANCEL
[11:26:48:174] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_RESERVED_1
[11:26:48:174] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_CONC_MPX
[11:26:48:174] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -  }
[11:26:48:174] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
packed_drep[4]: 49 4E 5F 44
[11:26:48:174] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
frag_length: 21569
[11:26:48:174] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
auth_length: 8257
[11:26:48:174] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
call_id: 1668313647
[11:26:48:175] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers: 5
[11:26:48:175] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers_minor: 0
[11:26:48:175] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] - ptype:
PTYPE_RTS (20)
[11:26:48:175] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
pfc_flags (0x03) = {
[11:26:48:175] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_FIRST_FRAG
[11:26:48:175] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_LAST_FRAG
[11:26:48:175] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -  }
[11:26:48:175] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
packed_drep[4]: 10 00 00 00
[11:26:48:175] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
frag_length: 104
[11:26:48:175] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
auth_length: 0
[11:26:48:175] [28890:28891] [INFO][com.freerdp.core.gateway.rpc] -
call_id: 0
[11:26:48:218] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers: 5
[11:26:48:218] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers_minor: 0
[11:26:48:218] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] - ptype:
PTYPE_BIND (11)
[11:26:48:218] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
pfc_flags (0x17) = {
[11:26:48:218] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_FIRST_FRAG
[11:26:48:218] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_LAST_FRAG
[11:26:48:218] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_PENDING_CANCEL
[11:26:48:218] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_CONC_MPX
[11:26:48:219] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -  }
[11:26:48:219] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
packed_drep[4]: 10 00 00 00
[11:26:48:219] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
frag_length: 164
[11:26:48:219] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
auth_length: 40
[11:26:48:219] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
call_id: 2
[11:26:48:274] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers: 5
[11:26:48:274] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers_minor: 0
[11:26:48:274] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] - ptype:
PTYPE_RPC_AUTH_3 (16)
[11:26:48:274] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
pfc_flags (0x13) = {
[11:26:48:274] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_FIRST_FRAG
[11:26:48:274] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_LAST_FRAG
[11:26:48:274] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_CONC_MPX
[11:26:48:274] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -  }
[11:26:48:274] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
packed_drep[4]: 10 00 00 00
[11:26:48:274] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
frag_length: 462
[11:26:48:274] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
auth_length: 434
[11:26:48:274] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
call_id: 2
[11:26:48:275] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers: 5
[11:26:48:275] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers_minor: 0
[11:26:48:275] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] - ptype:
PTYPE_REQUEST (0)
[11:26:48:275] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
pfc_flags (0x03) = {
[11:26:48:275] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_FIRST_FRAG
[11:26:48:275] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_LAST_FRAG
[11:26:48:275] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -  }
[11:26:48:275] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
packed_drep[4]: 10 00 00 00
[11:26:48:275] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
frag_length: 156
[11:26:48:275] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
auth_length: 16
[11:26:48:275] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
call_id: 2
[11:26:48:375] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers: 5
[11:26:48:375] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers_minor: 0
[11:26:48:375] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] - ptype:
PTYPE_REQUEST (0)
[11:26:48:375] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
pfc_flags (0x03) = {
[11:26:48:375] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_FIRST_FRAG
[11:26:48:375] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_LAST_FRAG
[11:26:48:375] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -  }
[11:26:48:375] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
packed_drep[4]: 10 00 00 00
[11:26:48:375] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
frag_length: 136
[11:26:48:375] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
auth_length: 16
[11:26:48:375] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
call_id: 3
[11:26:48:412] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers: 5
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers_minor: 0
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] - ptype:
PTYPE_REQUEST (0)
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
pfc_flags (0x03) = {
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_FIRST_FRAG
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_LAST_FRAG
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -  }
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
packed_drep[4]: 10 00 00 00
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
frag_length: 88
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
auth_length: 16
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
call_id: 4
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers: 5
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
rpc_vers_minor: 0
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] - ptype:
PTYPE_REQUEST (0)
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
pfc_flags (0x03) = {
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_FIRST_FRAG
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
 PFC_LAST_FRAG
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -  }
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
packed_drep[4]: 10 00 00 00
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
frag_length: 148
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
auth_length: 16
[11:26:48:413] [28890:28892] [INFO][com.freerdp.core.gateway.rpc] -
call_id: 5
[11:26:48:449] [28890:28892] [ERROR][com.freerdp.core.gateway.rpc] - RPC
Fault PDU:
[11:26:48:449] [28890:28892] [ERROR][com.freerdp.core.gateway.rpc] -
status: RPC_S_INVALID_TAG (0x000006C5)
[11:26:48:449] [28890:28891] [ERROR][com.freerdp.core.gateway.tsg] - error
reading response
[11:26:48:449] [28890:28891] [ERROR][com.freerdp.core] -
freerdp_set_last_error 0x2000C
[11:26:48:449] [28890:28891] [ERROR][com.freerdp.core.connection] - Error:
protocol security negotiation or connection failure

The funny thing is, when I run the exact command internally it connects and
bypasses the gateway altogether.  The gateway is Windows 2008 Server with
SP2.  On the gateway itself I can see myself log in and then almost
immediately log back out in the security log.  I then checked the TS
Gateway log in event viewer and can see where I was authorized to connect
to the internal server. Aside from those two logs I cannot locate anything
else on the gateway pertinent to my login attempts.

Reviewing the logs on the remote desktop server itself reflect nothing.  It
doesn't seem that after the tunnel is created on the gateway, freerdp
attempts to connect to the final destination.  I ran some network captures,
but those didn't appear particularly fruitful at first glance either.

Any ideas?
------------------------------------------------------------------------------
Comprehensive Server Monitoring with Site24x7.
Monitor 10 servers for $9/Month.
Get alerted through email, SMS, voice calls or mobile push notifications.
Take corrective actions from your mobile device.
http://pubads.g.doubleclick.net/gampad/clk?id=154624111&iu=/4140/ostg.clktrk
_______________________________________________
FreeRDP-devel mailing list
FreeRDP-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/freerdp-devel

Re: [FreeRDP-devel] RDP via gateway gets RPC_S_INVALID_TAG

Reply via email to