I'm testing the use of Guacamole for commercial use as part of our software to enable users to remotely login to private networks from the browser. I have Guacamole containers running on an AWS EC2 VM. The RDP connection is made to a localhost port which is forwarded through a reverse tunnel originating from the private network. I'm able to connect to Win7/Win10 systems hosted on AWS, but when I try connecting to the Win10 systems in the corporate network, guacd gives me the following error:
connected to localhost:5000 creating directory /root/.config/freerdp creating directory /root/.config/freerdp/certs creating directory /root/.config/freerdp/server certificate_store_open: error opening [/root/.config/freerdp/known_hosts] for writing unexpected pubKeyAuth buffer size:0 Could not verify public key echo! Authentication failure, check credentials. If credentials are valid, the NTLMSSP implementation may be to blame. Error: protocol security negotiation or connection failure guacd[58]: ERROR: Error connecting to RDP server I'm unable to understand what the problem could be. The possible causes could be that some Windows group policies could be blocking the RDP connection, but this is just a rough guess. Two months have passed and I haven't been able to narrow down to which policy could be affecting this. Could it be RemoteFx (which is enabled) or some policies around that? Could it be that Win10 has some specialized authentication procedures which are blocking Guacamole? The Wireshark packet traces on the destination machine indicate that the RDP socket connection is closed with disconnection reason code 14. I couldn't find any interesting information in the Event Viewer logs. Kindly note that connecting to only these corporate domain network systems does not work, everything else seems fine. Could you please provide me some pointers where I should dig more? I would basically like to understand which settings might be affecting Guacamole's operating capability so that it is possible for me to address these problems in a production environment. Lastly, thanks for creating Guacamole. Best Regards, Elroy
