Yes, the failing machine is running rdp and vnc server. By default these are
included in mac ( I guess 10.14 and above). And, I verified these by connecting
to the mac both thru rdp and vnc using KRC application. Also the ports for
these are different, rdp uses 3283 and vnc 5900 by default on Mac. My Guacamole
user-mapping.xml has these corresponding ports configured. Since I can connect
to the Mac using these ports thru KRC application, firewall is not blocking
these connections for Guacamole.
vnc failure has different log in syslog, looks like an issue with security
type, is there a way to specify a security type?
------
Oct 5 15:49:12 debian guacd[6856]: Creating new client for protocol "vnc"
Oct 5 15:49:12 debian guacd[6856]: Connection ID is
"$9230826d-1d82-4aaf-80ea-ba0f9ae0b2d5"
Oct 5 15:49:12 debian guacd[9036]: Cursor rendering: local
Oct 5 15:49:12 debian guacd[9036]: User
"@875f9065-45a0-4f88-920a-986ece6a5e36" joined connection
"$9230826d-1d82-4aaf-80ea-ba0f9ae0b2d5" (1 users now present)
Oct 5 15:49:12 debian guacd[9036]: VNC server supports protocol version 3.889
(viewer 3.8)
Oct 5 15:49:12 debian guacd[9036]: We have 4 security types to read
Oct 5 15:49:12 debian guacd[9036]: 0) Received security type 30
Oct 5 15:49:12 debian guacd[9036]: Selecting security type 30 (0/4 in the list)
Oct 5 15:49:12 debian guacd[9036]: 1) Received security type 33
Oct 5 15:49:12 debian guacd[9036]: 2) Received security type 36
Oct 5 15:49:12 debian guacd[9036]: 3) Received security type 35
Oct 5 15:49:12 debian guacd[9036]: Selected Security Scheme 30
Oct 5 15:49:12 debian guacd[9036]: VNC connection failed: Authentication or
authorization failure
Oct 5 15:49:12 debian guacd[9036]: Unable to connect to VNC server.
Oct 5 15:49:12 debian guacd[9036]: User
"@875f9065-45a0-4f88-920a-986ece6a5e36" disconnected (0 users remain)
Oct 5 15:49:12 debian guacd[9036]: Last user of connection
"$9230826d-1d82-4aaf-80ea-ba0f9ae0b2d5" disconnected
------
Thanks,Srinivas.
On Monday, October 5, 2020, 6:02:58 PM PDT, Mike Jumper
<[email protected]> wrote:
On Mon, Oct 5, 2020, 16:34 Sri Web <[email protected]> wrote:
Hi Mike,
Thanks for your response.
1. Tested that target computer can be connected over rdp from the host running
Guacamole. In this case, Debian VB running Guacamole can connect to target
macOS machine. Tested using KRC application.
Looks like having trouble connecting to macOS machines. Even my test with vnc
connection failed as well. ...
The failing machine is a Mac that is running both a VNC server and an RDP
server?
2. In the post (
https://sourceforge.net/p/guacamole/discussion/1110834/thread/f9cc8d2a/ ),
Eddie suggests to link freerdp libraries, which might help.
He suggests adding symbolic links to the FreeRDP plugins specifically to
resolve an error regarding those plugins not being found, not as a panacea for
absolutely anything related to RDP.
3. The logs I posted are from guacd logs. I had the guacd logs write to a
separate file thru logback.xml configuration.
No, those were the web application logs (from Tomcat). The logback.xml file
configures web application logging only. It is not relevant to guacd, which
logs messages through syslog.
Here is what is on syslog:
------
Oct 5 16:06:37 debian guacd[6856]: Creating new client for protocol "rdp"
Oct 5 16:06:37 debian guacd[6856]: Connection ID is
"$b6a11665-3b28-44eb-a84b-929f16366015"
Oct 5 16:06:37 debian guacd[9101]: Security mode: Negotiate (ANY)
Oct 5 16:06:37 debian guacd[9101]: Resize method: none
Oct 5 16:06:37 debian guacd[9101]: User
"@15cf3b9e-3b72-4486-b820-33a574acb7f2" joined connection
"$b6a11665-3b28-44eb-a84b-929f16366015" (1 users now present)
Oct 5 16:06:37 debian guacd[9101]: Loading keymap "base"
Oct 5 16:06:37 debian guacd[9101]: Loading keymap "en-us-qwerty"
Oct 5 16:07:07 debian guacd[9101]: User is not responding.
Oct 5 16:07:07 debian guacd[9101]: User
"@15cf3b9e-3b72-4486-b820-33a574acb7f2" disconnected (0 users remain)
Oct 5 16:07:07 debian guacd[9101]: Last user of connection
"$b6a11665-3b28-44eb-a84b-929f16366015" disconnected
Are you sure there is an RDP service on the machine in question? Not just VNC?
The above is closer to what I would expect to see if a destination machine were
silently ignoring the RDP connection attempt, presumably because no RDP service
is running or the firewall is blocking inbound connections.
- Mike
