Is there anything in your Apache error logs after Apache is restarted? Or after an attempt to connect fails?
- Mike On Fri, Oct 23, 2020, 13:11 Dirk Laurenz <[email protected]> wrote: > My Setup is as follows > > > > > > Webmail01 running tomcat with guacamole on port 8080 > > Apache 2 on same machine listening on 443…. > > > > Connecting to guacamole directly on port 8080, fine! > > Connecting to apache, not working > > Connecting directly to rdp client, working > > > > *Von:* Nick Couchman <[email protected]> > *Gesendet:* Freitag, 23. Oktober 2020 14:26 > *An:* [email protected] > *Betreff:* Re: Guacamole and reverse Proxy > > > > On Thu, Oct 22, 2020 at 6:21 PM Dirk Laurenz <[email protected]> wrote: > > Hello, > > > > I make my first steps with guacamole and it’s great! Locally it’s working > perfectly. > > Now I try to expose it to the internet in order to use it remotely. > > > > So I configured apache as an reverse proxy. That works fine so far, but > I’m not able to start any session. > > Logging to the web interface works fine. But as soon as I start an rdp > session or ssh session they don’t work. > > > > Locally they work. > > > > Here’s my apache config: > > > > <VirtualHost *:443> > > DocumentRoot /var/www/vpn.somedom.com > > ServerAdmin webmaster@localhost > > ErrorLog /var/log/apache2/vpn.somedom.com_error.log > > CustomLog /var/log/apache2/vpn.somedom.com_access.log combined > > RewriteEngine on > > RewriteCond %{SERVER_NAME} =roundcube.somedom.com > > RewriteRule ^ https://%{SERVER_NAME}%{REQUEST_URI} [END,NE,R=permanent] > > SSLEngine on > > SSLProxyEngine on > > <Directory "/var/www/vpn.somedom.com"> > > allow from all > > Options None > > Require all granted > > </Directory> > > ServerName vpn.somedom.com > > > > <Location /guacamole/> > > Order allow,deny > > Allow from all > > ProxyPass > http://localhost:8080/guacamole/ flushpackets=on > > ProxyPassReverse http://localhost:8080/guacamole/ > > </Location> > > > > <Location /guacamole/websocket-tunnel> > > Order allow,deny > > Allow from all > > ProxyPass ws://localhost:8080/guacamole/websocket-tunnel > > ProxyPassReverse ws://localhost:8080/guacamole/websocket-tunnel > > </Location> > > > > Header always unset X-Frame-Options > > > > > > > > Include /etc/letsencrypt/options-ssl-apache.conf > > SSLCertificateFile /etc/letsencrypt/live/vpn.somedom.com/fullchain.pem > > SSLCertificateKeyFile /etc/letsencrypt/live/vpn.somedom.com/privkey.pem > > </VirtualHost> > > > > This what I see in the logs: (ssh) > > > > Okt 22 23:51:55 webmail01 tomcat9[1543]: 23:51:55.508 > [http-nio-8080-exec-2] INFO o.a.g.tunnel.TunnelRequestService - User "xxx" > connected to connection "xxx". > > Okt 22 23:51:55 webmail01 tomcat9[1543]: 23:51:55.508 > [http-nio-8080-exec-2] INFO o.a.g.t.h.RestrictedGuacamoleHTTPTunnelServlet > - Using HTTP tunnel (not WebSocket). Performance may be sub-optimal. > > > > And RDP > > > > Okt 22 23:57:35 webmail01 tomcat9[1543]: 23:57:35.393 > [http-nio-8080-exec-6] INFO o.a.g.environment.LocalEnvironment - > GUACAMOLE_HOME is "/etc/guacamole". > > Okt 22 23:57:35 webmail01 guacd[1536]: Creating new client for protocol > "rdp" > > Okt 22 23:57:35 webmail01 guacd[1536]: Connection ID is > "$be247aff-2218-4279-8aa6-fda852e6a056" > > Okt 22 23:57:35 webmail01 guacd[1740]: No security mode specified. > Defaulting to security mode negotiation with server. > > Okt 22 23:57:35 webmail01 guacd[1740]: Resize method: none > > Okt 22 23:57:35 webmail01 guacd[1740]: User > "@558cf0b5-f56f-4ae5-ac9a-442c48107e7e" joined connection > "$be247aff-2218-4279-8aa6-fda852e6a056" (1 users now present) > > Okt 22 23:57:35 webmail01 tomcat9[1543]: 23:57:35.450 > [http-nio-8080-exec-6] INFO o.a.g.tunnel.TunnelRequestService - User > "dlaurenz" connected to connection "JD01". > > Okt 22 23:57:35 webmail01 tomcat9[1543]: 23:57:35.450 > [http-nio-8080-exec-6] INFO o.a.g.t.h.RestrictedGuacamoleHTTPTunnelServlet > - Using HTTP tunnel (not WebSocket). Performance may be sub-optimal. > > Okt 22 23:57:35 webmail01 guacd[1740]: Loading keymap "base" > > Okt 22 23:57:35 webmail01 guacd[1740]: Loading keymap "de-de-qwertz" > > Okt 22 23:57:35 webmail01 guacd[1740]: Connected to RDPDR 1.13 as client > 0x0003 > > Okt 22 23:58:07 webmail01 guacd[1740]: RDP server closed connection: > Manually logged off. > > Okt 22 23:58:07 webmail01 guacd[1740]: Internal RDP client disconnected > > > > This indicates that the RDP server has, for some reason or another, closed > the connection. Are you able to successfully connect to this server with > identical parameters from a standard RDP client? > > > > -Nick >
