These durations sure look like timeouts. Are you sure you have port connectivity from your guacamole box to the target VMs?
Bogdan > On 12 Nov 2020, at 20:52, Devine, Harry (FAA) <harry.dev...@faa.gov.INVALID> > wrote: > > We are trying to setup a VNC connection 2 servers: 1 is RHEL 7 and 1 is RHEL > 8, and 1 RDP connection to a Windows 10 box that we have. > > For the RHEL servers, we get the following errors in /var/log/messages: > > Nov 12 13:47:02 ose-access guacd[21334]: Creating new client for protocol > "vnc" > Nov 12 13:47:02 ose-access guacd[21334]: Connection ID is > "$b937cff4-7321-4ca9-9e16-0a3074db666f" > Nov 12 13:47:02 ose-access guacd[36970]: Cursor rendering: local > Nov 12 13:47:02 ose-access guacd[36970]: User > "@7a218333-8f7b-44be-a08e-4d41e996d432" joined connection > "$b937cff4-7321-4ca9-9e16-0a3074db666f" (1 users now present) > Nov 12 13:47:02 ose-access server: 13:47:02.314 [http-bio-8080-exec-55] INFO > o.a.g.tunnel.TunnelRequestService - User "harry.devine" connected to > connection "11". > Nov 12 13:47:02 ose-access server: 13:47:02.314 [http-bio-8080-exec-55] INFO > o.a.g.t.h.RestrictedGuacamoleHTTPTunnelServlet - Using HTTP tunnel (not > WebSocket). Performance may be sub-optimal. > Nov 12 13:47:02 ose-access guacd[36970]: VNC server supports protocol version > 3.8 (viewer 3.8) > Nov 12 13:47:02 ose-access guacd[36970]: We have 2 security types to read > Nov 12 13:47:02 ose-access guacd[36970]: 0) Received security type 19 > Nov 12 13:47:02 ose-access guacd[36970]: Selecting security type 19 (0/2 in > the list) > Nov 12 13:47:02 ose-access guacd[36970]: 1) Received security type 2 > Nov 12 13:47:02 ose-access guacd[36970]: Selected Security Scheme 19 > Nov 12 13:47:02 ose-access guacd[36970]: Failed to initialized GnuTLS: Error > in public key generation.. > Nov 12 13:47:02 ose-access guacd[36970]: Unable to connect to VNC server. > Nov 12 13:47:02 ose-access guacd[36970]: User > "@7a218333-8f7b-44be-a08e-4d41e996d432" disconnected (0 users remain) > Nov 12 13:47:02 ose-access guacd[36970]: Last user of connection > "$b937cff4-7321-4ca9-9e16-0a3074db666f" disconnected > Nov 12 13:47:07 ose-access guacd[21334]: Connection > "$b937cff4-7321-4ca9-9e16-0a3074db666f" removed. > Nov 12 13:47:17 ose-access server: 13:47:17.399 [http-bio-8080-exec-55] INFO > o.a.g.tunnel.TunnelRequestService - User "harry.devine" disconnected from > connection "11". Duration: 15085 milliseconds > Nov 12 13:47:17 ose-access server: 13:47:17.407 [http-bio-8080-exec-55] ERROR > o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: Connection > to guacd timed out. > Nov 12 13:47:17 ose-access server: 13:47:17.407 [http-bio-8080-exec-56] INFO > o.a.g.tunnel.TunnelRequestService - User "harry.devine" disconnected from > connection "11". Duration: 15093 milliseconds > > For the RDP connection, we get: > > Nov 12 13:45:49 ose-access guacd[21334]: Creating new client for protocol > "rdp" > Nov 12 13:45:49 ose-access guacd[21334]: Connection ID is > "$5dcee526-43dd-4a5a-88e2-8c9a830716ff" > Nov 12 13:45:49 ose-access guacd[36938]: Security mode: TLS > Nov 12 13:45:49 ose-access guacd[36938]: Resize method: none > Nov 12 13:45:49 ose-access guacd[36938]: User > "@aa01b7af-8e97-456e-8c5e-a36b8ad956d9" joined connection > "$5dcee526-43dd-4a5a-88e2-8c9a830716ff" (1 users now present) > Nov 12 13:45:49 ose-access server: 13:45:49.769 [http-bio-8080-exec-55] INFO > o.a.g.tunnel.TunnelRequestService - User "harry.devine" connected to > connection "9". > Nov 12 13:45:49 ose-access server: 13:45:49.769 [http-bio-8080-exec-55] INFO > o.a.g.t.h.RestrictedGuacamoleHTTPTunnelServlet - Using HTTP tunnel (not > WebSocket). Performance may be sub-optimal. > Nov 12 13:45:49 ose-access guacd[36938]: Loading keymap "base" > Nov 12 13:45:49 ose-access guacd[36938]: Loading keymap "en-us-qwerty" > Nov 12 13:45:50 ose-access guacd[36938]: Error connecting to RDP server > Nov 12 13:45:50 ose-access guacd[36938]: User > "@aa01b7af-8e97-456e-8c5e-a36b8ad956d9" disconnected (0 users remain) > Nov 12 13:45:50 ose-access guacd[36938]: Last user of connection > "$5dcee526-43dd-4a5a-88e2-8c9a830716ff" disconnected > Nov 12 13:45:50 ose-access guacd[21334]: Connection > "$5dcee526-43dd-4a5a-88e2-8c9a830716ff" removed. > Nov 12 13:46:00 ose-access server: 13:46:00.178 [http-bio-8080-exec-51] INFO > o.a.g.tunnel.TunnelRequestService - User "harry.devine" disconnected from > connection "9". Duration: 10409 milliseconds > Nov 12 13:46:00 ose-access server: 13:46:00.179 [http-bio-8080-exec-63] INFO > o.a.g.tunnel.TunnelRequestService - User "harry.devine" disconnected from > connection "9". Duration: 10410 milliseconds > > We can use MobaXterm to get to all 3 servers successfully, so it can’t be the > VNC server or RDP server on the target machines. So, what can we look at on > Guacamole to get this to work? > > Thanks, > Harry > > Harry Devine > DOT/FAA/AJM-2431 > Secure-OSE Administrator > Red Hat Certified System Administrator (RHCSA) > harry.dev...@faa.gov <mailto:harry.dev...@faa.gov> > (609)485-4218 > Building 300, 3rd floor, Column L20 (3L20)