You can stop the guacd service and start it in foreground with debug mode like so: /usr/local/sbin/guacd -f -L debug
Would give more insights. Just to clarify: I asked if there’s port connectivity from the guacamole box to the targets. Like can you telnet on 3389 from the guacamole box to your Windows box? Bogdan > On 12 Nov 2020, at 23:05, Devine, Harry (FAA) <[email protected]> > wrote: > > Absolutely. I can connect to them from outside of Guacamole, and when I try > to connect from within Guacamole, I get the “Home/Reconnect” error box > immediately. > > Harry > > From: Stefan Bogdan Cimpeanu <[email protected]> > Sent: Thursday, November 12, 2020 4:04 PM > To: [email protected] > Subject: Re: Issues with RDP and VNC in Guacamole 1.2 > > These durations sure look like timeouts. > Are you sure you have port connectivity from your guacamole box to the target > VMs? > > Bogdan > > > On 12 Nov 2020, at 20:52, Devine, Harry (FAA) <[email protected]> > wrote: > > We are trying to setup a VNC connection 2 servers: 1 is RHEL 7 and 1 is RHEL > 8, and 1 RDP connection to a Windows 10 box that we have. > > For the RHEL servers, we get the following errors in /var/log/messages: > > Nov 12 13:47:02 ose-access guacd[21334]: Creating new client for protocol > "vnc" > Nov 12 13:47:02 ose-access guacd[21334]: Connection ID is > "$b937cff4-7321-4ca9-9e16-0a3074db666f" > Nov 12 13:47:02 ose-access guacd[36970]: Cursor rendering: local > Nov 12 13:47:02 ose-access guacd[36970]: User > "@7a218333-8f7b-44be-a08e-4d41e996d432" joined connection > "$b937cff4-7321-4ca9-9e16-0a3074db666f" (1 users now present) > Nov 12 13:47:02 ose-access server: 13:47:02.314 [http-bio-8080-exec-55] INFO > o.a.g.tunnel.TunnelRequestService - User "harry.devine" connected to > connection "11". > Nov 12 13:47:02 ose-access server: 13:47:02.314 [http-bio-8080-exec-55] INFO > o.a.g.t.h.RestrictedGuacamoleHTTPTunnelServlet - Using HTTP tunnel (not > WebSocket). Performance may be sub-optimal. > Nov 12 13:47:02 ose-access guacd[36970]: VNC server supports protocol version > 3.8 (viewer 3.8) > Nov 12 13:47:02 ose-access guacd[36970]: We have 2 security types to read > Nov 12 13:47:02 ose-access guacd[36970]: 0) Received security type 19 > Nov 12 13:47:02 ose-access guacd[36970]: Selecting security type 19 (0/2 in > the list) > Nov 12 13:47:02 ose-access guacd[36970]: 1) Received security type 2 > Nov 12 13:47:02 ose-access guacd[36970]: Selected Security Scheme 19 > Nov 12 13:47:02 ose-access guacd[36970]: Failed to initialized GnuTLS: Error > in public key generation.. > Nov 12 13:47:02 ose-access guacd[36970]: Unable to connect to VNC server. > Nov 12 13:47:02 ose-access guacd[36970]: User > "@7a218333-8f7b-44be-a08e-4d41e996d432" disconnected (0 users remain) > Nov 12 13:47:02 ose-access guacd[36970]: Last user of connection > "$b937cff4-7321-4ca9-9e16-0a3074db666f" disconnected > Nov 12 13:47:07 ose-access guacd[21334]: Connection > "$b937cff4-7321-4ca9-9e16-0a3074db666f" removed. > Nov 12 13:47:17 ose-access server: 13:47:17.399 [http-bio-8080-exec-55] INFO > o.a.g.tunnel.TunnelRequestService - User "harry.devine" disconnected from > connection "11". Duration: 15085 milliseconds > Nov 12 13:47:17 ose-access server: 13:47:17.407 [http-bio-8080-exec-55] ERROR > o.a.g.s.GuacamoleHTTPTunnelServlet - HTTP tunnel request failed: Connection > to guacd timed out. > Nov 12 13:47:17 ose-access server: 13:47:17.407 [http-bio-8080-exec-56] INFO > o.a.g.tunnel.TunnelRequestService - User "harry.devine" disconnected from > connection "11". Duration: 15093 milliseconds > > For the RDP connection, we get: > > Nov 12 13:45:49 ose-access guacd[21334]: Creating new client for protocol > "rdp" > Nov 12 13:45:49 ose-access guacd[21334]: Connection ID is > "$5dcee526-43dd-4a5a-88e2-8c9a830716ff" > Nov 12 13:45:49 ose-access guacd[36938]: Security mode: TLS > Nov 12 13:45:49 ose-access guacd[36938]: Resize method: none > Nov 12 13:45:49 ose-access guacd[36938]: User > "@aa01b7af-8e97-456e-8c5e-a36b8ad956d9" joined connection > "$5dcee526-43dd-4a5a-88e2-8c9a830716ff" (1 users now present) > Nov 12 13:45:49 ose-access server: 13:45:49.769 [http-bio-8080-exec-55] INFO > o.a.g.tunnel.TunnelRequestService - User "harry.devine" connected to > connection "9". > Nov 12 13:45:49 ose-access server: 13:45:49.769 [http-bio-8080-exec-55] INFO > o.a.g.t.h.RestrictedGuacamoleHTTPTunnelServlet - Using HTTP tunnel (not > WebSocket). Performance may be sub-optimal. > Nov 12 13:45:49 ose-access guacd[36938]: Loading keymap "base" > Nov 12 13:45:49 ose-access guacd[36938]: Loading keymap "en-us-qwerty" > Nov 12 13:45:50 ose-access guacd[36938]: Error connecting to RDP server > Nov 12 13:45:50 ose-access guacd[36938]: User > "@aa01b7af-8e97-456e-8c5e-a36b8ad956d9" disconnected (0 users remain) > Nov 12 13:45:50 ose-access guacd[36938]: Last user of connection > "$5dcee526-43dd-4a5a-88e2-8c9a830716ff" disconnected > Nov 12 13:45:50 ose-access guacd[21334]: Connection > "$5dcee526-43dd-4a5a-88e2-8c9a830716ff" removed. > Nov 12 13:46:00 ose-access server: 13:46:00.178 [http-bio-8080-exec-51] INFO > o.a.g.tunnel.TunnelRequestService - User "harry.devine" disconnected from > connection "9". Duration: 10409 milliseconds > Nov 12 13:46:00 ose-access server: 13:46:00.179 [http-bio-8080-exec-63] INFO > o.a.g.tunnel.TunnelRequestService - User "harry.devine" disconnected from > connection "9". Duration: 10410 milliseconds > > We can use MobaXterm to get to all 3 servers successfully, so it can’t be the > VNC server or RDP server on the target machines. So, what can we look at on > Guacamole to get this to work? > > Thanks, > Harry > > Harry Devine > DOT/FAA/AJM-2431 > Secure-OSE Administrator > Red Hat Certified System Administrator (RHCSA) > [email protected] > (609)485-4218 > Building 300, 3rd floor, Column L20 (3L20)
