Bug Report: RDP connection instability with negotiated security protocol (rdp)

Mon, 01 Mar 2021 08:55:55 -0800 

Since upgrading our guacd to 1.3, we have seen RDP connection instability
when having the guacamole configuration set to `any` for an RDP connection
and the server is set to *Require use of specific security layer for remote
(RDP) connections* values of *Not Configured*, *Enabled and set to
Negotiate*, or *Enabled and set to RDP*.

Transferring files is just one consistent way to reproduce the
disconnection, but lots of other actions can cause it

Manually setting the RDP security layer to SSL on the remote host fixes the
problem. Here is the GPO:

Local Computer -> Computer Configuration -> Administrative Templates
-> Windows Components -> Remote Desktop Services -> Remote Desktop
Session Host -> Security

"Require use of specific security layer for remote (RDP) connections"

Steps to reproduce

   - On a machine running Windows (Server 2016, Server 2019, 10)
   - Ensure the GPO setting in the summary above is either:
      - Not Configured
      - Enabled and set to Negotiate
      - Enabled and set to RDP
   - Perform a file transfer of a file >= 13 MB (the bigger the easier to
   reproduce) by drag and drop to the desktop
   - Once the transfer completes, on the host, open File Explorer, and open
   the Guacamole File System where the file was copied
   - Drag and drop the transferred file from the Guacamole File System to
   the Windows Desktop
   - This has a high chance (80-90%) of causing remote access to disconnect
   - Reconnect
   - Click "My PC" and click back into Guacamole File System
   - Repeat the Drag and Drop to the Windows Desktop
   - Repeat as needed to generate some results of the connection stability

To identify the disconnection was this problem, there are 2 places to look:

   - In the Windows Administrative Event log, look for: [Warning,
   RemoteDesktopServices-RdpCoreTS, Event ID 105]
   - In the guacd log for the corresponding remote access server, look
for: guacd[28117]:
   DEBUG:#011ERRINFO_DECRYPT_FAILED (0x00001192):(a) Decryption using Standard
   RDP Security mechanisms (section 5.3.6) failed.

Feb  8 19:56:18 ip-172-16-10-253 journal: guacd[1322]:
DEBUG:#011ERRINFO_DECRYPT_FAILED (0x00001192):(a) Decryption using
Standard RDP Security mechanisms (section 5.3.6) failed.Feb  8
19:56:18 ip-172-16-10-253 journal: guacd[1322]: DEBUG:#011BIO_read
returned a system error 104: Connection reset by peerFeb  8 19:56:18
ip-172-16-10-253 journal: guacd[1322]: ERROR:#011Connection closed.

Reply via email to