It seems like a lot of times o.a.g.rest.auth.HashTokenSessionMap - Session check
Is completed, and then the connection drops. Another one from today. May 22 14:01:30 apache-Virtual-Machine tomcat9[659]: 14:01:30.638 [pool-1-thread-1] DEBUG o.a.i.t.jdbc.JdbcTransaction - Closing JDBC Connection [com.mysql.cj.jdbc.ConnectionImpl@7f711ae7] May 22 14:01:30 apache-Virtual-Machine tomcat9[659]: 14:01:30.638 [pool-1-thread-1] DEBUG o.a.i.d.pooled.PooledDataSource - Testing connection 2138118887 ... May 22 14:01:30 apache-Virtual-Machine tomcat9[659]: 14:01:30.639 [pool-1-thread-1] DEBUG o.a.i.d.pooled.PooledDataSource - Connection 2138118887 is GOOD! May 22 14:01:30 apache-Virtual-Machine tomcat9[659]: 14:01:30.639 [pool-1-thread-1] DEBUG o.a.i.d.pooled.PooledDataSource - Returned connection 2138118887 to pool. May 22 14:01:30 apache-Virtual-Machine tomcat9[659]: 14:01:30.639 [pool-1-thread-1] DEBUG o.a.g.rest.auth.HashTokenSessionMap - Session check completed in 7 ms. May 22 14:01:38 apache-Virtual-Machine guacd[3469048]: Connection closed. [cid:[email protected]] From: Corey Faehrmann Sent: Tuesday, May 21, 2024 5:46 PM To: [email protected] Subject: Help with seemingly random RDP disconnects Hello all, I recently setup a Guacamole remote access gateway on Ubuntu 22.04 running on HTTPS behind and NGINX reverse proxy for access to some server on our network. Two of which are copies of each other running Server 2003 with a RemoteApp. These are not internet facing, but we use Guacamole to access them locally. We are seeing random disconnects to only these servers and after some days of Debug-log checking, I still cannot find the root cause exactly. For context, upon connecting the syslog states connected to RDPDR 1.3 which I thought that we are on FreeRDP 2.0 at this point maybe a version issue? On the event viewer of the 2003 servers, I do see that there are events labeled: "TermDD, Error 50, "DATA ENCRYPTION" detected an error." This of course sends me into the direction of verifying that the encryption level is set correctly on the server and on the Guacamole connection, which is RDP level encryption on both. The syslog from the ubuntu server running guacamole looks as follow at around time of disconnect: May 21 16:11:27 apache-Virtual-Machine guacd[1036232]: Connection closed. May 21 16:11:27 apache-Virtual-Machine guacd[1036232]: guacd[1036232]: ERROR:#011Connection closed. May 21 16:11:27 apache-Virtual-Machine guacd[1036232]: User "@35ac058a-057e-460b-8b66-7a61f9c06dc8" disconnected (0 users remain) May 21 16:11:27 apache-Virtual-Machine guacd[1036232]: guacd[1036232]: INFO:#011User "@35ac058a-057e-460b-8b66-7a61f9c06dc8" disconnected (0 users remain) May 21 16:11:27 apache-Virtual-Machine guacd[1036232]: guacd[1036232]: INFO:#011Last user of connection "$7b26cee6-39c0-47b6-a98e-2c86fef1e62d" disconnected May 21 16:11:27 apache-Virtual-Machine guacd[1036232]: Last user of connection "$7b26cee6-39c0-47b6-a98e-2c86fef1e62d" disconnected May 21 16:11:27 apache-Virtual-Machine guacd[1036232]: Internal RDP client disconnected May 21 16:11:27 apache-Virtual-Machine guacd[1036232]: guacd[1036232]: INFO:#011Internal RDP client disconnected May 21 16:11:27 apache-Virtual-Machine tomcat9[659]: 16:11:27.060 [http-nio-8080-exec-8] INFO o.a.g.tunnel.TunnelRequestService - User "(my username)" disconnected from connection "1". Duration: 3712376 milliseconds May 21 16:11:27 apache-Virtual-Machine tomcat9[659]: 16:11:27.060 [http-nio-8080-exec-8] DEBUG o.a.g.net.InetGuacamoleSocket - Closing socket to guacd. May 21 16:11:27 apache-Virtual-Machine tomcat9[659]: 16:11:27.060 [http-nio-8080-exec-8] DEBUG o.a.i.t.jdbc.JdbcTransaction - Opening JDBC Connection May 21 16:11:27 apache-Virtual-Machine tomcat9[659]: 16:11:27.060 [http-nio-8080-exec-8] DEBUG o.a.i.d.pooled.PooledDataSource - Checked out connection 172145440 from pool. May 21 16:11:27 apache-Virtual-Machine tomcat9[659]: 16:11:27.060 [http-nio-8080-exec-8] DEBUG o.a.i.d.pooled.PooledDataSource - Testing connection 172145440 ... May 21 16:11:27 apache-Virtual-Machine tomcat9[659]: 16:11:27.060 [Thread-4609] DEBUG o.a.g.w.GuacamoleWebSocketTunnelEndpoint - Connection to guacd closed. May 21 16:11:27 apache-Virtual-Machine tomcat9[659]: org.apache.guacamole.GuacamoleConnectionClosedException: Connection to guacd is closed. Im venturing to believe that this may be some sort of FreeRDP being out of date issue, and if it is Im not sure how to exactly update the version. Thank you all for your time and I hope that you can help me with this issue. -Corey ________________________________ AVISO DE CONFIDENCIALIDAD: El contenido de este correo, asi como sus archivos adjuntos estan protegidos por el secreto profesional, son confidenciales y son para el uso exclusivo del (de los) destinatario(s) deseado(s). Si usted no es el destinatario deseado del presente correo y sus archivos adjuntos o si este mensaje le ha sido enviado por error, por favor notifiquelo de inmediato al remitente mediante un correo de respuesta y despues elimine este correo y cualquier archivo adjunto. Si usted no es el destinatario deseado, por medio del presente se le notifica que queda estrictamente prohibido cualquier uso, difusion, copia o almacenamiento de este correo y/o sus archivos adjuntos. Para informacion acerca del tratamiento y derechos relativos a datos personales, usted puede consultar el Aviso de Privacidad publicado en nuestra pagina de Internet. ________________________________ CONFIDENTIALITY NOTICE: The contents of this email and any attachments is privileged, confidential and solely for the use of the intended addressee(s). If you are not the intended recipient of this message or their agent, or if this message has been addressed to you in error, please immediately alert the sender by reply email and then delete this message and any attachments. If you are not the intended recipient, you are hereby notified that any use, dissemination, copying or storage of this message and/or its attachments is strictly prohibited. For information of the treatment and rights related to personal data, you can consult the Privacy Policy published in our website. ________________________________
