On Fri, Nov 28, 2025 at 9:25 AM Tony Guadagno <[email protected]> wrote: > > Hi, I have been using guac for about a month and it has been running > flawlessly. All of a sudden today, I get complaints that users cannot login. > I am using radius for authentication and so I see this in the guacamole logs: > > > > 13:34:29.154 [http-nio-8080-exec-1] ERROR > o.a.g.a.r.AuthenticationProviderService - Cannot configure RADIUS server: > Unable to resolve RADIUS server host. 1 > > > > So I think I have a DNS issue, however, I can ping the radius server name and > it correctly resolves the IP on the server command line. This seems to get > fixed when I reload the guacamole docker image however, now that I can login, > I cannot connect to any of my connections. When I look at the guacd logs, I > see this for every connection: > > > > guacd[1]: INFO: Creating new client for protocol "rdp" > > guacd[1]: INFO: Connection ID is "$17fe4200-8b26-4ed1-915f-c65b6182373a" > > guacd[197]: INFO: No security mode specified. Defaulting to security > mode negotiation with server. > > guacd[197]: INFO: Resize method: none > > guacd[197]: INFO: No clipboard line-ending normalization specified. > Defaulting to preserving the format of all line endings. > > guacd[197]: INFO: User "@8b1e148e-31f4-42e5-a738-219c3cc51132" joined > connection "$17fe4200-8b26-4ed1-915f-c65b6182373a" (1 users now present) > > guacd[197]: INFO: Local system reports 2 processor(s) are available. > > guacd[197]: INFO: Graphical updates will be encoded using 2 worker > thread(s). > > guacd[197]: INFO: Loading keymap "base" > > guacd[197]: INFO: Loading keymap "en-us-qwerty" > > guacd[197]: INFO: RDP server closed/refused connection: DNS lookup > failed (incorrect hostname?) > > guacd[197]: INFO: User "@8b1e148e-31f4-42e5-a738-219c3cc51132" > disconnected (0 users remain) > > guacd[197]: INFO: Last user of connection > "$17fe4200-8b26-4ed1-915f-c65b6182373a" disconnected > > guacd[1]: INFO: Connection "$17fe4200-8b26-4ed1-915f-c65b6182373a" removed. > > > > Again, another name resolution issue… so I reboot the server completely and I > am still getting the issue. right now I cannot connect to name connections, > but I can connect when I change the name to the IP address. And again, all > of these names resolve just fine from the server comand line…. > > > > So, now I just figured out how to create a shell in the guacd docker image > like this: > > docker exec -it guacd sh > > > > and from inside the guacd docker image, I cannot name resolve any more. > Again, this was working until today and I cannot see anything that changed. > > > > > > Can anyone give me a clue as to why this would have started out of the blue? >
Hi, Tony, This definitely is a bit puzzling, but I suspect is nothing Guacamole-specific, and has something to do with your Docker configuration or some sort of other networking challenge. The only thing that I can think of off the top of my head is to check and make sure that your internal Docker network - the one that the host uses for containers - doesn't "overlap" with any of the LAN networks that the host is on. So, for example, if your Docker instance is using the default network of 172.17.0.0/20, and there's some other network between your Docker host and your DNS server that uses an IP address in that same range, you could have some routing issues for those Docker containers, specifically, thinking that they can contact the DNS server locally rather than route out to the host, which would then send it out the proper network interface. The solution to that issue is to change the IP address range that Docker uses internally (https://serverfault.com/questions/916941/configuring-docker-to-not-use-the-172-17-0-0-range) so that things route correctly. Not sure that's the issue, just something I've run into in the past. -Nick --------------------------------------------------------------------- To unsubscribe, e-mail: [email protected] For additional commands, e-mail: [email protected]
