On Sun, Apr 30, 2017 at 9:34 AM, Suncatcher16 <[email protected]> wrote: > >> The best debugging tool in this case would be a native RDP client. > > Well, with my proficiency level in Linux and adm tools, I think it's > impossible :) How can I run Windows native RDP client on a AWS server via > SSH? >
You wouldn't run it on the AWS server, but rather establish a connection to the AWS server via SSH. SSH clients can be configured to set up tunnels over which you will be able to establish the connection. If you only have access to Windows machines, Putty is capable of this. You would need to set up a "local" tunnel forwarding an unused port, say, 33899, to the address and port of the RDP server. It will not matter that the IP address of the RDP server is on a network reachable only by the AWS server, because it will actually be the AWS server making the connection on your behalf. Connecting to localhost:33899 using a native RDP client on the computer running the SSH client will (through the SSH tunnel) effectively establish a connection to the RDP server in the private network. > >> Alternatively, simply pinging the RDP server using "ping" from the same >> machine as guacd can be helpful > > But i run Guacamole on an AWS server and my RDP host has grey IP alike > 192.168.X.X. > I think it won't be reachable from outside. You can run ping from within the Guacamole server. > Should all hosts in connection have external IPs or LAN? > No, this is unnecessary. The only machine that needs access to the RDP server is the server running guacd. As long as the Guacamole web application is somehow publicly visible, it will be able to provide access to servers on private networks reachable by guacd. >> For testing purposes I created SSH-connection and saw following lines in >> log: >> 16:01:55.264 [Thread-25] ERROR o.a.g.w.GuacamoleWebSocketTunnelEndpoint - >> Connection to guacd terminated abnormally: Connection to guacd timed out. >> 16:02:25.624 [Thread-28] ERROR o.a.g.w.GuacamoleWebSocketTunnelEndpoint - >> Connection to guacd terminated abnormally: Connection to guacd timed out. >> 16:09:35.736 [http-nio-8080-exec-4] ERROR >> o.a.g.w.GuacamoleWebSocketTunnelEndpoint - Creation of WebSocket tunnel to >> guacd failed: java.net.ConnectException: Connection refused (Connection >> refused) >> 16:09:39.962 [http-nio-8080-exec-10] ERROR >> o.a.g.w.GuacamoleWebSocketTunnelEndpoint - Creation of WebSocket tunnel to >> guacd failed: java.net.ConnectException: Connection refused (Connection >> refused) >> 16:09:40.656 [http-nio-8080-exec-1] ERROR >> o.a.g.w.GuacamoleWebSocketTunnelEndpoint - Creation of WebSocket tunnel to >> guacd failed: java.net.ConnectException: Connection refused (Connection >> refused) >> 16:33:17.697 [Thread-13] ERROR o.a.g.w.GuacamoleWebSocketTunnelEndpoint - >> Connection to guacd terminated abnormally: Connection to guacd timed out. > > Does it mean your assumption about WebSocket is correct? > "Connection refused" and "Connection to guacd timed out" suggests that guacd isn't running. >> Do you see any errors in your browser's JavaScript console (or the network >> tab of your browser's dev tools) regarding WebSocket failures? > > As I understand it my browser accesses only Guacamole server and guacamole > webapp which runs on 8080 port. It shouldn't see guacd. Or I am wrong? You are correct. My theory regarding the problem you're seeing deals only with the WebSocket connection to the Guacamole web application. I see the "user not responding" message logged by guacd as a symptom supporting that theory, not as an indication that the problem lies with guacd. > To what does this WebSocket error relate to: to the Guacamole server(AWS in > my case) or to my browser? > The WebSocket error that you're seeing has nothing to do with the browser, but rather indicates that guacd is not reachable on the Guacamole server side - likely not running. As guacd was handling connections previously, this most likely means that you simply forgot to start guacd again after temporarily running it in the foreground during debugging. Again, guacd is not publicly visible (and should not be). It is used internally by the Guacamole web application. When you connect to Guacamole using your browser, it then connects internally to guacd, forwarding communication to guacd on your behalf once guacd has succeeded in connecting to the remote desktop. - Mike
