guacamole-user mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From Mike Jumper <mike.jum...@guac-dev.org>
Subject Re: Connection error. No logs.
Date Tue, 02 May 2017 01:14:49 GMT
On Sun, Apr 30, 2017 at 9:34 AM, Suncatcher16 <suncatcher16@outlook.com> wrote:
>
>> The best debugging tool in this case would be a native RDP client.
>
> Well, with my proficiency level in Linux and adm tools, I think it's
> impossible :) How can I run Windows native RDP client on a AWS server via
> SSH?
>

You wouldn't run it on the AWS server, but rather establish a
connection to the AWS server via SSH. SSH clients can be configured to
set up tunnels over which you will be able to establish the
connection. If you only have access to Windows machines, Putty is
capable of this.

You would need to set up a "local" tunnel forwarding an unused port,
say, 33899, to the address and port of the RDP server. It will not
matter that the IP address of the RDP server is on a network reachable
only by the AWS server, because it will actually be the AWS server
making the connection on your behalf. Connecting to localhost:33899
using a native RDP client on the computer running the SSH client will
(through the SSH tunnel) effectively establish a connection to the RDP
server in the private network.

>
>> Alternatively, simply pinging the RDP server using "ping" from the same
>> machine as guacd can be helpful
>
>  But i run Guacamole on an AWS server and my RDP host has grey IP alike
> 192.168.X.X.
> I think it won't be reachable from outside.

You can run ping from within the Guacamole server.

> Should all hosts in connection have external IPs or LAN?
>

No, this is unnecessary. The only machine that needs access to the RDP
server is the server running guacd. As long as the Guacamole web
application is somehow publicly visible, it will be able to provide
access to servers on private networks reachable by guacd.

>> For testing purposes I created SSH-connection and saw following lines in
>> log:
>> 16:01:55.264 [Thread-25] ERROR o.a.g.w.GuacamoleWebSocketTunnelEndpoint -
>> Connection to guacd terminated abnormally: Connection to guacd timed out.
>> 16:02:25.624 [Thread-28] ERROR o.a.g.w.GuacamoleWebSocketTunnelEndpoint -
>> Connection to guacd terminated abnormally: Connection to guacd timed out.
>> 16:09:35.736 [http-nio-8080-exec-4] ERROR
>> o.a.g.w.GuacamoleWebSocketTunnelEndpoint - Creation of WebSocket tunnel to
>> guacd failed: java.net.ConnectException: Connection refused (Connection
>> refused)
>> 16:09:39.962 [http-nio-8080-exec-10] ERROR
>> o.a.g.w.GuacamoleWebSocketTunnelEndpoint - Creation of WebSocket tunnel to
>> guacd failed: java.net.ConnectException: Connection refused (Connection
>> refused)
>> 16:09:40.656 [http-nio-8080-exec-1] ERROR
>> o.a.g.w.GuacamoleWebSocketTunnelEndpoint - Creation of WebSocket tunnel to
>> guacd failed: java.net.ConnectException: Connection refused (Connection
>> refused)
>> 16:33:17.697 [Thread-13] ERROR o.a.g.w.GuacamoleWebSocketTunnelEndpoint -
>> Connection to guacd terminated abnormally: Connection to guacd timed out.
>
> Does it mean your assumption about WebSocket is correct?
>

"Connection refused" and "Connection to guacd timed out" suggests that
guacd isn't running.

>> Do you see any errors in your browser's JavaScript console (or the network
>> tab of your browser's dev tools) regarding WebSocket failures?
>
> As I understand it my browser accesses only Guacamole server and guacamole
> webapp which runs on 8080 port. It shouldn't see guacd. Or I am wrong?

You are correct. My theory regarding the problem you're seeing deals
only with the WebSocket connection to the Guacamole web application. I
see the "user not responding" message logged by guacd as a symptom
supporting that theory, not as an indication that the problem lies
with guacd.

> To what does this WebSocket error relate to: to the Guacamole server(AWS in
> my case) or to my browser?
>

The WebSocket error that you're seeing has nothing to do with the
browser, but rather indicates that guacd is not reachable on the
Guacamole server side - likely not running. As guacd was handling
connections previously, this most likely means that you simply forgot
to start guacd again after temporarily running it in the foreground
during debugging.

Again, guacd is not publicly visible (and should not be). It is used
internally by the Guacamole web application. When you connect to
Guacamole using your browser, it then connects internally to guacd,
forwarding communication to guacd on your behalf once guacd has
succeeded in connecting to the remote desktop.

- Mike

Mime
View raw message