Re: Settings, History -> Remote host
On Tue, Dec 21, 2021 at 12:16 PM Luciano Oliveira wrote: > Hello everybody! > > > How to view Remote Host in settings, history? > Using Debian 11 + Guacamole 1.3.0 + Tomcat9+ MariaDB. Guacamole integrated > AD. > > Config server.xml > > internalProxies="127.0.0.1|0:0:0:0:0:0:0:1|::1" >remoteIpHeader="x-forwarded-for" >remoteIpProxiesHeader="x-forwarded-by" >protocolHeader="x-forwarded-proto" /> > > If you've proxied Tomcat behind either Nginx or Apache you'll need to also make sure those are configured to pass this information through. This is all covered in the manual: https://guacamole.apache.org/doc/gug/proxying-guacamole.html Also, there may be situations where upstream systems (firewalls, proxies, VPNs, etc.) remove this information, either intentionally or not, so if you don't have control over some of those devices you may find it difficult to fully achieve that. You'll just need to make sure that the IPs of the clients are making it to the proxy correctly (you can look in the Nginx or httpd logs), and then you can get it passed on to Tomcat. -Nick >
Settings, History -> Remote host
Hello everybody! How to view Remote Host in settings, history? Using Debian 11 + Guacamole 1.3.0 + Tomcat9+ MariaDB. Guacamole integrated AD. Config server.xml Best regards, Luciano
Re: Remote Desktop Gateway Configuration
Have you tried connecting with traditional RDP from your laptop first to make sure it's working? In guacamole you need to specify both the PC you're trying to RDP into and the RDP gateway in the connection configuration. I use FQDN for both personally. On Sun, Dec 19, 2021 at 8:59 PM blee wrote: > I have a 2019 Remote Desktop Gateway and Broker on the same server and am > attempting to configure Guacamole (1.3) to connect to a Session Host via > the Gateway/Broker. Assume my Gateway/Broker IP is 192.168.1.1 and I can > connect to the traditional Gateway via https://192.168.1.1/RDWeb, and the > line in my RDP file for the load-balance-info parameter is > > loadbalanceinfo:s:tsv://MS Terminal Services Plugin.1.Test_RDP > > After reading the manual, I believe I entered in all of the information > correctly in my configuration file, but I am still not able to connect with > one of the lines in my error log being: > > guacd[28097]: INFO: RDP server closed/refused connection: Upstream > error. > > Can I get some guidance on what fields need to be entered as well as the > values to enable connecting through the Broker? For example, what part of > the string should I use for the load-balance-info parameter? Can the > Hostname for the Remote Desktop Gateway be an IP or does it need to be an > FQDN? > > I went through a large portion of the mailing list archives to find a > similar topic and had difficulties. Any help would be appreciated. > >
RE: [External] Re: RDP Credentials
Thank you Nick, indeed setting it to NLA has caused the credentials prompt to pop From: Nick Couchman Sent: Monday, December 20, 2021 1:25 AM To: user@guacamole.apache.org Subject: Re: [External] Re: RDP Credentials On Sun, Dec 19, 2021 at 7:41 AM Abramson, Eli mailto:eli.abram...@honeywell.com.invalid>> wrote: Thank you Mike! I am not getting credentials prompt when the connection is configured with no credentials, ignore server certificate and security mode is not set. In guacd the log says the following: guacd[45411]: INFO: No security mode specified. Defaulting to security mode negotiation with server. guacd[45411]: INFO: Resize method: none guacd[45411]: INFO: User "@ebfb17c7-3f46-42ff-bedd-7ae8ca589639" joined connection "$0e863f55-b2c9-41aa-8467-ddf390663b58" (1 users now present) guacd[45411]: INFO: Loading keymap "base" guacd[45411]: INFO: Loading keymap "en-us-qwerty" guacd[45411]: INFO: RDP server closed/refused connection: Server refused connection (wrong security type?) guacd[45411]: INFO: User "@ebfb17c7-3f46-42ff-bedd-7ae8ca589639" disconnected (0 users remain) guacd[45411]: INFO: Last user of connection "$0e863f55-b2c9-41aa-8467-ddf390663b58" disconnected Is it perhaps related to NLA? The remote machine is a newer Windows with NLA required by default. The security level _should_ be auto-negotiated, but you might just try forcing NLA and see if that helps. -Nick
