You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by Christian Kraus <ch...@ckc-it.at> on 2019/04/23 07:14:41 UTC

RE:

Hi,



I think you'll have to set the ignore certificate setting (guacamole connection option) and do NLS or TLS auth to 2012 onward



rg

Christian




Christian Kraus
Inhaber
CKC IT Consulting & Solutions e.U.
Kirschenallee 22
2120 OBERSDORF
Österreich
Telefon: +43 (0) 680 2062952
Fax:        +43 820 220262992
E-mail: christian.kraus@ckc-it.at





-----Ursprüngliche Nachricht-----
Von: Vieri <re...@yahoo.com>
Gesendet: Dienstag 23 April 2019 09:04
Betreff:




=20
Hi,

On Sunday, April 21, 2019, 2:18:58 PM GMT+2, Mike Jumper <mjumper@apache.or=
g> wrote:=20
>
> Guacamole supports all FreeRDP releases from 1.0.1 onward, with the excep=
tion of the 2.0.0 release candidates that are not yet supported. This means=
 essentially all 1.x tags in the FreeRDP git repository. We also=20
> track the stable-1.0 and stable-1.1 branches.

Thanks for that info. I finally got it working, and could successfully conn=
ect with several modules, including RDP.

I now have freerdp 1.1.0 beta1 from 20150312, and my distro is Gentoo.

Connections are OK with Windows Servers 2003 and the default rdp security m=
ode.
However, I'm having issues with Windows Server 2012.
I tried using all the security options (rdp, any, tls, nla), but they all f=
ail with the following error:

connected to 10.215.144.50:3389
recv: Connection reset by peer
Error: protocol security negotiation or connection failure
guacd[8382]: ERROR:=C2=A0=C2=A0=C2=A0=C2=A0 Error connecting to RDP server

I even tried specifying NLA with all the extra settings such as username, p=
assword, domain.

Before I try to disable NLA on this server, I'd like to know if it's a know=
n problem, or if RDP servers above a given version are still unsupported, o=
r if some security modes are known to fail.

Thanks,

Vieri

Re: RE:

Posted by Vieri <re...@yahoo.com>.

On Tuesday, April 23, 2019, 9:15:02 AM GMT+2, Christian Kraus <ch...@ckc-it.at> wrote: 
>
> I think you'll have to set the ignore certificate setting (guacamole connection option) and do NLS or TLS auth to 2012 onward

I already did. This is my config:

            <protocol>rdp</protocol>
            <param name="hostname">10.215.144.50</param>
            <param name="ignore-cert">true</param>
            <param name="security">nla</param>
            <param name="username">me</param>
            <param name="password">mypass</param>
            <param name="domain">DOMAIN</param>
            <param name="color-depth">24</param>
 
Thanks,

Vieri