You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@guacamole.apache.org by Steven Pollock <ja...@gmail.com> on 2017/10/27 00:53:46 UTC
VNC & Networking
I have tried this with both the noauth and mysql configs, as I thought it
might be a noauth issue initially. The network is not blocking, lets not
go there.
Single interface guac sitting on 10.80.100.x/24
VNC to 10.80.100.10 -- works
RDP to 10.80.100.11 -- works
RDP to AWS (amazon) -- works
Move the guac to another network and change the IP address to 10.80.160.x/24
VNC to 10.80.100.10 -- fail
RDP to 10.80.100.11 -- works
RDP to AWS (amazon) -- works
Use a standard off the shelf VNC client in 10.80.160.x
VNC to 10.80.100.10 -- works
Simply changing the subnet causes guac VNC to fail in either noauth or
mysql configs.
Any ideas? Maybe a way to troubleshoot?
many thanks,
-Steve
(415) 320-1102 <https://www.google.com/voice/#phones>
Re: VNC & Networking
Posted by Mike Jumper <mi...@guac-dev.org>.
On Thu, Oct 26, 2017 at 6:38 PM, Steven Pollock <ja...@gmail.com>
wrote:
> Thanks Mike, but makes no sense to me that it is a network issue.
>
>
That's really the only possibility. Unless the hostname or IP address of
the destination machine has been mistyped, there is no other possible
explanation.
Have you checked the logs from guacd?
I can connect from an other VNC client, just not Guac.
>
>
From another VNC client on the same machine that's running guacd?
I can connect via RDP from guac.
>
>
Via RDP to the same machine that you are unable to connect to via VNC?
- Mike
Re: VNC & Networking
Posted by Steven Pollock <ja...@gmail.com>.
Thanks Mike, but makes no sense to me that it is a network issue.
I can connect from an other VNC client, just not Guac.
I can connect via RDP from guac.
Regards,
-Steve
(415) 320-1102 <https://www.google.com/voice/#phones>
<º(((>< <º(((>< <º(((><
On Thu, Oct 26, 2017 at 6:09 PM, Mike Jumper <mi...@guac-dev.org>
wrote:
> On Thu, Oct 26, 2017 at 5:53 PM, Steven Pollock <ja...@gmail.com>
> wrote:
>
>> I have tried this with both the noauth and mysql configs, as I thought it
>> might be a noauth issue initially. The network is not blocking, lets not
>> go there.
>>
>>
> The authentication backend in use has no bearing on whether Guacamole can
> connect via VNC to a particular machine. It is guacd which actually
> performs the network connection to the VNC server.
>
>
>> Single interface guac sitting on 10.80.100.x/24
>> VNC to 10.80.100.10 -- works
>> RDP to 10.80.100.11 -- works
>> RDP to AWS (amazon) -- works
>>
>> Move the guac to another network and change the IP address to
>> 10.80.160.x/24
>> VNC to 10.80.100.10 -- fail
>> RDP to 10.80.100.11 -- works
>> RDP to AWS (amazon) -- works
>>
>> Use a standard off the shelf VNC client in 10.80.160.x
>> VNC to 10.80.100.10 -- works
>>
>> Simply changing the subnet causes guac VNC to fail in either noauth or
>> mysql configs.
>>
>> Any ideas? Maybe a way to troubleshoot?
>>
>>
> If you are able to connect to other machines, and only connections to a
> particular subnet fail, that strongly suggests that there is an issue with
> the network configuration on either of the machines in question, or in the
> network between them. There is no magic within guacd nor within the
> authentication extensions which would result in connections failing only
> for a particular subnet. Routing of packets between subnets is handled by
> the system's networking stack, not by guacd.
>
> To troubleshoot, I suggest looking strictly at the network configuration
> and behavior of the machines where you're seeing this issue. Don't draw
> conclusions from connecting from another machine that happens to be in the
> same subnet; connect strictly from the machine hosting guacd.
>
> On another note, you mention NoAuth - beware that this extension has been
> deprecated. Its use is no longer recommended. See:
>
> http://guacamole.incubator.apache.org/releases/0.9.13-
> incubating/#noauth-now-deprecated
>
> - Mike
>
>
Re: VNC & Networking
Posted by Mike Jumper <mi...@guac-dev.org>.
On Thu, Oct 26, 2017 at 5:53 PM, Steven Pollock <ja...@gmail.com>
wrote:
> I have tried this with both the noauth and mysql configs, as I thought it
> might be a noauth issue initially. The network is not blocking, lets not
> go there.
>
>
The authentication backend in use has no bearing on whether Guacamole can
connect via VNC to a particular machine. It is guacd which actually
performs the network connection to the VNC server.
> Single interface guac sitting on 10.80.100.x/24
> VNC to 10.80.100.10 -- works
> RDP to 10.80.100.11 -- works
> RDP to AWS (amazon) -- works
>
> Move the guac to another network and change the IP address to
> 10.80.160.x/24
> VNC to 10.80.100.10 -- fail
> RDP to 10.80.100.11 -- works
> RDP to AWS (amazon) -- works
>
> Use a standard off the shelf VNC client in 10.80.160.x
> VNC to 10.80.100.10 -- works
>
> Simply changing the subnet causes guac VNC to fail in either noauth or
> mysql configs.
>
> Any ideas? Maybe a way to troubleshoot?
>
>
If you are able to connect to other machines, and only connections to a
particular subnet fail, that strongly suggests that there is an issue with
the network configuration on either of the machines in question, or in the
network between them. There is no magic within guacd nor within the
authentication extensions which would result in connections failing only
for a particular subnet. Routing of packets between subnets is handled by
the system's networking stack, not by guacd.
To troubleshoot, I suggest looking strictly at the network configuration
and behavior of the machines where you're seeing this issue. Don't draw
conclusions from connecting from another machine that happens to be in the
same subnet; connect strictly from the machine hosting guacd.
On another note, you mention NoAuth - beware that this extension has been
deprecated. Its use is no longer recommended. See:
http://guacamole.incubator.apache.org/releases/0.9.13-incubating/#noauth-now-deprecated
- Mike