I use Guacamole with RDP protocol to connect to client. This my configuration:
<connection name="RDP 20.125">
<protocol>rdp</protocol>
<param name="hostname">192.168.20.125</param>
<param name="port">3389</param>
<param name="username">root</param>
<param name="password">rahasia2020</param>
</connection>
But this didn't work when I tried to connect to it.
This is the error message from Guacamole:
The remote desktop server is currently unreachable, if the problem persists, please notify your system administrator, or check your system log.
This the ./configure result:
------------------------------------------------ guacamole-server version 1.3.0 ------------------------------------------------ Library status: freerdp2 ............ yes pango ............... yes libavcodec .......... yes libavformat.......... yes libavutil ........... yes libssh2 ............. yes libssl .............. yes libswscale .......... yes libtelnet ........... yes libVNCServer ........ no libvorbis ........... yes libpulse ............ yes libwebsockets ....... yes libwebp ............. yes wsock32 ............. no Protocol support: Kubernetes .... yes RDP ........... yes SSH ........... yes Telnet ........ yes VNC ........... no Services / tools: guacd ...... yes guacenc .... yes guaclog .... yes FreeRDP plugins: /usr/lib64/freerdp2 Init scripts: no Systemd units: no Type "make" to compile guacamole-server.
And on the client side I already set RDP on port 3389. This is the result of netstat -tunlp | grep "rdp" on the client:
tcp 0 0 127.0.0.1:3350 0.0.0.0:* LISTEN 13645/xrdp-sesman
tcp 0 0 0.0.0.0:3389 0.0.0.0:* LISTEN 13646/xrdp
So what is the problem, is there something wrong?
I created a similar Guacamole Connection and attempted to connect. It failed with the same error.
The "system log" in the error is the Guacamole daemon log. Check your log for the Guacamole daemon, guacd. Depending on your system, the log can in different places. On RHEL/Centos: /var/log/messages. On Ubuntu/Debian, try the daemon log: /var/log/daemon.log.
I'm using RHEL, so I'll search /var/log/messages for guacd, but only the last 30 lines:
sudo grep guacd /var/log/messages | tail -n 30
Sep 10 15:45:16 guacd[3899120]: User "@1b862d83-323f-400b-819d-d082dd459074" joined connection "$2676e198-8ffb-458d-b115-d4d3b387d4a4" (1 users now present)
Sep 10 15:45:16 guacd[3899120]: Loading keymap "base"
Sep 10 15:45:16 guacd[3899120]: Loading keymap "en-us-qwerty"
Sep 10 15:45:16 guacd[3899120]: Certificate validation failed
Sep 10 15:45:16 guacd[2103350]: guacd[3899120]: INFO:#011Certificate validation failed
Sep 10 15:45:16 guacd[3899120]: RDP server closed/refused connection: SSL/TLS connection failed (untrusted/self-signed certificate?)
Sep 10 15:45:16 guacd[2103350]: guacd[3899120]: INFO:#011RDP server closed/refused connection: SSL/TLS connection failed (untrusted/self-signed certificate?)
Sep 10 15:45:16 guacd[3899120]: User "@1b862d83-323f-400b-819d-d082dd459074" disconnected (0 users remain)
Sep 10 15:45:16 guacd[2103350]: guacd[3899120]: INFO:#011User "@1b862d83-323f-400b-819d-d082dd459074" disconnected (0 users remain)
Sep 10 15:45:16 guacd[2103350]: guacd[3899120]: INFO:#011Last user of connection "$2676e198-8ffb-458d-b115-d4d3b387d4a4" disconnected
Sep 10 15:45:16 guacd[3899120]: Last user of connection "$2676e198-8ffb-458d-b115-d4d3b387d4a4" disconnected
Sep 10 15:45:16 guacd[2103350]: Connection "$2676e198-8ffb-458d-b115-d4d3b387d4a4" removed.
Sep 10 15:45:16 guacd[2103350]: guacd[2103350]: INFO:#011Connection "$2676e198-8ffb-458d-b115-d4d3b387d4a4" removed.
RDP is expecting a valid certificate from the remote server, but my system is using a self-signed certificate, so the certificate validation failed. The easiest way around this is to ignore server certificate for the Guacamole Connection.
In your configuration file, add the ignore-cert parameter to the Connection (from the Guacamole Manual for RDP):
<param name="ignore-cert">true</param>
If you still experience issues, refer back to the log. You may also want to set the security parameter, as Guacamole is sometimes unable to detect the security method automatically.