Apache Guacamole can't reach Windows Server VM

[sebastien4444]

Hi !

On my Proxmox host [@192.168.1.100] (installed on a NUC), I have :
- CT srv-docker [@192.168.1.101] = Debian with Docker and some containers running : Portainer, Heimdall, Swag reverse-proxy and Apache Guacamole
- VM srv-win22 [@192.168.1.110] = Windows Server 2022
- VM cli-win11 [@192.168.1.210] = Windows 11

From Apache Guacamole, I'm able to connect to my Proxmox host via SSH.
But when I try to connect to my srv-win22 via RDP, I get an error message "The remote desktop server is currently unreachable".

Some debug info :
- srv-win22 firewall is disabled and remote connection is allowed
- srv-docker (wich contains Guacamole) can ping srv-win22 (so network is ok between those two)
- cli-win11 can connect to srv-win22 via RDP

First, I thought it could be because of my Swag reverse-proxy (because I was using guacamole with its exposed subdomain address through https://guacamole.myowndomain.duckdns.org), but when I'm connected locally to Guacamole (http://192.168.1.101:8080/guacamole), I get the same error.

Have an idea of what could go wrong ??

 

[proxminent]

hi!,
some checks...
On Guacamole:
1) "connection to srv-winXXX", try it with ip's for debug
2) "connection to srv-winXXX" try security with: any, nla, tls, etc
3) tree a connection from guacamole to a win10 client too !
4) check for rdp port 3389 !

On Windows Side ...
check if ...
Windows Firewall already has enabled UDP/TCP rules for RDP traffic on port 3389
"Allow remote connections" is enabled under System Properties-->Remote-->Remote Desktop
"Allow connections only from computers running RDP with NLA" enabled ? disabled ?

Cheers,

 

[sebastien4444]

Hi!

Thanks for your answer.

I finally found what was the issue : in the guacd logs, I read something about TLS/SSL error during RDP connection.
So, in gauacamole connection conf of why srv-win22 and srv-win11, I check the "ignore certificate" option, and everything was good !