Devolutions ForumDevolutions Forum

Browser based RDP sessions not launching via WebUI

Browser based RDP sessions not launching via WebUI

avatar
jm2

Hello,

RDP sessions via gateway have recently stopped launching using WebUI. The same entries launch successfully using RDM.

Nothing is logged in gateway log file.

Hub/Cloud activity logs report 'Gateway terminated session for entry'.

Happens irrespective of whether gateway is farm member.

Happens for both admins and regular users.

All users enabled on gateway, along with access to all vaults.

All users assigned a PAM license in Hub/Cloud.

Have tried restarting Hub PAM and gateway services.

Not sure what else to try, or if this is a known issue from recent release?

Please let me know if any additional information required.

Thanks
Joe

4f6ff808-94a7-439d-8148-08675f839827.png

All Comments (4)

avatar
Dominic Dansereau

Good Afternoon @jm2 ,

Thank you for bringing this issue to our attention. I will open a ticket to investigate this behavior. I will keep you updated as soon as I have an update on this.


Regards

avatar
Yevgeniy Shmygun

Hello @jm2,

Could you please provide the PAM and Gateway services logs please.
Best,

aa3f37fc-5a84-4bc5-b4dc-b71d4c74164c.png

82ad790b-5e06-4a42-9a93-e4ad060d15fc.png

avatar
jm2

Hi Yevgeniy,

Thanks for assisting with this. Further investigation identified that the issue was being caused by WAF policies in Cloudflare which proxies the gateway traffic.

The browser based sessions were working with the existing WAF policies prior to a recent release, so perhaps something may have changed so that now when a user launches a browser rdp session it immediately upgrades to a websocket without sending any preliminary https requests. The absence of the initial https request to the gateway fqdn from the client inhibits the ability for cloudflare to enforce pre-authentication on the connection before it upgrades to websocket. Is it possible to restore that preliminary https request to the gateway before upgrading to websocket?

Please let me know if you would like any additional info.

Thanks
Joe


5bbd3605-7def-4a71-8787-26c89a6ab6cc.png

avatar
Yevgeniy Shmygun

Hello @jm2,

Our team is currently investigating this issue. Thank you for the additional investigation on your end. We will keep you posted if there are any updates or if we need more information.

Have a good day.
Best regards,

Ends in 2 days