KasmVNC icon indicating copy to clipboard operation
KasmVNC copied to clipboard
verified publisher icon kasmtech

Connection to Session Hangs - Requesting Kasm¶

Open phaus opened this issue 4 years ago • 8 comments

First of all: thank you for this great service \o/.

I setup kasm running behind an nginx FE-proxy. I followed the instruction, although my setup hangs on the connection screen.

Nginx Config is:

server {
    server_name kasm.domain.tld;
    listen 443 ssl;
    access_log /var/log/nginx/kasm.domain.tld.access.log main;
    error_log /var/log/nginx/kasm.domain.tld.error.log warn;

    location / {
        # The following configurations must be configured when proxying to Kasm Workspaces

        # WebSocket Support
        proxy_set_header        Upgrade $http_upgrade;
        proxy_set_header        Connection "upgrade";

        # Host and X headers
        proxy_set_header        Host $host;
        proxy_set_header        X-Real-IP $remote_addr;
        proxy_set_header        X-Forwarded-For $proxy_add_x_forwarded_for;
        proxy_set_header        X-Forwarded-Proto $scheme;
        proxy_set_header        Authorization $http_authorization;

        # Connectivity Options
        proxy_http_version      1.1;
        proxy_read_timeout      1800s;
        proxy_send_timeout      1800s;
        proxy_connect_timeout   1800s;
        proxy_buffering         off;

        # Allow large requests to support file uploads to sessions
        client_max_body_size 10M;

        # Proxy to Kasm Workspaces running locally on 8443 using ssl
        proxy_pass https://127.0.0.1:8443;
    }
}

The SSL config is separated via letsencrypt:

ssl_certificate /etc/letsencrypt/live/cloud.domain.tld/fullchain.pem;
ssl_certificate_key /etc/letsencrypt/live/cloud.domain.tld/privkey.pem;
ssl_trusted_certificate /etc/letsencrypt/live/cloud.domain.tld/chain.pem;
ssl_dhparam /etc/ssl/certs/dhparam.pem;
ssl_session_timeout 1d;
ssl_session_cache shared:SSL:50m;
ssl_session_tickets off;
ssl_protocols TLSv1.2;
ssl_ciphers 'ECDHE-RSA-AES256-GCM-SHA512:DHE-RSA-AES256-GCM-SHA512:ECDHE-RSA-AES256-GCM-SHA384:DHE-RSA-AES256-GCM-SHA384:ECDHE-RSA-AES256-SHA384';
ssl_ecdh_curve secp521r1:secp384r1:prime256v1;
ssl_prefer_server_ciphers on;
ssl_stapling on;
ssl_stapling_verify on;

I can access the KASM Admin UI via the proxy, also the DNS resolution from within the docker container is working.

I have updated the zone config as well:

Bildschirmfoto 2021-12-12 um 11 06 13

Can you provide me with an hints on howto debug this issue?

phaus avatar Dec 12 '21 10:12 phaus