MeshCentral: MeshCMD.exe not connecting to Mesh Central Server for port maps on Linux

Mesh Central Server Version:---------0.9.38 Mesh Central Router Version:--------1.8.7960.26198 MeshCMD Version:------------------0.2.1.3 Debian:------------------------------4.19.171-2

NOTE: This instance of MeshCentral Server is behind an Nginx–>Apache–>MeshCentral Server reverse proxy

MeshCMD was unable to login to Mesh Central Server at all. Regular and token based logins did not work. In fact the Mesh Central Server Trace showed nothing. Thought well okay maybe it’s being held up at the reverse proxy. After inspecting the reverse proxy logs I couldn’t even find an attempted connection.

MeshCMD Debug Output:

Settings: {"action":"route","localport":2222,"remotename":"<remote machine name>","remotenodeid":"node//<remote machine node ID>","remotetarget":null,"remoteport":2222,"username":"<Token Username>","serverid":"<Server ID>","serverhttpshash":"<Webserver Cert Hash>","debuglevel":1,"serverurl":"wss://<Webserver domain name>:443/meshrelay.ashx"}
Connecting to <subdomain.domain.tld>.

As you can see from the output, It just hangs at “Connecting to <subdomain.domain.tld>”. There is no response from the MeshCentral Server Trace logs and there is nothing in the web-server proxy logs suggesting a connection attempt.

Related issue #3218

About this issue

Original URL
State: closed
Created 3 years ago
Comments: 26 (14 by maintainers)

Most upvoted comments

Fixed it. Will be in MeshCentral v0.9.42. That version will use the serverId to authenticate the server. The serverID does not change when the server TLS cert is updated, so it’s better.

Ylianst on Nov 3, 2021

Indeed, we can replicate exactly the problem you described… looking into root causing this now.

Ylianst on Nov 2, 2021

@Ylianst Finally! All tests worked perfectly for Windows and Linux versions of MeshCMD.exe. Thanks Ylianst and @krayon007 for your attention to this all this week. You guys are awesome!

LPJon on Nov 4, 2021

Oh. I see the problem. As a temporary solution, edit “meshagent.txt” and change serverId to _serverId or remove the serverId line and try it again.

It will connect and work, but will stop working when your server’s TLS cert is changed… working on a fix now.

@Ylianst That worked! Awesome! Can’t wait for the next release! Will wait til then to close the issue.

LPJon on Nov 3, 2021

Oh. I see the problem. As a temporary solution, edit “meshagent.txt” and change serverId to _serverId or remove the serverId line and try it again.

It will connect and work, but will stop working when your server’s TLS cert is changed… working on a fix now.

Ylianst on Nov 3, 2021

FYI. Bryan solved the issue. MeshCMD.exe was not including the host: server.com header in the HTTP request. This explains why MeshCMD would not work with reverse proxies. Fix is simple and will be in next version of MeshCentral.

Ylianst on Nov 3, 2021

Thanks. Going to try it shortly.

Ylianst on Nov 2, 2021

@Ylianst I sent you the dummy account info

LPJon on Nov 2, 2021

Your right, looking at the capture, there is no http proxy on the client side and there is a TLS connection, a few application data exchanges and then things go wrong. Let me do some testing, hopefully I can make the same thing happen.

Ylianst on Nov 2, 2021