Win10 VM disconnect libvirt Ubuntu

[nishtsh1]

Created peru/windows-10-enterprise-x64-eval using libvirt in ubuntu. Vagrant 2.2.19, VM Launched but disconnects after 15-20 minutes after completing 20 cycles of opening remote shell

DEBUG winrmshell: [WinRM] opening remote shell on http://192.168.xxx.xxx:5985/wsman DEBUG winrmshell: [WinRM] opening remote shell on http://192.168.xxx.xxx:5985/wsman DEBUG winrmshell: [WinRM] opening remote shell on http://192.168.xxx.xxx:5985/wsman DEBUG winrmshell: [WinRM] opening remote shell on http://192.168.xxx.xxx:5985/wsman INFO winrm: WinRM not ready: #<VagrantPlugins::CommunicatorWinRM::Errors::ExecutionError: An error occurred executing a remote WinRM command.

Shell: Cmd Command: hostname Message: Unable to parse authorization header. Headers: {"Mime-Version"=>"1.0", "Date"=>"Tue, 15 Mar 2022 12:35:15 GMT", "Content-Type"=>"text/html;charset=utf-8", "Content-Length"=>"277", "X-iboss-Error"=>"ERR_CONNECT_FAIL 110", "X-Cache"=>"MISS from bgproxy05-int.prxy.ice.xxx.com", "Connection"=>"keep-alive"} Body: <!doctype html>

(503).> INFO winrm: WinRM not ready: #<VagrantPlugins::CommunicatorWinRM::Errors::ExecutionError: An error occurred executing a remote WinRM command.

Any updates or reference for above issue? Executed Vagrant on Linux to connect Win10 Guest OS

[ruzickap]

Do you have some commands how I can reproduce the issue please? Something like:

mkdir windows-10-enterprise-x64-eval
cd windows-10-enterprise-x64-eval
vagrant init peru/windows-10-enterprise-x64-eval
VAGRANT_DEFAULT_PROVIDER=libvirt vagrant up
...
<your commands to reproduce it>
...

[nishtsh1]

I tried

1. vagrant init peru/window10-box
2. vagrant up --provider=libvirt

OS on which I tried is ubuntu20.04. vagrant ssh works but vagrant powershell, vagrant rdp, vagrant winrm doesn't work. I am trying to create windows10 vm on kvm libvirt using your box. I tried powershell utility in ubuntu to access VM and it was working. Also the python-winrm works in ubuntu. Also I tried to access win10 vm from another windows machine using winrm commands but that also doesn't work

[ruzickap]

For vagrant rdp - can you try to run:

# Install xfreerdp on Ubuntu
$ sudo apt-get install freerdp2-x11 
$ vagrant rdp --debug 2>&1 | grep xfreerdp
 INFO subprocess: Starting process: ["/usr/bin/xfreerdp", "/u:vagrant", "/p:vagrant", "/v:192.168.121.192:3389"]

Can you take the output from the vagrant rdp --debug and run it manually:

$ xfreerdp /u:vagrant /p:vagrant /v:192.168.121.192:3389
[20:40:05:884] [16509:16510] [INFO][com.freerdp.core] - freerdp_connect:freerdp_set_last_error_ex resetting error state
[20:40:05:884] [16509:16510] [INFO][com.freerdp.client.common.cmdline] - loading channelEx rdpdr
[20:40:05:884] [16509:16510] [INFO][com.freerdp.client.common.cmdline] - loading channelEx rdpsnd
[20:40:05:884] [16509:16510] [INFO][com.freerdp.client.common.cmdline] - loading channelEx cliprdr
[20:40:05:179] [16509:16510] [INFO][com.freerdp.client.x11] - Property 373 does not exist
[20:40:06:544] [16509:16510] [INFO][com.freerdp.primitives] - primitives autodetect, using generic
[20:40:06:548] [16509:16510] [INFO][com.freerdp.core] - freerdp_tcp_is_hostname_resolvable:freerdp_set_last_error_ex resetting error state
[20:40:06:548] [16509:16510] [INFO][com.freerdp.core] - freerdp_tcp_connect:freerdp_set_last_error_ex resetting error state
[20:40:06:097] [16509:16510] [INFO][com.freerdp.crypto] - creating directory /root/.config/freerdp
[20:40:06:098] [16509:16510] [INFO][com.freerdp.crypto] - creating directory [/root/.config/freerdp/certs]
[20:40:06:098] [16509:16510] [INFO][com.freerdp.crypto] - created directory [/root/.config/freerdp/server]
[20:40:06:134] [16509:16510] [WARN][com.freerdp.crypto] - Certificate verification failure 'unable to get local issuer certificate (20)' at stack position 0
[20:40:06:134] [16509:16510] [WARN][com.freerdp.crypto] - CN = vagrantvm
[20:40:06:134] [16509:16510] [ERROR][com.freerdp.crypto] - @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
[20:40:06:134] [16509:16510] [ERROR][com.freerdp.crypto] - @           WARNING: CERTIFICATE NAME MISMATCH!           @
[20:40:06:134] [16509:16510] [ERROR][com.freerdp.crypto] - @@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@@
[20:40:06:134] [16509:16510] [ERROR][com.freerdp.crypto] - The hostname used for this connection (192.168.121.192:3389)
[20:40:06:134] [16509:16510] [ERROR][com.freerdp.crypto] - does not match the name given in the certificate:
[20:40:06:134] [16509:16510] [ERROR][com.freerdp.crypto] - Common Name (CN):
[20:40:06:134] [16509:16510] [ERROR][com.freerdp.crypto] -  vagrantvm
[20:40:06:134] [16509:16510] [ERROR][com.freerdp.crypto] - A valid certificate for the wrong name should NOT be trusted!
Certificate details for 192.168.121.192:3389 (RDP-Server):
    Common Name: vagrantvm
    Subject:     CN = vagrantvm
    Issuer:      CN = vagrantvm
    Thumbprint:  2c:b7:13:aa:e4:6a:cf:31:5a:3c:b2:1a:04:cc:24:9f:9b:76:41:fc:ba:f6:8d:0a:fd:6d:e6:ad:10:22:bd:77
The above X.509 certificate could not be verified, possibly because you do not have
the CA certificate in your certificate store, or the certificate has expired.
Please look at the OpenSSL documentation on how to add a private CA to the store.
Do you trust the above certificate? (Y/T/N) y
[20:40:10:320] [16509:16510] [INFO][com.freerdp.gdi] - Local framebuffer format  PIXEL_FORMAT_BGRX32
[20:40:10:320] [16509:16510] [INFO][com.freerdp.gdi] - Remote framebuffer format PIXEL_FORMAT_RGB16
[20:40:11:515] [16509:16510] [INFO][com.winpr.clipboard] - initialized POSIX local file subsystem
[20:40:11:576] [16509:16510] [INFO][com.freerdp.channels.rdpsnd.client] - [static] Loaded fake backend for rdpsnd
[20:40:18:575] [16509:16510] [INFO][com.freerdp.core] - rdp_set_error_info:freerdp_set_last_error_ex resetting error state
[20:40:31:157] [16509:16510] [INFO][com.freerdp.client.x11] - Closed from X11

I was able to accept the "certificate" and then vagrant rdp started to work... -> Can you confirm ?

[nishtsh1]

Ok, I'll check and update you. Also when issued vagrant powershell, vagrant rdp the commands goes in wait state and don't return. When tried vagrant winrm it returned instantly. I have done all winrm configurations in windows vm but looks missed something.

[ruzickap]

For RDP you need to use this command: vagrant rdp -- /cert-ignore I need to document it...

[nishtsh1]

More worried about winrm opening remote shell on http://ip-addr message. Looks like it's unable to enter into powershell or shell of windows VM

[nishtsh1]

Any breakthrough Petr? Remote shell unable to open

[nishtsh1]

Hi, I am able to run vagrant rdp as you mentioned using command xfreerdp /u:vagrant /p:vagrant /v::3389

Still the DEBUG winrmshell: [WinRM] opening remote shell on issue exists. Any resolution for this?

[nishtsh1]

Tried 1. http://localhost:5985 which showed HTTP Error 404. The requested resource is not found. Looks like 5985 is listening

2. On Win10 Box tried http://localhost:5985/wsman and got This page isn’t working right now. Looks like WS-Management service is not configured properly or not working.
3. Tried Test-WSMan on Windows 10 box and got some results.
4. Did telnet >IP> 5985 and it was connected

As per above looks like WinRM service is not configured or working properly in Box

[ruzickap]

You are right. It seems like the problem is in Windows WinRM configuration. Unfortunately I'm not a windows users and I have no idea how to configure WinRM properly to make it running... :-( If you know how to do it - please send me some powershell/cmd commands and I can put them into the vagrant windows.

[nishtsh1]

Hi Ruzi,

I am using your ubuntu box peru/ubuntu2004 on my KVM setup and it's launched. Did you try setting up bridge network in KVM and Vagrantfile of box?

[ruzickap]

Hello @nishtsh1. I'm not sure how the peru/ubuntu is related to Windows WinRM configuration. The networking should be working fine, the problem is WinRM configuration on Windows.

[nishtsh1]

Hello @ruzickap,

WinRM in Windows VM is still an open issue which I'll look into it. For my another requirement I opted you ubuntu box. Created Vagrantfile and tried to configure bridge networking in it config.vm.define :kvm_gpu_passthrough do |kvm| kvm.vm.box = "peru/my_ubuntu-20.04-server-amd64" kvm.vm.network :public_network end end Vagrant.configure("2") do |config|

Public Network for VM

config.vm.define :kvm_gpu_passthrough do |kvm|
 kvm.vm.network :public_network,
   :dev => "eth0",
   :mode => "bridge",
   :type => "bridge"
 end

end

I got error like Can't attach eth0 to vnet0: Operation permitted. My questions is: How can I enable bridge network in KVM and use it in Vagrantfile? The default network in VM is NAT which is again not working. I need to enable bridge network in VM using Vagrantfile

[ruzickap]

Hello.

This issue is related to Windows problem described above. If you have problem with "Ubuntu box" - please create new Issue for that.

It is not a good practice to mix two problems in one Issue, because that will be really confusing...

Thank you

[nishtsh1]

Sorry for that. Created new issue.

Thank you

[nishtsh1]

Hi Ruzi,

Tried again your windows box peru/windows-10-enterprise-x64-eval on Ubuntu20.04 but it's still failing in WinRM. I tried WinRM configurations in Windows VM

winrm enumerate winrm/config/Listener winrm set winrm/config/service '@{AllowUnencrypted="true"}' winrm set winrm/config/service/auth '@{Basic="true"}' Get-NetConnectionProfile | Set-NetConnectionProfile -NetworkCategory Private winrm quickconfig -q winrm set winrm/config/winrs '@{MaxMemoryPerShellMB="4096"}' winrm set winrm/config '@{MaxTimeoutms="1800000"}' winrm set winrm/config/service '@{AllowUnencrypted="true"}' winrm set winrm/config/service/auth '@{Basic="true"}' sc config WinRM start= auto etsh advfirewall firewall add rule name="WinRM-HTTP" dir=in localport=5985 protocol=TCP action=allow netsh advfirewall firewall add rule name="WinRM-HTTPS" dir=in localport=5986 protocol=TCP action=allow winrm set winrm/config/service '@{EnableCompatibilityHttpListener="true"}' winrm set winrm/config/service '@{EnableCompatibilityHttpsListener="true"}' $localNetwork='*' Set-Item WSMan:\localhost\Client\TrustedHosts -Force -Concatenate -Value $localNetwork

Still Windows VM launched from Ubuntu is disconnecting because of WinRM issue. Any specific WinRM setting I missed in Windows VM?

[stale[bot]]

This issue has been automatically marked as stale because it has not had recent activity. It will be closed if no further activity occurs. Thank you for your contributions.