Fixed Infrastructure - RDP/VNC/SSH/KasmVNC

Overview

Kasm Workspaces can be configured to connect to fixed remote endpoints that are using either the Remote Desktop Protocol or KasmVNC. This document will be going over the steps needed to configure these endpoints and present them to users on the Workspaces dashboard.

Remote Desktop Protocol - RDP

In this example an RDP endpoint is an external Windows server with RDP enabled that is always online and waiting for an external connection. This server is not managed by Kasm Workspaces in any way, Kasm Workspaces is simply providing a web based methodology of connecting to it.

In order to add the server, first create a server record under Infrastructure > Servers > + Add. This example uses the following connection information:

Host: windows.example.com
Port: 3389
User: Administrator
Password: windowstest123

Once configured it should look like this: (note the name and type assigned to this server)

../_images/windows-server.webp

Create Windows Server

The value of Max Simultaneous Sessions is limited to one as this is a single Windows server without sharing.

Click submit, and then link this server to a Workspace that can be launched from the User dashboard.

Click on Workspaces > Workspaces > + Add Workspace.

Select Server as Workspaces Type, choose a friendly name and description, click enabled, and select the server that was just configured from the Server dropdown. In this case windows.example.com : Windows Test. Once configured it should look like this:

../_images/windows-workspace.webp

Create Windows Workspace

Click Save and the server will be available to launch from the User Dashboard:

../_images/windows-launch.webp

Button in User Dashboard

Advanced Settings

Connection info (JSON) settings can be found here. These can be used on a per server basis to override the defaults found under Settings.

Important

Some features like file upload/downloads, screenshots, and resource monitoring are only available on a Windows RDP server with a Kasm Desktop Service installed. For installation instructions please see here. Connections to standard RDP servers will still function without these additional features if this service is not installed and running.

Forcing login on connection

When connecting to a Windows RDP endpoint it is possible to omit the Connection Username and Connection Password settings to force the user to login when launching the workspace. If omitted the user will be presented with a web based login page each time they launch the Workspace.

VNC

In this example a VNC endpoint is an external Linux server with VNC installed and configured that is always online and waiting for an external connection. This server is not managed by Kasm Workspaces in any way, Kasm Workspaces is simply providing a web based methodology of connecting to it.

In order to add the server, first create a server record under Infrastructure > Servers > + Add. This example uses the following connection information:

Host: vnc.example.com
Port: 5901
Password: windowstest123

Once configured it should look like this: (note the name and type assigned to this server)

../_images/vnc-server.webp

Create VNC Server

The value of Max Simultaneous Sessions is limited to one as VNC only allows one user to have control.

Click Save, and now this server will need linked to a Workspace that can be launched from the User dashboard.

Click on Workspaces > Workspaces > + Add Workspace.

Select Server as Workspaces Type, choose a friendly name and description, click enabled, and select the server that was just configured from the Server dropdown. In this case vnc.example.com : VNC Test. Once configured it should look like this:

../_images/vnc-workspace.webp

Create VNC Workspace

Click Save and the server will be available to launch from the User Dashboard:

../_images/vnc-launch.webp

Button in User Dashboard

Advanced Settings

Connection info (JSON) settings can be found here. These can be used on a per server basis to override the defaults found under Settings.

Forcing login on connection

When connecting to a VNC endpoint it is possible to omit the Connection Password setting to force the user to login when launching the workspace. If omitted the user will be presented with a web based login page each time they launch the Workspace.

SSH

In this example an SSH endpoint is an external Linux server with SSH enabled that is always online and waiting for an external connection. This server is not managed by Kasm Workspaces in any way, Kasm Workspaces is simply providing a web based methodology of connecting to it.

In order to add the server, first create a server record under Infrastructure > Servers > + Add. This example uses the following connection information:

Host: ssh.example.com
Port: 22
User: Administrator
Connection Private Key: <a private key>

Once configured it should look like this: (note the name and type assigned to this server)

../_images/ssh-server.webp

Create SSH Server

Click Save, and then link this server to a Workspace that can be launched from the User dashboard.

Click on Workspaces > Workspaces > + Add Workspace.

Select Server as Workspaces Type, choose a friendly name and description, click enabled, and select the server that was just configured from the Server dropdown. In this case ssh.example.com : SSH Test. Once configured it should look like this:

../_images/ssh-workspace.webp

Create SSH Workspace

Click Save and the server will be available to launch from the User Dashboard:

../_images/ssh-launch.webp

Button in User Dashboard

Advanced Settings

Connection info (JSON) settings can be found here. These can be used on a per server basis to override the defaults found under Settings.

To use the locale and timezone settings the SSH server must allow guacamole to set two environment variables, in the sshd_config of the target server ensure AcceptEnv TZ and AcceptEnv LANG are configured.

In addition, any locales that are to be used must be installed on the server and defined localedef as the ISO 639-1 language code, an ‘_’, the ISO 3166 Territory/county code, and the encoding. For instance: en_GB.UTF-8 this is english, United Kingdom encoded in UTF-8. Kasm assumes UTF-8 for all encodings.

Forcing login on connection

When connecting to a SSH endpoint it is possible to omit the Connection Username and the Connection Password or Connection Private Key settings to force the user to login when launching the workspace. If omitted the user will be presented with a web based login page each time they launch the Workspace.

KasmVNC

In this example a KasmVNC endpoint is an external stand alone Linux machine running KasmVNC. This server is not managed by Kasm Workspaces in any way, Kasm Workspaces is simply providing an enhanced web based methodology of connecting to it.

In order to add the server, first create a server record under Infrastructure > Servers > + Add. This example uses the following connection information:

Host: kasm.example.com
Port: 6901
User: admin
Password: admin123

Once configured it should look like this: (note the name and type assigned to this server)

../_images/kasm-server.webp

Create KasmVNC Server

Click Save and then link this server to a Workspace that can be launched from the User dashboard.

Click on Workspaces > Workspaces > + Add Workspace.

Select Server as Workspaces Type, choose a friendly name and description, click enabled, and select the server that was just configured from the Server dropdown. In this case kasm.example.com : Kasm Test. Once configured it should look like this:

../_images/kasm-workspace.webp

Create KasmVNC Workspace

Click Save and the server will be available to launch from the User Dashboard:

../_images/kasm-launch.webp

Button in User Dashboard

Advanced Settings

Connection info (JSON) settings can be found here. These can be used on a per server basis to override the defaults found under Settings.

Server Pools

The previously configured individual server endpoints were linked to Workspaces that can be launched from the user dashboard. These individual servers can also be tagged to a Pool of servers and launched from a single Workspace using any available server from the pool. This example will be adding a server pool and tagging two servers to it.

First from the Admin dashboard click on Infrastructure > Pools > + Add. Assign a name to the pool and select Server under Type, when finished it should look like this:

../_images/server-pool.webp

Create Server Pool

After clicking Save the administrator will be presented with the ability to add new servers or assign existing servers. This example will be assigning the servers created previously in this document:

../_images/servers-in-pool.webp

Servers in Pool

This server pool can be any combination of RDP/KasmVNC server endpoints, but in a production scenario they will likely be a series of similar Virtual or Bare metal servers available for users to connect to.

Outside of editing the existing pool, individual servers can also be assigned to a pool by editing them and selecting the pool the administrator wants to use under the Pool setting.

With a pool of servers configured the Workspace will need to be created. Click on Workspaces > Workspaces > + Add Workspace.

Select Pool as Workspaces Type, choose a friendly name and description, click enabled, and select the pool that was just configured from the Pool dropdown. In this case Test. Once configured it should look like this:

../_images/pool-workspace.webp

Create Pool Workspace

Click Save and the pool of servers will be available to launch from the User Dashboard:

../_images/pool-launch.webp

Button in User Dashboard