"Connecting to Jump Desktop's cloud service..."

Comments

11 comments

  • Avatar
    Jump Desktop Support

    Hi Ric,

    This happens when Jump can't connect to our cloud servers. To find out the reason: Open up Jump Desktop Connect -> click the Settings icon on the top right -> Diagnostics -> Diagnostic Logs. In the zip file, inspect the latest 'Service' logs - you should see why it can't connect there.

    Also related regarding whitelisting domains: https://support.jumpdesktop.com/hc/en-us/articles/360042490351-Administrators-Guide-For-Jump-Desktop-Connect

    0
    Comment actions Permalink
  • Avatar
    Ric Walker (Edited )

    Ok.  Good place to look.  Here is the "Service_2021_04_26.log" list:

    ================================================

    2021-04-27 05:50:33:185 3344:4884 INFO [update] Checking for updates
    2021-04-27 10:30:23:703 3344:4884 INFO [connect.service] Got new service connection
    2021-04-27 10:30:23:728 3344:5832 INFO [connect.server] RTC Server enabled
    2021-04-27 10:30:23:729 3344:5832 INFO [connect.server] Proxy is NONE, autodetect = yes
    2021-04-27 10:30:23:730 3344:5832 INFO [connect] Connecting to: neuron.jumpdesktop.com:443
    2021-04-27 10:30:23:730 3344:5832 INFO [connect.server] Signing in...
    2021-04-27 10:30:23:912 3344:5832 INFO [connect.server] No proxy detected
    2021-04-27 10:30:24:152 3344:5832 ERROR [net.cert] Could not verify policy - error: 800B0109
    2021-04-27 10:30:24:152 3344:5832 INFO [wrtc] Error(openssladapter.cc:439): OpenSSLAdapter::ContinueSSL: code=-1, error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed
    2021-04-27 10:30:24:152 3344:5832 INFO [wrtc] Error(openssladapter.cc:449): OpenSSLAdapter::Error(ContinueSSL, -1, error:1416F086:SSL routines:tls_process_server_certificate:certificate verify failed)
    2021-04-27 10:30:24:152 3344:5832 INFO [connect] Unexpected disconnect
    2021-04-27 10:30:24:152 3344:5832 INFO [connect] Scheduling next reconnect in 180 seconds
    2021-04-27 10:30:24:152 3344:5832 INFO [connect.server] Closing: 10, -1
    2021-04-27 10:30:24:153 3344:5832 INFO [connect.server] Proxy is NONE, autodetect = yes
    2021-04-27 10:30:24:153 3344:5832 INFO [connect.server] RTC Server enabled
    2021-04-27 10:30:24:160 3344:5832 INFO [wrtc] Warning(physicalsocketserver.cc:1609): PhysicalSocketServer got FD_CLOSE_BIT error 10053
    2021-04-27 10:30:24:160 3344:5832 INFO [connect] Unexpected disconnect
    2021-04-27 10:30:24:160 3344:5832 INFO [connect] Scheduling next reconnect in 180 seconds
    2021-04-27 10:30:24:160 3344:5832 INFO [connect.server] Closing: 10, 10053
    2021-04-27 10:30:24:160 3344:5832 INFO [connect.server] Proxy is NONE, autodetect = yes
    2021-04-27 10:30:24:160 3344:5832 INFO [connect.server] RTC Server enabled

    ================================================

    Thoughts?

    I've looked at the one from yesterday and it is written the same, multiple times attempted.

    I looked at the log of my own computer for when I started it yesterday and it went thru 2 "unexpected disconnect" before it "Got ice servers" and signed in.

    0
    Comment actions Permalink
  • Avatar
    Jump Desktop Support

    Thanks:

    0x800B0109 = A certificate chain processed, but terminated in a root certificate which is not trusted by the trust provider.

    Looks like we weren't able to verify the SSL certificate presented by neuron.jumpdesktop.com. Are you man-in-the-middling SSL connections and rewriting the certs? Open up a web browser and try to visit https://neuron.jumpdesktop.com and check to make sure that the there are not certificate errors.

    0
    Comment actions Permalink
  • Avatar
    Ric Walker

    I don't know what "man-in-the-middling SSL connections and rewriting the certs" is.  It's a system that I worked on and set up 2 years ago and have TeamViewer access to.  We are trying to switch mostly to Jump Desktop.

    I opened Internet Explorer and tried to go to the web site.  This is what I got:

    0
    Comment actions Permalink
  • Avatar
    Ric Walker (Edited )

    I can't figure out how to get past a picture added if I didn't pre put a line after where the picture will go.

    I clicked on [F1] there and got the exact same Certificate Error at http://go.microsoft.com/fwlink/... site.  :(

    Ok.  Can't go to https://duckduckgo.com either.  :(

    0
    Comment actions Permalink
  • Avatar
    Jump Desktop Support

    @Ric: The reason Jump is refusing to connect is because it thinks something is wrong and it can't verify the authenticity of the cloud service. This might help:

    1. Check the computer's date + time settings and make sure it's accurate - this causes certificate validation errors if the computer's clock is skewed.

    2. If you can, run a Windows Update on the system and make sure all the latest updates are installed. That might refresh the cert store.

     

    0
    Comment actions Permalink
  • Avatar
    Ric Walker

    Ok.  Have an update.  The remote end uses a SonicWall.  It has lots of Firewall and Security.  Has a little something called "DPI-SSL" which is "Deep Packet Inspection" for SSL.  When we turn that off, Jump Desktop Connect works fine and we can connect to the computers.  As soon as it is turned back on, the "jumpto.me/#" goes away or when restarting JDC it just forever runs connecting.

    The guy I'm working with at that end has managed to mostly adjust the DPI-SSL so that JDC comes up ok, but I can't complete the connection.  I get as far as it asks me for the password for the administrative user, which I enter, and then the "dot" turns from blue to red, but my end goes into "Connecting..." for a very long time and then comes up with an Error Window: "Protocol Error =2, Sub = 0" OR once we got an "Error: 4.5".

    We're trying to update the firmware on the SonicWall, but we need to get ahold of the guy who has the SonicWall website admin authority.

    SonicWall did have another Certificate that had to be installed, which we did, and is part of the reason we got to the point of being able to almost connect.  Along with that, now web browser pages no longer have Certificate Errors as well.

     

    0
    Comment actions Permalink
  • Avatar
    Jump Desktop Support

    Hi Ric,

    One way around this is if the SonicWall is intercepting SSL traffic, is to install the root certificate providing by the Sonicwall on all computers inside your facility. Once the computers trust the Sonicwall's root cert, the connections should just work without any modifications as Jump delegates certificate checking to the OS.

    0
    Comment actions Permalink
  • Avatar
    Ric Walker (Edited )

    As I said in the last sentence, we installed that certificate.  Now Jump Desktop Connect shows both sides, but when I try to connect, it asks for the password, which I enter, then the remote computer "dot" turns from blue to red in color and my end keeps going "connecting..." with the circle for 2 to 3 minutes and then comes up with a "Protocol Error" / "Error code = 2 , subcode = 0" / [Retry] [Dismiss].  So as long as the DPI-SSL is enabled right now, connection isn't possible.

    At the moment, we disabled the DPI-SSL till we can get a firmware update on the SonicWall.  Hoping that will fix the problem.

    Another thing to note is that installing the SonicWall certificate did fix web pages from doing the certificate error.

    0
    Comment actions Permalink
  • Avatar
    Jump Desktop Support

    It's quite possible that Jump is having trouble talking to our relay service - which has a SSL fallback. We'd need more information from the client side logs. Please don't post these here instead email it to support@jumpdesktop.com. Click Help -> Diagnostic Logs on the client and attach the zip in the email.

    0
    Comment actions Permalink
  • Avatar
    Ric Walker

    Ok.  We have a fix. 

    Turns out we needed to do a firmware update to the SonicWall (which had an early 2019 firmware).  Once that was updated, the certificate was already installed from the previous version.  We are now able to go to "neuron.jumpdesktop.com" and am able to to use our https file server to download to the remote computers.

    https:  duckduckgo.com and to support.jumpdesktop.com/hc/en-us/articles/360042490351-Administrators-Guide-For-Jump-Desktop-Connect both work just fine also.

    0
    Comment actions Permalink

Please sign in to leave a comment.