Mescentrall RDP lost connection after (ping pong =25) amount of time.

[Loafter]

Mescentrall RDP lost connection after (ping pong =25) amount of time.
just set one of ANY of this ping pong param
"BrowserPong": 20,
"AgentPong":20,
"BrowserPing": 25,
"AgentPing":25,
connect to any windows machine, it will drop connection after 25 second
mesconnection works fine, and don't drop connection!

Server Software (please complete the following information):

• OS: Alpine
• Docke
• LightHttpd reverse proxy
• Version: 1.1.20

Client Device (please complete the following information):

• Laptop
• Windows 10
• Network: WAN client WAN for agent
• Firefox and Chrome

Remote Device (please complete the following information):

• Device: VM
• OS: Windows 11
• Remote over WAN

Lighthttpd config

$HTTP["host"] =~ "mesh\.XXXX\.com$" {
        ssl.pemfile ="/etc/acme/mesh.XXXX.com/mesh.XXXX.com.cer"
        ssl.privkey ="/etc/acme/mesh.XXXX.com/mesh.XXXX.com.key"
        setenv.set-response-header  = (
                               "X-Forwarded-Proto" => "https",
                               "X-Forwarded-Host" => "mesh.XXXX.com",
                               "X-Forwarded-Port" => "443",
                                "Content-Security-Policy" => "script-src 'self' 'unsafe-inline' 'unsafe-eval'"
                              )

        proxy.server = ( "" => ( ( "host" => "192.168.2.1", "port" => "4430" ) ) )
        proxy.header += ( "https-remap" => "enable", "upgrade" => "enable")
}

Config

{
  "$schema": "https://raw.githubusercontent.com/Ylianst/MeshCentral/master/meshcentral-config-schema.json",
  "__comment1__": "This is a simple configuration file, all values and sections that start with underscore (_) are ignored. Edit a section and remove the _ in front of the name. Refer to the user's guide for details.",
  "__comment2__": "See node_modules/meshcentral/sample-config-advanced.json for a more advanced example.",
  "settings": {
    "cert": "mesh.XXXX.com",
    "_WANonly": true,
    "_LANonly": true,
    "_sessionKey": "MyReallySecretPassword1",
    "port": 4430,
    "tlsoffload": true,
    "webRTC": false,
    "wsCompressoin": true,
    "aliasPort": 443,
    "redirPort": 800,
    "Log": "main,web,webrequest,cert",
    "IgnoreAgentHashCheck": false,
    "allowLoginToken": true,
    "allowFraming": false,
    "BrowserPong": 20,
    "AgentPong":20,
    "BrowserPing": 25,
    "AgentPing":25,
    "_redirAliasPort": 80
  },
  "domains": {
    "": {
      "title": "Meshcentral Nodes",
      "_title2": "Servername",
      "_minify": true,
      "certUrl": "https://mesh.XXXXXX.com/",
      "_newAccounts": true,
      "_userNameIsEmail": true
    }
  },
  "_letsencrypt": {
    "__comment__": "Requires NodeJS 8.x or better, Go to https://letsdebug.net/ first before trying Let's Encrypt.",
    "email": "myemail@mydomain.com",
    "names": "myserver.mydomain.com",
    "skipChallengeVerification": true,
    "production": false
  }
}

[si458]

Yes we are aware of this bug, a simple fix is to just remove all of agentPing,agentPong,browserPing,browserPong from ur config.json and it will carry on working as normal, I will look into why this is happening when I get chance!

[Loafter]

Thanks! for anwer.
but if i remove this options from config, my remote nodes dissapear randomly.
What root of this case?
if you need any details logs i can provide it for you)

[si458]

basically its a bug thats needs investigating...

websockets have there own ping/pong behaviour/method so you would never need to use agentPing,agentPong,browserPing,browserPong
HOWEVER some firewalls/environments block these ping/pong events in websockets so the devices can appear offline (as you are experiencing)

agentPing,agentPong are extra method thats implemented that run every X seconds you set ontop of the websockets to keep the connection alive

but the must be an issue where it thinks the device is not actually online, and disconncting your session even tho the device is actually online? so hense... ITS A 🐞

[si458]

MY NOTES:
found commit where the noping was removed and replaced with something else 93e8f2c

[silversword411]

but if i remove this options from config, my remote nodes dissapear randomly.
What root of this case?

Bad network hardware routers/NAT/VPN that are shortening TTLs on TCP sessions and dropping them artificially fast. ping/pong is basically artificially generating traffic to keep the TCP session alive to keep resetting the timeout before NATS tosses the mapping as "expired"

Monitor your sessions in your router, and you'll see sessions disappearing. Find the culprit equipment/tech in your stack.

[si458]

@silversword411 fix for the rdp dropping out is here #5786

It was basically sending the ping ok, the agent was replying pong, then meshcentral decides to try sending the pong to the rdp server, so the rdp server goes sod that and disconnects.
What it should be doingel is sending the pong to the web browser instead
Doh!