USB token not recognised on Windows Server in Cloud, but well on local network

Hello,
First of all, congratulations for the great work - very useful software, and amazing support you have here (I've been reading through many posts already :)).

I'm a bit stuck with the following issue:

I have successfully installed virtualhere server on a local machine with windows 10, and plugged a USB token containing certificates on it.
When I run the client on another machine running windows 10 on the local network, I can successfully use the USB token - it is well recognized by the app that needs to read the certificates.

However, when I try to do the same on a Windows Server 2019 in Amazon Cloud (EC2 instance), no luck: I do well see the device in the VirtualHere Client list, I can click on "Start Using it", but it seems it's not read properly by the software that needs to access it.

I have done 2 other tests, to try to understand what's happening.
1/ A basic USB drive with some files on it, plugged in the server locally, is well recognized and usable by the client in the cloud - so that works fine
2/ A USB mouse has the same issue as my USB token with certificates: when I use a client on a Windows 10 on the local network, I can enable the mouse and move it on screen. But on the VirtualHere client which is on Windows Server 2019 in the cloud, when I click "use the device" and move the mouse, it doesn't move on screen (note that it doesn't move on the local server where the mouse is plugged neither when I do that. If I stop using the mouse in the VH client, then I can again move it on the local machine).

I hope this makes sense. I'm not sure what I should do next? Some other tests to try? Log files to read through?

Thank you in advance for any help !

#2

I think its being blocked by remote desktop. Microsoft blocks some pass-through of USB tokens and mice. I think you need to use VNC instead of RDP for server access because there is no way i know of to unblock tokens via RDP

#3

Thank you for the quick reply. Indeed there is something with RDP - I connected through VNC and the mouse is working properly.
However, no luck with my USB token containing the certificates, it still seems not to be properly recognized. This is a tricky one, it's a hardware secured USB token containing some certificates.
Strangely enough, when I do a pure RDP from local computer to cloud server and plug the USB in the local machine, it's recognized on the server!
But not working through VirtualHere unfortunately... any other idea I could try? :)

#4

Oh and I had an additional question: do I need to install the USB token drivers on the server? Or the client? Or both? (actually I tried everything without success but I was just wondering what's the best option...)

#5

Last comment: I have just tested with trial of 2 other software providers for USB over IP, and it works with both their solutions over VNC... but I'd gladly purchases your licence if we manage to make it work with Virtual Here :)

#6

Just to chime in - If you connect via RDP, Windows automatically ignores locally connected smart card readers/tokens/keys and exclusively uses only ones remotely shared over RDP (if any). If both the client and server are running Windows, you can share them easily. Otherwise the best solution is to use VNC instead of RDP.

#7

No need to install the drivers on the server, but you do need the dongle drivers on the client side(win2019 server)

What dongle model is it?

#8

Mmh, sorry for this stupid question but, how could I find out the dongle model? There is nothing written on the dongle itself :-)
The software using it is Safenet Authentication Client. The dongle is identified as "JC token" (it seems to be identified as a smartcard reader but there's no card, just the dongle itself)

#9

OK I use the exact same token to sign Virtualhere (via VirtualHere) on Win2019 server.

It has my EV certificate on it and its called JC token (originally sent from Digicert)

Yes virtualhere works fine with this. Usually i plug the token into my linux server and use it. But i switched to my win10 virtualhere server and connected to it inside Win2019Server via the VirtualHere client and it showed up fine. I also installed the safenet drivers for the token inside win2019server.

When you use the token via virtualhere have a look in Device Manager on the client AMI and View ->By Connection ->VirtualHere USB 3 eXtensible Host Controller-> do you see it listed there as USB Token?

Also have a look here https://social.technet.microsoft.com/Forums/Azure/en-US/e9682871-8a0a-4… to disable Smartcard redirection via RDP

#10

Haha fun coincidence, I guess this type of token is used by several certificate authorities.

Well I installed VH server on a Linux machine locally, and started from a clean Windows 2019 server with VH client in the cloud, and now the same token is well recognized. I don't really see what I did differently than before, but well, as long as it works, I'm happy... and I'm purchasing some licences for VH servers :-)
Thank you so much for the great support!