Where is the coturn config located?
-
@robi Huh... my issue seems to be happening regardless of what I do in terms of my port forwarding and the app I use
-
@atrilahiji we can't guess as to what app, network config and where clients are coming from.. or logs with errors.
-
@robi This is the error I'm running into:
For reference, this is the internal IP of my cloudron server. I tried calling my brother in another city using my phone (the iOS nextcloud talk app) on LTE
-
@atrilahiji that looks like an error in NC Talk.
I have a Cloudron with a similar setup and once the v6 upgrade happened our NC:T went down. We just needed the new ports added to the router for STUN & TURN.
@robi Those logs are for the TURN service in the services page on my cloudron btw. So I get the exact same thing when I try a video chat with Kopano Meet. These are my forwaded ports for the same IP that is apparently being blocked:
3478,3479,5349,5350,49152:65535/tcp
3478,3479,5349,5350,49152:65535/udp -
@robi Those logs are for the TURN service in the services page on my cloudron btw. So I get the exact same thing when I try a video chat with Kopano Meet. These are my forwaded ports for the same IP that is apparently being blocked:
3478,3479,5349,5350,49152:65535/tcp
3478,3479,5349,5350,49152:65535/udp -
@atrilahiji So the turn addon is configured as per https://github.com/coturn/coturn/blob/master/examples/etc/turnserver.conf to have the following ports:
listening-port=3478 tls-listening-port=5349 min-port=50000 max-port=51000We have also included a section for preventing some attack, which I think is what you may hit?
# https://www.rtcsec.com/2020/04/01-slack-webrtc-turn-compromise/ no-multicast-peers denied-peer-ip=0.0.0.0-0.255.255.255 denied-peer-ip=10.0.0.0-10.255.255.255 denied-peer-ip=100.64.0.0-100.127.255.255 denied-peer-ip=127.0.0.0-127.255.255.255 denied-peer-ip=169.254.0.0-169.254.255.255 denied-peer-ip=127.0.0.0-127.255.255.255 denied-peer-ip=172.16.0.0-172.31.255.255 denied-peer-ip=192.0.0.0-192.0.0.255 denied-peer-ip=192.0.2.0-192.0.2.255 denied-peer-ip=192.88.99.0-192.88.99.255 denied-peer-ip=192.168.0.0-192.168.255.255 denied-peer-ip=198.18.0.0-198.19.255.255 denied-peer-ip=198.51.100.0-198.51.100.255 denied-peer-ip=203.0.113.0-203.0.113.255 denied-peer-ip=240.0.0.0-255.255.255.255Those IPs are anyways no public IPs and thus would not help you to achieve connectivity through it as far as I understand.
-
@atrilahiji So the turn addon is configured as per https://github.com/coturn/coturn/blob/master/examples/etc/turnserver.conf to have the following ports:
listening-port=3478 tls-listening-port=5349 min-port=50000 max-port=51000We have also included a section for preventing some attack, which I think is what you may hit?
# https://www.rtcsec.com/2020/04/01-slack-webrtc-turn-compromise/ no-multicast-peers denied-peer-ip=0.0.0.0-0.255.255.255 denied-peer-ip=10.0.0.0-10.255.255.255 denied-peer-ip=100.64.0.0-100.127.255.255 denied-peer-ip=127.0.0.0-127.255.255.255 denied-peer-ip=169.254.0.0-169.254.255.255 denied-peer-ip=127.0.0.0-127.255.255.255 denied-peer-ip=172.16.0.0-172.31.255.255 denied-peer-ip=192.0.0.0-192.0.0.255 denied-peer-ip=192.0.2.0-192.0.2.255 denied-peer-ip=192.88.99.0-192.88.99.255 denied-peer-ip=192.168.0.0-192.168.255.255 denied-peer-ip=198.18.0.0-198.19.255.255 denied-peer-ip=198.51.100.0-198.51.100.255 denied-peer-ip=203.0.113.0-203.0.113.255 denied-peer-ip=240.0.0.0-255.255.255.255Those IPs are anyways no public IPs and thus would not help you to achieve connectivity through it as far as I understand.
-
@nebulon I didn’t see those lines in /etc/turn server.conf. Is this configured per app or is there a config file somewhere else I’m missing?
-
@girish perfect, thanks! I’ll play around in there and see if I can get this sorted.
-
-
@robi Ah what I meant is if you have run a meeting off of a computer that is on the same network as the server which is clearly also a computer.
-
Huh so I am back on the debugging train here. I do seem to fail the Reflexive connectivity test here O_OAlso, I should point out that I use Adguard Home on my router, which is also what connects to my cloudron. Would that cause any problems?
But its weird because it seems to work between my phone on data and my desktop (on the same network as my cloudron) but not between my someone in toronto and my desktop.
I remember there was a change related to this slated for a release @girish. Is this true? I'm really not sure what else I can do here O_O
EDIT: Seems like my investigations are going nowhere
I assumed it might have to do with this commit but if it works for Robi in the same scenario I've got nothing else I can think of trying: https://git.cloudron.io/cloudron/box/-/commit/6adf5772d8f871eae98ad5f5ffdbed7098bac214
-
Huh so I am back on the debugging train here. I do seem to fail the Reflexive connectivity test here O_OAlso, I should point out that I use Adguard Home on my router, which is also what connects to my cloudron. Would that cause any problems?
But its weird because it seems to work between my phone on data and my desktop (on the same network as my cloudron) but not between my someone in toronto and my desktop.
I remember there was a change related to this slated for a release @girish. Is this true? I'm really not sure what else I can do here O_O
EDIT: Seems like my investigations are going nowhere
I assumed it might have to do with this commit but if it works for Robi in the same scenario I've got nothing else I can think of trying: https://git.cloudron.io/cloudron/box/-/commit/6adf5772d8f871eae98ad5f5ffdbed7098bac214
-
-
Ugh no luck...
-
@robi Oh on the my desktop or the cloudron server?
Network-wise my port forwarding everything seems to be in order
