TURN Server

gary.hook

I’m trying to implement a private TURN server (COTURN) and allow Webmeetings to coordinate with external parties for video chat. My COTURN server is up and running and I’ve added the UCS variables:

meetings/spreed/configSpreedTurn=True
meetings/spreed/stunURIs=stun:<localip of turn server>
meetings/spreed/turnURIs=stun:<localip of turn server>?transport=upd|tcp
meetings/spreed/turnSecret=mysecret

I’ve opened up my firewall ports 3478/5349 to NAT to the local COTURN server. I can connect to the COTURN server by https://public_ip_of_coturn:3478

When I open a webmeetings session remotely (https://public_ip_of_webmeetings/) I get a login screen and can log in but the connection times out.

what am I missing?

Any help would be appreciated!

mcostan

Gary, I got this working some time ago although I never had the chance to post the instructions.

I only got it to work on ubuntu though. I seem to remember I installed the standard coturn package that comes with ubuntu.

I am pressed for time recently, but when I have the chance I’ll try to dig out exactly the configuration I used and try to post it here.

gary.hook

mcostan - Thanks…that’s exacty what i’m using (Ubuntu server 16.04).

Again, any help would be appreciated!

mcostan

just pressed for time but I will get there, hopefully over the weekend. It took me ages to get the turn server to work (and zarafa/kopano did help me out) but it does work. I was meant to publish the results in the forums long ago but never quite had the time, so this will be a good opportunity to do so.

mcostan

@gary.hook

This is the file I have on ubuntu

listening-port=443
alt-listening-port=3478
listening-ip=my_static_ip_address
relay-ip=my_static_ip_address
fingerprint
lt-cred-mech
use-auth-secret
static-auth-secret=a_secret_string
realm=mycompany.com
total-quota=100
bps-capacity=0
stale-nonce
#cert=/path/to/tls/cert-with-chain.pem
#pkey=/path/to/tls/private-key.pem
cipher-list="ECDH+etc. etc. "
no-loopback-peers
no-multicast-peers

mcostan

@gary.hook

In addition in the file:

/etc/kopano/webmeetings.cfg

which is part of the Kopano server

change the following:

turnURIs = turn:theid_or_domainname_of_your_turn_server:443?transport=udp

turnSecret = the_password_you_added_to_the_turn_server

gary.hook

@mcostan - Thanks!

A couple of quick questions:

my_static_ip_address - Is this a public IP or can it be a private IP? Can it be a domain address? I.E. turn.example.com or 192.168.100.20?
my_static_ip_address - Is this a public IP or can it be a private IP? Can it be a domain address? I.E. turn.example.com or 192.168.100.20?

I assume that “theid_or_domainname_of_your_turn_server” is a public address?

cipher-list="ECDH+etc. etc. " - I’m not real familiar with this property. Can the DEFAULT be used?

Thanks!

mcostan

Hi,
my_static_ip_address This is the IP address of where the turn server is actually running. In my case it runs on a separate external network and hence it has a separate IP address (has to be static as far as I know). I have only tried with the actual IP address, not sure whether it would work with a DNS name, e.e. turn.example.com but you can try

theid_or_domainname_of_your_turn_server

This is the same IP address as above. I.e. the webmeetings component needs to know where it can access the turn server and it does so with the IP address.

cipher-list="ECDH

Yes this is the standard one. I just removed the string I had in my configuration file.

gary.hook

@mcostan

Thanks so much for your help! I plugged in the configuration and it works like a charm! The only 2 things i changed where the listening port (3478) and the cipher-list=“DEFAULT”

Again, I appreciate your assistance!

Gary