TURN Server



  • I’m trying to implement a private TURN server (COTURN) and allow Webmeetings to coordinate with external parties for video chat. My COTURN server is up and running and I’ve added the UCS variables:

    meetings/spreed/configSpreedTurn=True
    meetings/spreed/stunURIs=stun:<localip of turn server>
    meetings/spreed/turnURIs=stun:<localip of turn server>?transport=upd|tcp
    meetings/spreed/turnSecret=mysecret

    I’ve opened up my firewall ports 3478/5349 to NAT to the local COTURN server. I can connect to the COTURN server by https://public_ip_of_coturn:3478

    When I open a webmeetings session remotely (https://public_ip_of_webmeetings/) I get a login screen and can log in but the connection times out.

    what am I missing?

    Any help would be appreciated!


  • Translator

    Gary, I got this working some time ago although I never had the chance to post the instructions.

    I only got it to work on ubuntu though. I seem to remember I installed the standard coturn package that comes with ubuntu.

    I am pressed for time recently, but when I have the chance I’ll try to dig out exactly the configuration I used and try to post it here.



  • mcostan - Thanks…that’s exacty what i’m using (Ubuntu server 16.04).

    Again, any help would be appreciated!


  • Translator

    just pressed for time but I will get there, hopefully over the weekend. It took me ages to get the turn server to work (and zarafa/kopano did help me out) but it does work. I was meant to publish the results in the forums long ago but never quite had the time, so this will be a good opportunity to do so.


  • Translator

    @gary.hook

    This is the file I have on ubuntu

    listening-port=443
    alt-listening-port=3478
    listening-ip=my_static_ip_address
    relay-ip=my_static_ip_address
    fingerprint
    lt-cred-mech
    use-auth-secret
    static-auth-secret=a_secret_string
    realm=mycompany.com
    total-quota=100
    bps-capacity=0
    stale-nonce
    #cert=/path/to/tls/cert-with-chain.pem
    #pkey=/path/to/tls/private-key.pem
    cipher-list="ECDH+etc. etc. "
    no-loopback-peers
    no-multicast-peers


  • Translator

    @gary.hook

    In addition in the file:

    /etc/kopano/webmeetings.cfg

    which is part of the Kopano server

    change the following:

    turnURIs = turn:theid_or_domainname_of_your_turn_server:443?transport=udp

    turnSecret = the_password_you_added_to_the_turn_server



  • @mcostan - Thanks!

    A couple of quick questions:

    my_static_ip_address - Is this a public IP or can it be a private IP? Can it be a domain address? I.E. turn.example.com or 192.168.100.20?
    my_static_ip_address - Is this a public IP or can it be a private IP? Can it be a domain address? I.E. turn.example.com or 192.168.100.20?

    I assume that “theid_or_domainname_of_your_turn_server” is a public address?

    cipher-list="ECDH+etc. etc. " - I’m not real familiar with this property. Can the DEFAULT be used?

    Thanks!


  • Translator

    Hi,
    my_static_ip_address This is the IP address of where the turn server is actually running. In my case it runs on a separate external network and hence it has a separate IP address (has to be static as far as I know). I have only tried with the actual IP address, not sure whether it would work with a DNS name, e.e. turn.example.com but you can try

    theid_or_domainname_of_your_turn_server

    This is the same IP address as above. I.e. the webmeetings component needs to know where it can access the turn server and it does so with the IP address.

    cipher-list="ECDH

    Yes this is the standard one. I just removed the string I had in my configuration file.



  • @mcostan

    Thanks so much for your help! I plugged in the configuration and it works like a charm! The only 2 things i changed where the listening port (3478) and the cipher-list=“DEFAULT”

    Again, I appreciate your assistance!

    Gary


Log in to reply
 

Looks like your connection to Kopano Community Forum was lost, please wait while we try to reconnect.