Participants can't see each other

Hi to all,
my next topic…
As I wrote in another thread I got Webmeetings up and running. I can talk to two of my workmates without a problem. But these two can’t connect to each other. In a conference, I can see both and communicate with both, but these two can’t see each other. The webmeetings Log does not tell much, reports only the connection attempts. Any Idea, what goes wrong here and where I can gather further information?

Best regards

Thomas

do you have the turn server working?

Hi mcostan and thank you for your reply,
I have a turnserver installed but are not sure if configured right. Here’s the turn server.conf:


listening-port=3478


# Uncomment to use fingerprints in the TURN messages.
# By default the fingerprints are off.
#
fingerprint

# Uncomment to use long-term credential mechanism.
# By default no credentials mechanism is used (any user allowed).
#
lt-cred-mech


# This allows TURN credentials to be accounted for a specific user id.
# If you don't have a suitable id, the timestamp alone can be used.
# This option is just turning on secret-based authentication.
# The actual value of the secret is defined either by option static-auth-secret,
# or can be found in the turn_secret table in the database (see below).
# 
use-auth-secret

# 'Static' authentication secret value (a string) for TURN REST API only. 
# If not set, then the turn server
# will try to use the 'dynamic' value in turn_secret table
# in user database (if present). The database-stored  value can be changed on-the-fly
# by a separate program, so this is why that other mode is 'dynamic'.
#
static-auth-secret=our-auth-secret


realm=our-domain-name


# Total allocation quota.
# default value is 0 (no quota).
# This option can also be set through the database, for a particular realm.
#
total-quota=100


#
# Maximum server capacity.
# Total bytes-per-second bandwidth the TURN server is allowed to allocate
# for the sessions, combined (input and output network streams are treated separately).
#
bps-capacity=0


# Uncomment if extra security is desired,
# with nonce value having limited lifetime.
# By default, the nonce value is unique for a session,
# and has unlimited lifetime. 
# Set this option to limit the nonce lifetime. 
# It defaults to 600 secs (10 min) if no value is provided. After that delay, 
# the client will get 438 error and will have to re-authenticate itself.
#
stale-nonce=600


# Option to set the log file name.
# By default, the turnserver tries to open a log file in 
# /var/log, /var/tmp, /tmp and current directories directories
# (which open operation succeeds first that file will be used).
# With this option you can set the definite log file name.
# The special names are "stdout" and "-" - they will force everything 
# to the stdout. Also, the "syslog" name will force everything to
# the system log (syslog). 
# In the runtime, the logfile can be reset with the SIGHUP signal 
# to the turnserver process.
#
log-file=/var/log/turn.log


# Option to suppress STUN functionality, only TURN requests will be processed.
# Run as TURN server only, all STUN requests will be ignored.
# By default, this option is NOT set.
#
no-stun

# Flag that can be used to disallow peers on the loopback addresses (127.x.x.x and ::1).
# This is an extra security measure.
#
no-loopback-peers

# Flag that can be used to disallow peers on well-known broadcast addresses (224.0.0.0 and above, and FFXX:*).
# This is an extra security measure.
#
no-multicast-peers

The firewall allows port 3478 tcp and udp.

The log says almost nothing:

cat /var/log/turn_2018-10-09.log 
287090: log file opened: /var/log/turn_2018-10-09.log