Server has self-signed certificate, can it be a reason?
On Sun, Mar 15, 2020 at 9:38 AM YUP <yupad...@gmail.com> wrote: > > Just to inform you, I made proxified kurento websocket in nginx and I > can connect to it: > $ wscat -n --connect https://external_server_ip_address/kurento > (node:24082) [DEP0123] DeprecationWarning: Setting the TLS ServerName > to an IP address is not permitted by RFC 6066. This will be ignored in > a future version. > Connected (press CTRL+C to quit) > > > > I set > - OM_KURENTO_WS_URL=https://external_server_ip_address/kurento > but got > o.a.o.c.r.KurentoHandler:124 [pool-1-thread-1] - Fail to create > Kurento client, will re-try in 10000 ms > > > > On Sun, Mar 15, 2020 at 8:56 AM YUP <yupad...@gmail.com> wrote: > > > > Can we just proxify kurento websocket? Something like this > > https://gist.github.com/steve-ng/ed6de1fa702ef70bd6ce ? > > > > On Sun, Mar 15, 2020 at 8:41 AM Maxim Solodovnik <solomax...@gmail.com> > > wrote: > > > > > > It seems I misread your previous email "all ports except 443, 80, 8080 > > > and 22." > > > I'm afraid you need more open ports ... > > > > > > I'm not sure but I would investigate if KMS/TURN URLs can be set up > > > for context i.e. > > > yourserver:4278/turn, yourserver:8888/kms in this case you can proxy them > > > .... > > > > > > On Sun, 15 Mar 2020 at 14:32, YUP <yupad...@gmail.com> wrote: > > > > > > > > It nothing changes, only 443 is open to the world. > > > > > > > > On Sun, Mar 15, 2020 at 8:24 AM Maxim Solodovnik <solomax...@gmail.com> > > > > wrote: > > > > > > > > > > Maybe you can set up KMS to use 8080? > > > > > TURN requires more open port to handle "totally closed" networks ... > > > > > > > > > > On Sun, 15 Mar 2020 at 14:18, YUP <yupad...@gmail.com> wrote: > > > > > > > > > > > > It seems to me that I found what is happening. Firewall blocks all > > > > > > non > > > > > > http requests out to all ports except 443, 80, 8080 and 22. That is > > > > > > why I don't have connection to outside turn ans stun servers. Is it > > > > > > possible to connect to those server in such conditions? Tunnels? > > > > > > > > > > > > On Fri, Mar 13, 2020 at 1:09 AM YUP <yupad...@gmail.com> wrote: > > > > > > > > > > > > > > Hello all, > > > > > > > Could someone help me with configuration of my OM setup? Any help > > > > > > > will > > > > > > > be greatly appreciated. > > > > > > > I have a server which is for several reasons behind NAT, only 443 > > > > > > > port > > > > > > > is open. There is sslh balancer, which redirect external traffic > > > > > > > to > > > > > > > different targets: nginx, openvpn, etc. Openmeetings 5.0.0-M3 > > > > > > > minimal > > > > > > > installed in container behind nginx proxy and works well, except > > > > > > > audio > > > > > > > and video. When I perform setup check after logged in (video > > > > > > > camera > > > > > > > and microphone) I can see myself in camera and can also see > > > > > > > increasing > > > > > > > and decreasing green line, which indicate microphone level, but I > > > > > > > can't save and replay the testing record. As far I understand the > > > > > > > problem is in NAT, so I had to use kurento server with TURN > > > > > > > server. I > > > > > > > did that by adding the environment variables for kurento server in > > > > > > > docker container with the corresponding data for > > > > > > > turn.anyfirewall.com: > > > > > > > > > > > > > > - KMS_STUN_IP=130.211.143.110 > > > > > > > - KMS_STUN_PORT=443 > > > > > > > - KMS_TURN_URL=webrtc:webrtc@130.211.143.110:443?transport=tcp > > > > > > > and the same for openmeetings docker container: > > > > > > > > > > > > > > - TURN_USER=webrtc > > > > > > > - TURN_PASS=webrtc > > > > > > > - TURN_URL=130.211.143.110:443?transport=tcp > > > > > > > > > > > > > > After restarting it allowed me immediately to perform network test > > > > > > > (except ip ping), but not resolved the issue with camera and > > > > > > > microphone. > > > > > > > When I connect to OM server with help of vpn (so I and OM server > > > > > > > are > > > > > > > in the same network) everything works as needed. I can save and > > > > > > > replay > > > > > > > video, I can hear myself, two OM users connected by vpn to OM > > > > > > > server > > > > > > > can talk to each other, etc. But it is not an option use vpn > > > > > > > connection... > > > > > > > I spent two days to find what I did wrong. I tried another TURN > > > > > > > and > > > > > > > STUN servers, different type of configurations and so on, nothing > > > > > > > helped. > > > > > > > > > > > > > > Regards, > > > > > > > Yarema > > > > > > > > > > > > > > > > > > > > -- > > > > > WBR > > > > > Maxim aka solomax > > > > > > > > > > > > -- > > > WBR > > > Maxim aka solomax
