Android/iOS Talk App could not connect to STUN/TURN Server?

ℹ️ Support
,
1

Hello NC Community!

First of all here my system setting:

Nextcloud version: 18.0.2
Operating system and version: CentOS 8.1.1911 Core
Apache or nginx version: Apache/2.4.37
PHP version: PHP 7.4.3

The issue you are facing:
Nextcloud Talk App (Android & iOS tested) doesn’t display video stream & sound stream (only black display on both sides - no sound).

Is this the first time you’ve seen this error? Y (It’s a brand new installation)

Scenarios tested:

  1. external smartphone to another external smartphone -> both sides black display
  2. external smartphone to internal smartphone -> both sides black display
  3. external smartphone to internal pc (Edge Chromium) -> both sides black display
  4. all cases above are working with smartphone’s browser (not the app) fine!

Further information:

  • Video and audio stream on devices “PC to PC” is in all scenarios (internal/external) working!
  • STUN/TURN Server is external and internal on ports 3478/udp/tcp 5349/udp/tcp reachable
  • Chat is on all devices and scenarios working fine

Further information to NC Talk App:

  • Tested with NC Talk v8.0.3 on Android 10 (Galaxy S9)
  • Tested with NC Talk v8.1.0 on iOS 12.4.5 (iPad Air)
  • Tested with NC Talk v8.1.0 on iOS 13.3.1 (iPhone 11)
    –> Same behavior on all devices

Information to setup:

  • Nextcloud (& STUN/TURN) Server is behind NAT

The output of your Nextcloud log in Admin > Logging:

No current entrys (09:04), here last four lines:

{"reqId":"XnMmRHfxME2tu99DpcEu9AAAAM0","level":3,"time":"2020-03-19T07:59:00+00:00","remoteAddr":"10.20.5.17","user":"7FBCC2A4-0F86-40CF-9927-DDF609662FD2","app":"PHP","method":"GET","url":"/ocs/v2.php/apps/spreed/api/v1/chat/uuw65h67?lookIntoFuture=1&lastKnownMessageId=483&includeLastKnown=0","message":"Function ldap_control_paged_result_response() is deprecated at /var/www/html/nextcloud/apps/user_ldap/lib/LDAP.php#75","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36 Edg/80.0.361.62","version":"18.0.2.2"}
{"reqId":"XnMmVMFX@Jl6X6lPNz4pTQAAAJQ","level":3,"time":"2020-03-19T07:59:16+00:00","remoteAddr":"10.20.5.17","user":"7FBCC2A4-0F86-40CF-9927-DDF609662FD2","app":"PHP","method":"GET","url":"/ocs/v2.php/apps/notifications/api/v2/notifications","message":"Function ldap_control_paged_result() is deprecated at /var/www/html/nextcloud/apps/user_ldap/lib/LDAP.php#310","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36 Edg/80.0.361.62","version":"18.0.2.2"}
{"reqId":"XnMmVMFX@Jl6X6lPNz4pTQAAAJQ","level":3,"time":"2020-03-19T07:59:16+00:00","remoteAddr":"10.20.5.17","user":"7FBCC2A4-0F86-40CF-9927-DDF609662FD2","app":"PHP","method":"GET","url":"/ocs/v2.php/apps/notifications/api/v2/notifications","message":"Function ldap_control_paged_result() is deprecated at /var/www/html/nextcloud/apps/user_ldap/lib/LDAP.php#310","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36 Edg/80.0.361.62","version":"18.0.2.2"}
{"reqId":"XnMmVMFX@Jl6X6lPNz4pTQAAAJQ","level":3,"time":"2020-03-19T07:59:16+00:00","remoteAddr":"10.20.5.17","user":"7FBCC2A4-0F86-40CF-9927-DDF609662FD2","app":"PHP","method":"GET","url":"/ocs/v2.php/apps/notifications/api/v2/notifications","message":"Function ldap_control_paged_result_response() is deprecated at /var/www/html/nextcloud/apps/user_ldap/lib/LDAP.php#75","userAgent":"Mozilla/5.0 (Windows NT 10.0; Win64; x64) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/80.0.3987.122 Safari/537.36 Edg/80.0.361.62","version":"18.0.2.2"}

The output of your config.php file:

<?php
$CONFIG = array (
  'instanceid' => 'ocjogfh3mmrq',
  'passwordsalt' => '[sensible]',
  'secret' => '[sensible]',
  'trusted_domains' =>
  array (
    0 => 'cloud.[sensible]',
    1 => 'www.cloud.[sensible]',
    2 => '[sensible].local',
  ),
  'datadirectory' => '/data',
  'dbtype' => 'mysql',
  'version' => '18.0.2.2',
  'overwrite.cli.url' => 'https://cloud.[sensible]/nextcloud',
  'dbname' => 'nextcloud',
  'dbhost' => 'localhost',
  'dbport' => '',
  'dbtableprefix' => 'oc_',
  'mysql.utf8mb4' => true,
  'dbuser' => '[sensible]',
  'dbpassword' => '[sensible]',
  'installed' => true,
  'memcache.distributed' => '\\OC\\Memcache\\Redis',
  'memcache.locking' => '\\OC\\Memcache\\Redis',
  'memcache.local' => '\\OC\\Memcache\\APCu',
  'redis' =>
  array (
    'host' => 'localhost',
    'port' => 6379,
  ),
  'mail_from_address' => 'cloud',
  'mail_smtpmode' => 'smtp',
  'mail_sendmailmode' => 'smtp',
  'mail_domain' => '[sensible]',
  'mail_smtphost' => '10.168.100.10',
  'mail_smtpport' => '25',
  'ldapIgnoreNamingRules' => false,
  'ldapProviderFactory' => 'OCA\\User_LDAP\\LDAPProviderFactory',
  'skeletondirectory' => '',
  'default_language' => 'de',
  'trusted_proxies' => '10.168.100.10',
  'lost_password_link' => 'disabled',
  'loglevel' => '2',
  'log_rotate_size' => '20971520',
  'updater.release.channel' => 'stable',
);

The output of your Apache/nginx/system log in /var/log/____:

Apache ssl_error_log: empty
Apache error_log: empty
system messages.log: no errors in it today

Final question:
Why is there a seperate behavior in the NC Talk App to the Webbrowser Clients? Maybe the NC Talk App uses different ports / mechanisms? Is there sth. to configure for using the app? Or is it a bug in the latest App?

Excuse possible spelling errors - in germany we say “my english is not the yellow from the egg” :wink:
Have a nice day and stay healthy these days…

Michael

2

Android Talk App upgraded to 8.0.5 - problem still the same

3
  • Nextcloud upgraded to 18.0.3
  • Android Talk App upgraded to 8.0.8

Still same problem…

4

Hi michi! thanks for linking my problem to Your post, let’s then stay here because we’re talking about the same i think.

Yes, the Talk app 8.0.8 still the same blank screen. I think the problem may be with some REST API implementation in mobile app, when the turn server is behind NAT (i don’t have possibility to check it on public ip).

As an argument for my opinion is that on laptop with Internet given by same mobile where talk doesn’t work, the laptops browser works just fine.

We need some developer to check here and propose sth :wink:

2 Likes
6

Found the problem (for me)!
Talk app on mobile devices (android & ios) are working now fine :slight_smile:

Tested environment:

  • NC 18.0.3 on CentOS 8.1
  • NC Talk 8.0.8
  • NC Talk Android 8.0.9 (on Galaxy S9)
  • NC Talk Ios 8.1.0 (on Ipad Air 2)
  • Stun/Turn: coturn 4.5.1.1-3 on CentOS 8.1

My problem wasn’t NAT or Firewall - it was a reverse proxy problem…
Im using a sophos utm for reverse proxy functionality. Per default sophos utm reverse proxy has a active setting called “Common Threats filter”. This filter is blocking several things only the app is using.
If anyone has a similar constellation here are the filter rule id’s:
973302
973334
973344
973333
981240
950001
959073
981242
After whitelisting these it works for me.

Best regards
Michael