I have following connection problem:
When using Nextcloud Spreed/Talk with two computers, that are also available via an internal VPN network, the voice/video traffic gets routed through the VPN connection, which causes heavy traffic on the VPN server’s connection and an impractical routing/delay. We use coturn as TURN server with a secret and STUN server on port 3478 as the Nextcloud server is behind a reverse proxy!
We have already tried to deny the VPN’s IP address range within coturn’s /etc/turnserver.conf:
denied-peer-ip=192.168.99.0-192.168.99.255
coturn says, that it denies these IPs when connecting.
But I am not sure, if this problem can be solved entirely via coturn. I have the impression, that it should also be declared to Talk/Spreed/Nextcloud, that the internal IPs are not to be used. Can someone tell me config-variables or other measures (port blockings?) to counter this problem?
Scenario:
HostA=129.27.2.77, VPN=192.168.99.2
HostB=195.160.77.5, VPN=192.168.99.3
HostVPN=43.77.88.99, VPN=192.168.99.1
HostA calls HostB via Nextcloud/Talk/Spreed. The talk does not connect from 129.27.2.77 to 195.160.77.5, but it connects from 192.168.99.2 to 192.168.99.3 which works, but the traffic gets routed via 43.77.88.99 and causes unnecessary traffic and delay, as the HostVPN is located in a different country. So I need to tell Talk/Spreed/Nextcloud, that 192.168.99.* should not be used.
Thank you + greetings
Mathias