Nextcloud talk on NC16: audio and video issues

elgringo · May 5, 2019, 10:59am

Hello everybody

Since NC16, I am facing to audio / video and turn issue

1: My complete configuration:

Nextcloud 16.0.0 on a dedicated server (192.168.1.100 on my local network). For tests, UFW is off
Coturn 4.5.0.7 installed on a “service” server (192.168.1.200 on my local network). UFW is off too.

Both servers are ubuntu 18.04 servers

Port forwarding on my network: 443 on 192.168.1.100 (for NC with ssl access)
3478 TCP & UDP on 192.168.1.200 (for stun and turn access with no TLS)

2: my turnserver coturn conf:

listening-port=3478
fingerprint
lt-cred-mech
use-auth-secret
static-auth-secret= #generated key with openssl command: openssl rand -hex 32
realm= #my external internet box fix IP address
total-quota=100
bps-capacity=0
stale-nonce=600
no-loopback-peers
no-multicast-peers

3: tests

stun access is ok through website Trickle ICE https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/

Tested : stun:myexternalIP:3478 =>ok
turn cannot be tested without introducing the auth secret.

4: NC talk parameters
On parameters webpage, I have added stun server, it seems to be ok

when I add turn address (externalIP:3478 , auth secret key, TCP & UDP) I obtain a “!” flag error. So I removed it

5: communication tests
Mobile 2 mobile communication, with the last android app (6.0.3)

local network wifi <> wifi : chat, video and audio work fine
LTE <> wifi and LTE<> LTE: only chat work. Video and audio don’t.

6 : my questions:
I can’t see where is my configuration issue. Could you help me? a turnserver issue conf? a port forwarding issue?
Is there a link between turn issue and LTE communication issue?

Thank you

El Gringo

mario · May 5, 2019, 11:21am

Yes, you might need TURN server properly installed and configured so this would work.

elgringo · May 5, 2019, 11:45am

thank you. do you have any idea on what it doen’t work?

mario · May 5, 2019, 8:22pm

Well, if the two peers can’t find their respective IPs through STUN, then you need TURN

elgringo · May 5, 2019, 8:46pm

I meant do you have any Idea on the reason of the non operational turn server. I have tried many tunes, but no way to have it working…

jookk · May 6, 2019, 12:48pm

See coturn config for port range and allow (port-forward ) it.
I paste my coturn conf.
I have nc 16 and talk calling working very good local non-local nets

jookk · May 6, 2019, 1:11pm

CoTURN config:

listening-port=3478 #Your port
tls-listening-port=your port
external-ip=yourpublicIP/yourGatewayorRouterIP # Your public ip and / your gateway or router local ip
verbose
fingerprint
use-auth-secret
static-auth-secret=YourGeneratedSecreet
realm=YourServerFQDN
total-quota=100
cert=/path/to/cert #make sure coturn can read it (file permissions)
pkey=/path/to/privatekey # As previous, coturn must have file permissions to read it
CA-file=/path/to/CA #as previous, make sure file permissions are right, so COTURN can read
dh-file=/path/to/… #File permissions so COTURN can read file
no-stdout-log
log-file=/var/log/turnserver/turn.log
simple-log
no-multicast-peers
no-tlsv1
no-tlsv1_1

I have turnserver installed on nextcloud host and it is on DMZ, so no need to port forwarding.
Use ufw and allow ports you configured with theese:
Profile: Turnserver
Title: Coturn Turnserver
Description: Free open source implementation of TURN and STUN Server

Ports:
3478,3479,5349,5350,49152:65535/tcp
3478,3479,5349,5350,49152:65535/udp

elgringo · May 6, 2019, 1:32pm

Ok I will try to check these parameters in 3 steps:

without TLS and without ufw
If it works:
with TLS (thanks for the right management for cert readings, I forgot that fact)
and if all is fine, I’ll pull ufw on

For the 1st step, it seems logical that realm=my external fix public address, right?

Thank you for your help!!

elgringo · May 6, 2019, 6:40pm

Hello
I have tried all proposed.
I took care of cert right.
stun works with FQDN:4589 (tls port)
But unfortunately I obtain the same non success when I fill the NC talk turn fields in NC16
I will try to install former versions of NC and NC talk, in order to see if the problem is really on my network / coturn configurations or if there is a bug with NC / NC talk

Thanks for all. If anyway you have other ideas…

elgringo · May 7, 2019, 1:51pm

Hello everybody.
This morning, without touching anything, I have tried to check NC talk parameters with turn values. During 3 days nothing worked. But today I obtained a ✓ as a validation ! From my job I have called my son through LTE with NC talk app. He was on LTE too, and… Audio and vidéo were clear!!!
A mystery. I will save the conf as it is, on case of crash of server…

Thank you for your help!!

jookk · May 7, 2019, 5:59pm

Im glad it working fine for you