Hello,
we have a Nextcloud Talk server running with STUN, TURN and HPB.
It works well, when Clients have no Firewall blocking outgoing traffic.
UDP 5349 seems to be important.
Now we have one Client, with a firewall that only allows “Default internet”: http, https, ftp
MS Teams automatically switches to a mode using only TCP443, when other ports are blocked. Is this also possible with NC Talk?
Greetings
Wennemann
I have never tested it, but the documentation addresses this:
The High Performance Backend uses a certain range of ports for WebRTC media connections (20000-40000 by default). A client could be behind a restrictive firewall that only allows connections to port 443, so even if the High Performance Backend is publicly accessible the client would need to connect to a TURN server in port 443, and the TURN server will then relay the packets to the 20000-40000 range in the High Performance Backend.
For maximum compatibility the TURN server should be configured to listen on port 443. Therefore, when both a TURN server and the High Performance Backend are used each one should run in its own server, or in the same server but each one with its own IP address, as the High Performance Backend will need to bind to port 443 too.
if your STUN/TURN server works well it should also fallback to tcp/443.. but this is definitely not a recommended solution - there is a reason why udp is preferred for real-time media traffic. ..and also Teams doesn’t perform well with tcp/443.
in most cases udp/3478 is the key - it default port TURN port for every common product today - you should adopt the firewall to allow this traffic.