Spreed.me video outside network thru pfsense

robhedrick · November 22, 2016, 6:50pm

I have tried every combo of configurations to get spreed.me working outside of the local network with no luck. Hopefully someone can help me.

I have NextCloud(virtualized) working behind a pfsense firewall. I get a static /28 block of public ip’s from my ISP which are routed to my WAN interface over a PPPoE link. I can’t directly assign a public ip to an interface on the nextcloud server, but I can NAT them.

I’ve installed coturn and configured it in a million different ways.

Right now the NextCloud server has 3 nics
(lan address) 10.x.x.131 → (public address)y.y.y.46 1:1 NAT for NextCloud
(lan address) 10.x.x.132 → (public address)y.y.y.36 1:1 NAT for Turn Server Listening ip
(lan address) 10.x.x.133 → (public address)y.y.y.37 1:1 NAT for Alt turn server listening ip

Firewall NAT/Rules:

Relevant webrtc config:

 turnURIs = turn:y.y.y.36:3478?transport=udp turn:y.y.y.36:3478?transport=tcp turn:y.y.y.37:3478?transport=udp turn:y.y.y.37:3478?transport=tcp

Coturn Config:
listening=port=3478 alt-listening-port=0 tls-listening-port=5348 alt-tls-listening-port=0 listening-ip=x.x.x.132 listening-ip=x.x.x.133 external-ip=y.y.y.36 external-ip=y.y.y.37 fingerprint use-auth-secret static-auth-secret=XXXXXXXXXXXXXXXXXXXXXXXXXX total-quota=100 bps-capacity=0 stale-nonce log-file=/var/log/coturn/turn.log no-loopback-peers no-multicast-peers min-port=49152 max-port=49200 verbose Verbose

Here is the result when I attempt a call to/from outside the network.
2028: session 004000000000000001: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 000000000000000002: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 007000000000000003: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 004000000000000002: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 000000000000000001: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 004000000000000003: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 000000000000000003: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 007000000000000002: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 007000000000000001: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 000000000000000004: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 004000000000000004: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 005000000000000001: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 001000000000000001: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 007000000000000004: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 004000000000000006: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 001000000000000002: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 004000000000000005: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 006000000000000001: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 007000000000000005: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 000000000000000005: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2028: session 001000000000000002: TCP socket closed remotely x.x.x.1:6536 2028: session 000000000000000005: TCP socket closed remotely x.x.x.1:22282 2028: session 001000000000000002: closed (2nd stage), user <> realm <xxxxxx.cloud> origin <>, local x.x.x.132:3478, remote x.x.x.1:6536, reason: TCP connection closed by client (callback) 2028: session 000000000000000005: closed (2nd stage), user <> realm <xxxxxx.cloud> origin <>, local x.x.x.133:3478, remote x.x.x.1:22282, reason: TCP connection closed by client (callback) 2028: session 001000000000000002: delete: realm=<xxxxxx.cloud>, username=<> 2028: session 000000000000000005: delete: realm=<xxxxxx.cloud>, username=<> 2028: session 007000000000000005: TCP socket closed remotely x.x.x.1:19879 2028: session 007000000000000005: closed (2nd stage), user <> realm <xxxxxx.cloud> origin <>, local x.x.x.132:3478, remote x.x.x.1:19879, reason: TCP connection closed by client (callback) 2028: session 007000000000000005: delete: realm=<xxxxxx.cloud>, username=<> 2028: session 007000000000000004: TCP socket closed remotely x.x.x.1:17637 2028: session 001000000000000001: TCP socket closed remotely x.x.x.1:21210 2028: session 004000000000000006: TCP socket closed remotely x.x.x.1:56237 2028: session 001000000000000001: closed (2nd stage), user <> realm <xxxxxx.cloud> origin <>, local x.x.x.132:3478, remote x.x.x.1:21210, reason: TCP connection closed by client (callback) 2028: session 004000000000000006: closed (2nd stage), user <> realm <xxxxxx.cloud> origin <>, local x.x.x.133:3478, remote x.x.x.1:56237, reason: TCP connection closed by client (callback) 2028: session 001000000000000001: delete: realm=<xxxxxx.cloud>, username=<> 2028: session 004000000000000006: delete: realm=<xxxxxx.cloud>, username=<> 2028: session 006000000000000001: TCP socket closed remotely x.x.x.1:29034 2028: session 004000000000000005: TCP socket closed remotely x.x.x.1:38587 2028: session 004000000000000005: closed (2nd stage), user <> realm <xxxxxx.cloud> origin <>, local x.x.x.133:3478, remote x.x.x.1:38587, reason: TCP connection closed by client (callback) 2028: session 007000000000000004: closed (2nd stage), user <> realm <xxxxxx.cloud> origin <>, local x.x.x.132:3478, remote x.x.x.1:17637, reason: TCP connection closed by client (callback) 2028: session 004000000000000005: delete: realm=<xxxxxx.cloud>, username=<> 2028: session 006000000000000001: closed (2nd stage), user <> realm <xxxxxx.cloud> origin <>, local x.x.x.133:3478, remote x.x.x.1:29034, reason: TCP connection closed by client (callback) 2028: session 007000000000000004: delete: realm=<xxxxxx.cloud>, username=<> 2028: session 006000000000000001: delete: realm=<xxxxxx.cloud>, username=<> 2029: session 004000000000000001: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2029: session 000000000000000001: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2029: session 004000000000000004: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2029: session 000000000000000004: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2031: session 004000000000000001: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2031: session 000000000000000001: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2031: session 004000000000000004: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2031: session 000000000000000004: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2032: session 004000000000000001: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2032: session 000000000000000001: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2032: session 004000000000000004: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2032: session 000000000000000004: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2034: session 004000000000000001: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2034: session 000000000000000001: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2034: session 004000000000000004: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2034: session 000000000000000004: realm <xxxxxx.cloud> user <>: incoming packet ALLOCATE processed, success 2036: session 004000000000000001: realm <xxxxxx.cloud> user <>: incoming packet BINDING processed, success 2036: session 000000000000000001: realm <xxxxxx.cloud> user <>: incoming packet BINDING processed, success 2043: session 004000000000000004: TCP socket closed remotely x.x.x.1:35090 2043: session 004000000000000004: closed (2nd stage), user <> realm <xxxxxx.cloud> origin <>, local x.x.x.132:3478, remote x.x.x.1:35090, reason: TCP connection closed by client (callback) 2043: session 004000000000000004: delete: realm=<xxxxxx.cloud>, username=<> 2043: session 000000000000000004: TCP socket closed remotely x.x.x.1:14277 2043: session 000000000000000004: closed (2nd stage), user <> realm <xxxxxx.cloud> origin <>, local x.x.x.133:3478, remote x.x.x.1:14277, reason: TCP connection closed by client (callback) 2043: session 000000000000000004: delete: realm=<xxxxxx.cloud>, username=<> root@nextcloud1:/var/log/coturn#

The remote address is the LAN interface on the firewall.

Any ideas? Any help would be appreciated!

John_Shotton · November 22, 2016, 7:15pm

I used the snap install of spreed.me on Ubuntu and it setup the config file to point to the spreed.me turn server. it seems to be working when I have tried it on my cell to my office and also to my other office that is using a vpn .

John

robhedrick · November 22, 2016, 7:42pm

Do you know if I need to uninstall coturn before trying this? I had already attempted to comment out the TurnURI’s, set the StunURL to the spreed url without success.

robhedrick · December 6, 2016, 7:22pm

Does anyone else have any insight?