UPDATE 2018-03-27
Hi all,
all calls (both audio and video) only work between devices inside the local LAN.
Calls outside our local network remain in black screen with no audio even if apparently there is an exchange of data between the devices.
The audio icon flashes if we try to talk and on device 1 (iPhone) call is not waiting for a caller but the connection is established successfully.
Below you can find the configuration .
Do I have to do other configurations?
If yes, what I have to modify?
i understood that the purpose of the turn server is to avoid exactly this black screen. and therefore the turn server is mend to be place in the internet. so if you put the turn server also behind a nat device you have to understand the config for this scenario. in my link above it should be de scripted. ok?
Sorry but I’m still not understanding how to configure our TURN server.
It is already configured with a public IP, are you suggesting to move it inside our local network and configure a NAT?
Reading your guide, i can clearly confirm that our case is a TURN server running not behind a NAT , but with direct www connection and static public IP
However @victorbw, i’m really appreciating your support, please don’t misunderstand my words as mad
i just wanted to say that there is already a long thead with a lot config examples. so maybe your problem is also covered there. or you find an expert among the experts posting config there. and i didn’t see “DMZ” so i assumed you run your turn server in your intranet. my mistake.
btw: we are on the same site. i’m desperately seeking a solution for turn in docker. (what is a kind of “behind-nat-problem”.)
in my playbook - as far as i remember - i was able to get talk running on debian/ubuntu (without docker) i’m not sure if i ever tested it with centos.
anyhow my playbook wouldn’t help you because nc and turn would be on the same maschine. but maybe you could setup a test maschine with a working config and bring it to your turn server.
Are you sure that the turn server is not firewalled? Or the nextcloud server? You turn off firewalld locally. But you dont say anything about the router/firewall that most probably sits in front of the dmz, how is that configured? Have you turned on debug on the turn server or listened on the traffic with tcpdump?
Also try open the port on DMZ firewall for TCP and UDP.
What are your test devices? Testing with mobile Android phones on 3g/4g network with Talk App makes it easier than testing with desktops who may have their own firewalls and settings or sitting behind something.
1 iphone on 4G and 1 android on 4G.
All test in all direction:
iphone - android both of them on wifi LAN (working).
iphone - android both of them on 4G.
iphone - android one on wifi LAN and one 4G.
notebook - iphone one on LAN and one 4G.
notebook - iphone one on LAN and one wifi LAN (working).
notebook - android one on LAN and one 4G.
notebook - android one on LAN and one wifi LAN (working).
Please assure first that the coturn is running without error messages.
As I can see above you use v4.5.0.7 (I guess since there is a special CentOS7 tarball available?), so in this case indeed you need to add lt-cred-mech which is required for all versions below 4.5.0.8 but throws a warning for all versions above.
You might have found the guide without this setting as I removed it due to the error message and meanwhile re-added it after realizing that it is required for older versions. coTURN was quite a bid changing around their settings behaviour.
When starting coturn carefully watch the log for any other config quirks.
I changed everything, I installed nextcloud and turnserver on the same server.
The VM is still on DMZ, connecting directly on the internet.
Now I’m trying to configure the turn server file on localhost.
Do you have any tips?
despite what is frequently said, I had to use lt-cred-mech in coturn configuration to make it work.
Then I started to notice user id logged in turn log file and talk started to work.
Unfortunately, I decided not to propose nextcloud talk because it’s not reliable on firefox !