Unable to connect NC to my coturn server - getting 401 error

ℹ️ Support 💬 Talk (spreed)
1

Nextcloud version: 24.0.5
Talk Server version ?
Custom Signaling server configured: no
Custom TURN server configured: yes
Custom STUN server configured: no

In case the web version of Nextcloud Talk is involved:
Operating system: SUSE SEL 15.04
Browser name and version: Chrome

The issue you are facing:
After configuring the URL to TURN Server in the setting for Talk, NC is unable able to connect to my turn server.

Is this the first time you’ve seen this error?
No

Steps to replicate it:

  1. Deploy a coturn server configured with following settings:
    realm=coturn20001.mydomain
    listening-ip=0.0.0.0
    listening-port=3478
    tls-listening-port=443
    min-port=49152
    max-port=65535
    log-file=stdout
    verbose
    pidfile=/var/tmp/turnserver.pid
    use-auth-secret
    static-auth-secret=north
    fingerprint
    total-quota=0
    bps-capacity=0
    stale-nonce
    no-multicast-peers
    user=turnUser:demo@sempre!
    pkey=/tls/tls.key
    cert=/tls/tls.crt
    mysql-userdb=“host=10.39.55.74 port=3306 dbname=coturn user=coturn password=sempre! connect_timeout=30”
  2. Configure the URL in the talk setting in NC to point to coturn20001.mydomain with a secret as configured in the coturn settings
  3. Test the settings. Returns error.

Coturn logs show the following. I have verified the secret matches the one configured in the MariaDb DB. and that the correction between coturn and DB is successful.

1240: : IPv4. tcp or tls connected to: 10.39.55.82:28183

1240: : session 001000000000000006: realm <coturn20001.sempre.local> user <>: incoming packet message processed, error 401: Unauthorized

1240: : IPv4. tcp or tls connected to: 10.39.55.82:36328

1240: : session 001000000000000007: realm <coturn20001.mydomain> user <>: incoming packet message processed, error 401: Unauthorized

1240: : ERROR: check_stun_auth: Cannot find credentials of user <1667434059:turn-test-user>

1240: : session 001000000000000006: realm <coturn20001.mydomain> user <1667434059:turn-test-user>: incoming packet message processed, error 401: Unauthorized

1241: : ERROR: check_stun_auth: Cannot find credentials of user <1667434059:turn-test-user>

1241: : session 001000000000000007: realm <coturn20001.mydomian> user <1667434059:turn-test-user>: incoming packet message processed, error 401: Unauthorized

1241: : session 001000000000000006: TCP socket closed remotely 10.39.55.82:28183

1241: : session 001000000000000006: usage: realm=<coturn20001.mydomain>, username=<1667434059:turn-test-user>, rp=2, rb=160, sp=2, sb=224

1241: : session 001000000000000006: peer usage: realm=<coturn20001.mydomain>, username=<1667434059:turn-test-user>, rp=0, rb=0, sp=0, sb=0

1241: : session 001000000000000006: closed (2nd stage), user <1667434059:turn-test-user> realm <coturn20001.mydomain> origin <>, local 0.0.0.0:3478, remote 10.39.55.82:28183, reason: TCP connection closed by client (callback)

1241: : session 001000000000000007: TCP socket closed remotely 10.39.55.82:36328

1241: : session 001000000000000007: usage: realm=<coturn20001.mydomain>, username=<1667434059:turn-test-user>, rp=2, rb=160, sp=2, sb=224

1241: : session 001000000000000007: peer usage: realm=<coturn20001.mydomain>, username=<1667434059:turn-test-user>, rp=0, rb=0, sp=0, sb=0

1241: : session 001000000000000007: closed (2nd stage), user <1667434059:turn-test-user> realm <coturn20001.mydomain> origin <>, local 0.0.0.0:3478, remote 10.39.55.82:36328, reason: TCP connection closed by client (callback)

2

Actually figured out that the coturn DB secret was misconfigured. This issue is resolved.