Alter TLS listening port from 5349?

Hi,

We’re in a Jitsi setup with Coturn as TURN server. Using port 5349 (the default one) as TLS listening port keeps getting us into problems with organisations behind strict firewalls.

Can this port be altered to 443 (or some other port open by default) in a recommended fashion? Been reading about both pros and cons and even info that this isn’t doable anymore due to some Ubuntu update a few years back. Also some info that this isn’t possible since Nginx already listens to that port.

Kind regards
Andreas

1 Like

Hi,

Hmm, according to the guide for TURN setup in Jitsi Meet Handbook they suggest to implement multiplexing on Nginx to be able to use TURN server on port 443. However if we look under the FAQ in JItsi Meet Handbook the recommendation is to drop multiplexing entirely in favour of websockets for optimal WebRTC data channels.

Which is the recommended alternative? Perhaps we need to configure some parts based on the guide under the TURN setup https://jitsi.github.io/handbook/docs/devops-guide/turn/ and continue the configuration with the guide under FAQ https://jitsi.github.io/handbook/docs/devops-guide/faq ?

The websockets to the bridge and the turn through nginx 443 and different domain are two separate things.
You need to have a second DNS and configure nginx as pointed in Use TURN server on port 443[​](https://jitsi.github.io/handbook/docs/devops-guide/turn/#use-turn-server-on-port-443)

1 Like

Hi,
Our Turn server (coturn) is a separate server. Hence we believe Nginx could stay at port 443 (?) and simply point Prosody toturnserver:443. Is this a correct assumption?

Trying to set TLS-listening-port gives us the error “cannot bind tls/tcp listener socket to addr 443…errno=13”. Any ideas on this?

Yes.

Something else is using the port already…