Configure in vpn

Hello!
I installed jitsi on my server, it does not have a white IP, it is located behind the gateway server. On the gateway there is dns and white IP, on dns name I received ssl certificates and installed them on jitsi server. I configured iptables forward on the gateway, also there are two vpn interfaces on the gateway. When the white IP interface is open, I get to jitsi from any device and can create a room with more than 2 users, everything works fine.
However, if I turn off the external interface, then through VPN I get to jitsi and there is video and audio, but only for two users, as soon as the third user is connected, the video and audio of all disappears.
Help me figure out what needs to be done so that in vpn it works just like without vpn.

If it’s working for 2 people but not anyone else then you are likely connecting P2P and not really through the video bridge.

Try joining your meeting with this link from 2 browser tabs: https://meet.domain.com/test#config.p2p.enabled=false

This will help you test connections over the video bridge with 2 users.

Port 10000 is probably not being allowed through when the VPN interface is enabled.

Try this test:

More help: Not working for more than 2 people in the room

1 Like

You are right. My connection don’t work with https://meet.domain.com/test#config.p2p.enabled=false. I haven’t video and audio for 2 users. And i did

Blockquote

On the server

sudo nc -uvvl -s YOUR_IP -p 10000

Then on the client

sudo nc -uvv SERVER_IP PORT

Blockquote

and received the answer “shluse.vpn [192.168.0.134] 10000 (webmin) : Connection refused”
But this my iptables:

Blockquote

$IPT -A FORWARD -i $VPN1 -d 192.168.0.135 -p tcp -m tcp --dport 443 -j ACCEPT
#$IPT -A FORWARD -i $VPN1 -d 192.168.0.135 -p udp -m tcp --dport 4443 -j ACCEPT
$IPT -A FORWARD -i $VPN1 -d 192.168.0.135 -p udp -m udp --dport 10000 -j ACCEPT
$IPT -t nat -A PREROUTING -i $VPN1 -p tcp --dport 443 -j DNAT --to 192.168.0.135
#$IPT -t nat -A PREROUTING -i $VPN1 -p tcp --dport 4443 -j DNAT --to 192.168.0.135
$IPT -t nat -A PREROUTING -i $VPN1 -p udp --dport 10000 -j DNAT --to 192.168.0.135
$IPT -t nat -A POSTROUTING -j MASQUERADE

$IPT -A FORWARD -i $VPN2 -d 192.168.0.135 -p tcp -m tcp --dport 443 -j ACCEPT
#$IPT -A FORWARD -i $VPN2 -d 192.168.0.135 -p tcp -m tcp --dport 4443 -j ACCEPT
$IPT -A FORWARD -i $VPN2 -d 192.168.0.135 -p udp -m udp --dport 10000 -j ACCEPT
$IPT -t nat -A PREROUTING -i $VPN2 -p tcp --dport 443 -j DNAT --to 192.168.0.135
#$IPT -t nat -A PREROUTING -i $VPN2 -p tcp --dport 4443 -j DNAT --to 192.168.0.135
$IPT -t nat -A PREROUTING -i $VPN2 -p udp --dport 10000 -j DNAT --to 192.168.0.135
$IPT -t nat -A POSTROUTING -j MASQUERADE

I solved the problem. It consisted in the fact that I registered the IP address in the video bridge configuration file PUBLIC_IP The IP address of the network card that I blocked. When I changed the IP address to the IP of my VPN, it worked.

OMG this is awesome! Simple info and great narrative!