Configure jitsi meet with a set of specific udp port

Hi,

I have installed jitsi in a secured cloud environment and configured with the ports mentioned in the documentation. The ports are whitelisted from a customer firewall as well.

But when we try to use it inside customer network the audio and video is not connecting. It is connecting ok if both users are inside customer firewall and not working if one person is in outside network.

Customer security team is saying its because of multicasting and asking us to restrict and configure it with a range of udp ports depending on the load required.

Tried through the documentation but it is not helping. Please help me in this regard.

If it’s about UDP it must be about the videobridge connection; it’s between the browser (where the start port is choosen by the operating system of the client and there is no way for the server app - Jitsi meet - to influence it) and the server (when there is a fixed port, by default 10000, and there is no way to change that to a range ‘depending on the load required’).
So to get serious, I’d advise to disable p2p on the server since p2p is a world of pain when NAT and firewalls are involved, and then check that turn is working, so that TCP takes control when UDP is faltering. Outside of this general advice, it’s just not possible to debug network problems remotely especially in ‘secure’ environments where everything is kept behind a fog of secrets.

@gpatel-fr thanks for the reply. As you have said it was a UDP port issue and the customer network does not allow UDP ports for browsers. We enabled turn server using the script given by @emrah in the post Jitsi with Turn-Server - #5 by Christofer and it worked.

Now we are trying to enable the jwt token authentication. using the command sudo apt-get install jitsi-meet-tokens -y . When we enable the jwt token the connection is going again through port 10000 and the connections are again blocked.

I tried recreating the issue in my personal machine by disabling the port 10000 in the Windows Firewall and the connections were blocked with the tokens enabled. But it was working without tokens even after blocking the port 10000. Any help in this regard will be really helpful. Thanks.

I have absolutely no idea why blocking port 10000 should have any relation with jwt authentication, sorry.
You should open a new issue.

I am also confused about the same. Ideally I am just enabling the security in an existing installation. So ideally it should not alter the port settings.

One guess I could make is whether the jwt installation is altering any letsencrypt settings. I read from some other post that if any certificate chaining issue the turn server will not work.