Disconnect problem in redirected port an NAT

pcouderc · May 10, 2020, 3:28pm

My url is https:://jisti.mydomain.com:839 and I redirect (in my ISP “box”) port 839 to 192.168.1.11:443 (and UDP 10000) which a buster lxd container where I have installed jitsi carefully following NAT instructions of https://jitsi.org/downloads/ubuntu-debian-installations-instructions/ and of https://github.com/jitsi/jitsi-meet/blob/master/doc/quick-install.md. I use my own let’sencrypt certificate. And chrome finds that ok, but in the developper tools I note:

strophe.umd.js:5123 POST https://jitsi.mydomain.com/http-bind?room=couderc net::ERR_CERT_COMMON_NAME_INVALID

I note too error:
Logger.js:154 2020-05-10T15:26:22.239Z [JitsiMeetJS.js] <Object.getGlobalOnErrorHandler>: UnhandledError: null Script: null Line: null Column: null StackTrace: Error: Strophe: request id 3.3 error 0 happened
at Object.r.Strophe.log (strophe.util.js:89)
at Object.error (strophe.umd.js:1392)
at D.Bosh._onRequestStateChange (strophe.umd.js:5017)

and
Logger.js:154 2020-05-10T15:26:22.240Z [modules/xmpp/strophe.util.js] <Object.r.Strophe.log>: Strophe: request id 3.3 error 0 happe

while it is trying to reconnect…

I must add that port 80 is not redirected to this container as it is uses for let’encrypt certificate generation in another container.

Help welcome…

Thanks
PC

damencho · May 10, 2020, 8:20pm

Your web and bosh use different ports, you need to make them use the same port. Bosh is configured in config.js in /etc/jitsi/meet.

pcouderc · May 11, 2020, 2:03pm

Thank you very much, but I am sorry, I do not understand : I find config.js but the only port I find in it is 443 for the stunServer… I suppose it is not relevant …

damencho · May 12, 2020, 3:32am

Your bosh is setup to use port 443, default of https

pcouderc · May 12, 2020, 5:29am

Yes, 443, my jitsi install is standard. Except that in my router (my ISP box), I redirect port 839 to standard 443 (as 443 and 80 are used by “normal” web server). So in my VM, we use only 443. I know something is wrong in what I say, but I do not understand what… (Note if you want to try it, my “normal” server is www.couderc.eu, and my jitsi install is open and has the same name with jitsi instead of www but on 839 port).

damencho · May 12, 2020, 10:56pm

Yes but the setting for your bosh is not 839 so your clients use 443 and does not reach your jitsi-meet instance as the forwarding is for 839.
You need to configure your bosh url to use the same 839 port

pcouderc · May 13, 2020, 6:16am

oh… yes ! fine now. Thank you very much ! Maybe a small note in https://github.com/jitsi/jitsi-meet/blob/master/doc/quick-install.md would be a good idea…