For Self Hosted Instance of Jitsi, is Port 10000/20000 compulsory?

Need help and indulgence of experts here.

We hve a self hosted instance of Jitsi. We wanted few organisations to use that and as they werent able to access it, we advised them to open port 10000/20000. But ofcourse they are apprehensive.

I was wondering if it is the best practise: afterall why will any organisation open their ports tyo take my service. My service should be able to navigate.

Are we doing something wrong? Is there a way in which self hosted instance of Jitsi can work without requesting organisations for opening of ports?

Thanks in advane.

If you set up a TURN server with a trusted TLS certificate on port 443, then organisations that filter outbound traffic will generally be able to use your self-hosted instance without needing to make any changes to their firewall configuration. Setting up TURN | Jitsi Meet

There will be some quality loss due to using TCP rather than UDP, but no worse than the quality loss they would see with other videoconference systems (unless they have whitelisted those specifically).

This is very helpful, thank you.
Will direct my guys to this link on Setting Up TURN.

Is this how other service providers do it?

No need to allow the incoming UDP/10000 traffic.
The outgoing UDP/10000 traffic should be allowed to access JVB directly.

All major videoconferencing services support TURN, yes. In many cases, administrators of corporate firewalls will allow direct outbound UDP traffic to well-known videoconference services, though, to improve quality.

This is very helpful. Will try to impress upon them this way.

Thank you. This option in case case will have to be configured just in case other is not acceptable. Users would find it helpful if they just start working without having to worry about network and firewall ports etc!
Thank you