We hve a self hosted instance of Jitsi. We wanted few organisations to use that and as they werent able to access it, we advised them to open port 10000/20000. But ofcourse they are apprehensive.
I was wondering if it is the best practise: afterall why will any organisation open their ports tyo take my service. My service should be able to navigate.
Are we doing something wrong? Is there a way in which self hosted instance of Jitsi can work without requesting organisations for opening of ports?
If you set up a TURN server with a trusted TLS certificate on port 443, then organisations that filter outbound traffic will generally be able to use your self-hosted instance without needing to make any changes to their firewall configuration. Setting up TURN | Jitsi Meet
There will be some quality loss due to using TCP rather than UDP, but no worse than the quality loss they would see with other videoconference systems (unless they have whitelisted those specifically).
All major videoconferencing services support TURN, yes. In many cases, administrators of corporate firewalls will allow direct outbound UDP traffic to well-known videoconference services, though, to improve quality.
Thank you. This option in case case will have to be configured just in case other is not acceptable. Users would find it helpful if they just start working without having to worry about network and firewall ports etc!
Thank you