How can I have Jitsi recognize my WAP (and not VPN) for UDP 10000?

Hi all,

I had Jitsi(via docker container) running on a simple Netgear router. Recently, I switched to pfSense and routed my internet traffic going through a VPN. Unfortunately, now my Jitsi(UDP 10000) traffic is attempting to go though my VPN address and not my actual WAN. Is there a way to set a static IP/dyndns address and disable the STUN server if possible? or is there a port I should open for the STUN server?


It’s not documented but you can use in to block your VPN address. It takes a comma-separated list of IP addresses of local interfaces to exclude from ICE candidates. I don’t think there’s a jvb.conf new-style config equivalent.

You can also disable the STUN harvester: ice4j.harvest.mapping.stun.enabled = false in jvb.conf and set a static mapping (but I think the VPN will still be advertised as a candidate if you only do this).

If your VPN has a private address then just setting to false could also be enough.


Thanks for the suggestions.

I made the changes to the in file, but my my commercial(non-private) VPN IP address still shows. I will keep chugging away at this.