Jitsi behind NAT

Better an image :
Untitled Document
Jitsi machine reacheable from inet, can select chat room but no video/audio (and disconnecting past some time)
All port forwards an allow rules ok in pfsense firewall and in jitsi ufw (same if ufw is disabled). Is 9443(inet) port to 443(internal) fine?
Accessing directly (through openvpn) shows video and audio.
Don’t know where to look next.
Thanks in advance
PS: more confortable to explain in spanish if possible.

If you’re behind pfsense, disable ufw

Use haproxy on pfsense to do reverse proxy. Port forward only port 10000 UDP to jitsi ip

@masteryoda: slightly sidestepping the original question, but would you know what makes haproxy the choice of proxy for jitsi? I’m wondering since nginx is also capable of loadbalancing- and proxying tcp and udp, but it seems that haproxy still is the proxy-server of choice?

Yes. You can use NGINX. But by defining it in pfsense is easier to do with the UI

Thanks for your response! I’m now at home still in lockdown so adding/configuring haproxy through openvpn feels somewhat dangerous. I found quite confusing documentation about trying to change ports but no one works. The setup seems to be working (locally through vpn) but i need totes with another user connected. About haproxy which would be the simplest approach (maybe ACL based on https://www.digitalocean.com/community/tutorials/an-introduction-to-haproxy-and-load-balancing-concepts?) Sorry for my noob questions but never used load balancing before.

take a look at this video