Jitsi, docker & clients behind corporate firewalls blocking UDP10,000

I am in the process of setting up jitsi for our corporate application. We have used the docker setup which we have deployed into AWS. The ec2 instance has an AWS application load balancer configured in-front of it with meet.ourdnsname.com setup on it and is proxying TCP port 80, 443, and UDP 10,000.
This is working really well except for 1 or 2 clients who are on a corporate network which is blocking the UDP 10,000 access. I understand that we should be able to setup a turn server on a separate IP address which will proxy port 443 back to the jitsi videobridge running on port 4443, but we can’t seem to make this work. We have setup a second AWS application load balancer on a different domain name (turn.ourdnsname.com) and thats forwarding to the port 4443 but we the target server is showing as unhealthy.
Anyone else got this same configuration, is there something that needs to be specifically set within the docker image to make this work?

1 Like

The turnserver actually proxy from tcp 443 to udp 10000. You. just need to make sure turnserver is using valid certificates for the domain it used and using port 443, prosody configured to return that to clients and that the turnserver can access the bridge publica ddresss on port 10000 udp and that’s it.

Thanks for confirming that, and am I right in thinking that the turn server isnt included in the standard docker config so we will need to go and add that all in and configure it?

Yep, that is still in a PR and is not merged is what I see.