Jitsi-meet behind reverse proxy only works when port 10000 is open to my public IP

Hello fellow Jitsers.

I’m attempting to deploy jitsi-meet on a Google Cloud VM behind an nginx reverse proxy. I have a valid certificate for my jitsi domain on the reverse proxy, and I’m forwarding traffic to port 443 on my jitsi-meet VM. Both VMs are on the same private network. I followed the quick setup guide for my jitsi install, with ‘apt install jitsi-meet’.

My issue begins when attempting to have more than two people in a room. The interesting thing however is that it works when allowing my public IP through the firewall to the jitsi machine on UDP port 10000. Does anyone know why this might be? This is a production environment and I don’t want ports open to the world, I would prefer all traffic went through the reverse proxy.

Thanks in advance.

Check https://jitsi.org/qi advanced section for more information on the ports.
There are two ports needed tcp 443 for webcontent and signalling and udp 10000 for the media to reach the video bridge. Tcp fallback for media is possible when using turnserver, but that should be used only as fallback. Running media over tcp will degrade quality.

Do I put the public IP of my reverse proxy, where I expect traffic to enter my network? Do I also need to allow traffic through port 10000 on my reverse proxy?

Thank you for the fast response.

Clients needs to access your deployment using a public address. Jvb is already discovering its public address using stun and is what is announcing to clients, on that public address you need to allow and forward if needed 10000 udp to the bridge.