Jitsi self hosted blocked despite Turn server white meet.jit.si working on the same secured network

I’m quite a newbie with server configuration and Had very hard time to try to configure Turn on a self hosted Jitsi instance.

For my testing purpose, I blocked my windows 10 port 10000 (in/out) and tested to connect unsuccessfully on my self hosted Jitsi.

Since few weeks ago when I found jitsi-school-installer which allowed me to install a new self hosted Jitsi in a breeze with Turn enabled automagically :100: Thanks @emrah !

So while testing with my own limited computer I can now connect to others with cam and mic allowed to other people. Ok for me.

But… a friend of mine, connected via VPN to her Corporate Network accepted to test and was not able to share video nor voice.

I also tested it was working for her on public meet.jit.si and it was working correctly.

I looked at the log files from /var/log but the only errors I could find for the Time of our failing test where for Nginx (I replaced the domain name to share below the only error line I found).

2021/02/09 17:52:18 [crit] 47866#47866: *3498 SSL_write() failed while sending response to client, client: 127.0.0.1, server: videoconference.example.fr, request: "GET /libs/rnnoise.wasm HTTP/1.1", host: "videoconference.example.fr", referrer: "https://videoconference.example.fr/presentation-privee-fde"

Also I installed CallStats which show this error:

Name: Error
Message: {“message”:“Unknown error”,“name”:“Error”,“stack”:"_reportError@https://videoconference.example.fr/libs/lib-jitsi-meet.min.js?v=4628:1:151613\nsendIceConnectionFailedEvent@https://videoconference.example.fr/libs/lib-jitsi-meet.min.js?v=4628:1:155371\nb.prototype.sendIceConnectionFailedEvent@https://videoconference.example.fr/libs/lib-jitsi-meet.min.js?v=4628:1:70487\nE.prototype.setupChatRoomListeners/<@https://videoconference.example.fr/libs/lib-jitsi-meet.min.js?v=4628:10:86700\na.prototype.emit@https://videoconference.example.fr/libs/lib-jitsi-meet.min.js?v=4628:1:115271\ndoInitialize/this.peerconnection.oniceconnectionstatechange@https://videoconference.example.fr/libs/lib-jitsi-meet.min.js?v=4628:1:222886\nA/this.peerconnection.oniceconnectionstatechange@https://videoconference.example.fr/libs/lib-jitsi-meet.min.js?v=4628:17:53577\n"}
Stack: _reportError@https://videoconference.example.fr/libs/lib-jitsi-meet.min.js?v=4628:1:151613
sendIceConnectionFailedEvent@https://videoconference.example.fr/libs/lib-jitsi-meet.min.js?v=4628:1:155371
b.prototype.sendIceConnectionFailedEvent@https://videoconference.example.fr/libs/lib-jitsi-meet.min.js?v=4628:1:70487
E.prototype.setupChatRoomListeners/<@https://videoconference.example.fr/libs/lib-jitsi-meet.min.js?v=4628:10:86700
a.prototype.emit@https://videoconference.example.fr/libs/lib-jitsi-meet.min.js?v=4628:1:115271
doInitialize/this.peerconnection.oniceconnectionstatechange@https://videoconference.example.fr/libs/lib-jitsi-meet.min.js?v=4628:1:222886
A/this.peerconnection.oniceconnectionstatechange@https://videoconference.example.fr/libs/lib-jitsi-meet.min.js?v=4628:17:53577

Can you please tell me what could be the problem and how I could solve it?

Hello

your logs don’t particularly inspire me, and your setup is not fully clear either. I suspect that:

  • you have a home network behind some ISP box
  • your Jitsi server is NATted behind this box.
  • you are accessing the server directly on the local network with your Win computer
  • your friends are accessing through the Internet (but they are using UDP normally)
  • you have a person failing to access your server with port 10000 blocked.

If all of this is correct, can you disconnect your computer from your local network and tether it to a 3G/4G network with an Android phone and test yourself with and without UDP ? Asking someone else will not give you real opportunity to debug the problem. If you can’t reproduce the problem via the internet with UDP blocked, it could be something else.

Bonjour @gpatel-fr ,

sorry for the late anwer.

So I could reproduce my friend’s problem who couldn’t connect. In fact, Firefox did it for me. After a few times using this browser, I discovered one day it couldn’t connect to ICE anymore.

Then the latest Firefox update, a few weeks ago solved the problem. I can now connect to jitsi with my ports blocked.

My friend was using Firefox instead of Chrome (as suggested) and she managed to connect the room despite her VPN blocking using Chrome finally and thanks to the Turn server of course.

Merci pour votre aide