[jitsi-users] Firewall issues with video-conference through ejabberd server


#1

Hello,

I recently gave a try to Jitsi because I wanted to be able to do
video-conferencing with my ejabberd server. I previously used Empathy,
but it wasn't that stable, and it does not run under Windows (to my
knowledge...) Jitsi does the job, and it's just great (though I can
not figure how to raise font size) ! But the location of my office
changed few weeks ago, and I work now in a more restrictive
environment. There I cannot establish any audio or video connection
with my contacts - these work perfectly from my home.

So I have a firewall issue. I'm quite a rookie in this world : I don't
know the principles behind audio- or video-conferencing over XMPP. I
thought everything passed through the server, but it's obviously not
the case. What should I do, or what should I ask the firewall's admin
to allow, to make conferencing work ? I think that putting the
ejabberd server and all of my contacts in a VPN should do the job, but
this seems rather complicated...

Thanks in advance, best regards,

Al


#2

Hey Al,

Hello,

I recently gave a try to Jitsi because I wanted to be able to do
video-conferencing with my ejabberd server. I previously used Empathy,
but it wasn't that stable, and it does not run under Windows (to my
knowledge...) Jitsi does the job, and it's just great (though I can
not figure how to raise font size) ! But the location of my office
changed few weeks ago, and I work now in a more restrictive
environment. There I cannot establish any audio or video connection

A look at a set of logs could help shed some light on this if you care
to send them here.

with my contacts - these work perfectly from my home.

So I have a firewall issue. I'm quite a rookie in this world : I don't
know the principles behind audio- or video-conferencing over XMPP. I
thought everything passed through the server, but it's obviously not
the case. What should I do, or what should I ask the firewall's admin
to allow, to make conferencing work ?

It has to be allowed to send UDP packets from within your network to the
exterior world and it has to be allowed to get UDP packets back in
response to the ones you've sent. That's all really and most firewall
configurations would let this happen.

I think that putting the
ejabberd server and all of my contacts in a VPN should do the job, but
this seems rather complicated...

Yes it does and it is also likely to add a substantial performance
penalty, so, personally, I wouldn't advise anything along those lines.

Cheers,
Emil

···

On 07.03.13, 01:36, Alan AZZERA wrote:

Thanks in advance, best regards,

Al

--
https://jitsi.org


#3

Hey Al,

[...] I work now in a more restrictive
environment. There I cannot establish any audio or video connection

A look at a set of logs could help shed some light on this if you care
to send them here.

/That/ is what I call a really quick answer : many thanks ! I will do
another try within hours, and I will send logs here (reasonably
anonymized, of course !)

It has to be allowed to send UDP packets from within your network to the
exterior world and it has to be allowed to get UDP packets back in
response to the ones you've sent. That's all really and most firewall
configurations would let this happen.

Well, it seems the new one I'm facing is quite paranoid !

Yes it does and it is also likely to add a substantial performance
penalty, so, personally, I wouldn't advise anything along those lines.

I'm aware of this. But I have a 1 Gbps connection to the Internet -
though my LAN speed is only 100 Mbps and is too often a bottleneck,
even for working on my servers through SSH, sometimes /o\ ! Don't try
to understand... Anyway, this suggestion is kind of the « last chance
one ». I would prefer not to have to hide my communications. After
all, they are a part of my job !

Many thanks again. Best regards,

Al

···

2013/3/7 Emil Ivov <emcho@jitsi.org>:

On 07.03.13, 01:36, Alan AZZERA wrote: