[jitsi-users] Getting Jitsi Meet to work in a container behind double NAT


#1

Hello everyone :slight_smile:

First of all, thank you so much for working on Jitsi Meet, it's an amazing
tool and I've been using it through meet.jit.si for months without (big :D)
issues! :slight_smile:

I am now trying to set it up on my server, but I'm having a few issues.

The user-facing problem is:
- browser loads the page
- browser asks for permission to access mic and camera
- after permission is granted, no video connection is established, i.e. all
the user sees is the blue screen with the big mic and camera icons in the
middle

My setup:
Public IP --> router (NAT) --> server (192.168.1.X) --> LXD container that
runs jitsi-meet (NAT, 10.197.Y.Z) on Ubuntu 16.04

Server maps <port A> to container's 443 via UFW

I tried forwarding 10000-20000UDP, 5222/5269 (XMPP), 5347, but there were
no changes.

I modified /etc/jitsi/livebridge/sip-communicator.properties to add:
org.jitsi.videobridge.NAT_HARVESTER_LOCAL_ADDRESS=10.197.Y.Z
org.jitsi.videobridge.NAT_HARVESTER_PUBLIC_ADDRESS=<public_ip>
org.jitsi.videobridge.TCP_HARVESTER_PORT=443
org.jitsi.videobridge.TCP_HARVESTER_MAPPED_PORT=<port A>

Using Wireshark, I can see that the client browser first connects to <port

and exchanges data, then at one point it starts sending SYN to

<public_ip>:443, which looks wrong to me (and is already used by another
service on the server).

jvb.log shows 1 conference, 0 videostreams.

The only WARNING I get in jvb.log is "IceUdpTransportManager.log() Cannot
get transport type", the rest are INFO messages

The log also shows
net.java.sip.communicator.service.media.DISABLE_VIDEO_SUPPORT=true ... that
looks a bit strange if you ask me :slight_smile:

Do you guys have any hint for me? How could I debug this?

Andrea