My jitsi-videobridge is hosted on a Linux machine in my local network, and is connected to a publically-accessible endpoint via an OpenVPN tunnel. The companion Jitsi components (prosody, jicofo, jitsi-meet) all work, as clients from any network can join a conference room, see each other’s microphone/camera status, and send text messages.
The only problem is that when I join a conference from Jitsi Android via a mobile LTE connection, no audio or video is sent or received. The other member of the conference is a desktop web browser on my local network connecting to my self-hosted jitsi-meet. Only when my phone is on the local network (via Wi-Fi) does voice/video work properly.
I have already set $HOME/.sip-communicator/sip-communicator.properties
to include the videobridge host’s private & public IP addresses:
org.jitsi.impl.neomedia.transform.srtp.SRTPCryptoContext.checkReplay=false
org.ice4j.ice.harvest.NAT_HARVESTER_LOCAL_ADDRESS=<local IP address>
org.ice4j.ice.harvest.NAT_HARVESTER_PUBLIC_ADDRESS=<public IP address>
(It doesn’t make a difference whether a space is included after the equals sign, as suggested by [Solved]NAT STUN ICE4J traffic goes to private IP address intead of public one)
Despite having done this, the videobridge’s logs show that the host’s local IPv6 address is used to connect to the Android client:
ConnectivityCheckClient$PaceMaker.run#922: Pair failed: [<jvb host's private IPv6 address>]:10000/udp/host -> [<phone's public IPv6 address>]:54789/udp/host (stream-6e810773.RTP)
I did not configure the videobridge to use turn/stun, but that shouldn’t matter because I disabled peer-to-peer mode in both my jitsi-meet’s config.js, and in my Jitsi Android’s advanced settings.
I have already opened all necessary ports on my firewall. The same firewall rules for Jitsi are used for both the local network interface and the VPN tunnel interface, and since local connections work, the firewall cannot be the issue. I also used iptables on the VPN server to properly forward traffic to my host. I have several other public web services running under this setup, so it’s not as if my host isn’t reachable via public networks at all.
The only explanation I can think of is that sip-communicator.properties
isn’t being used. How can I ensure that it is being seen by the videobridge process?
EDIT: I should also mention that my host is Debian 10, and since it has an ARM CPU, I had to follow the manual install guide to install everything.