Jitsi works behind NAT firewall, connecting from outside fails, but I already get the jitsi startpage

Hi,

I have installed jitsi behind a NAT firewall on Ubuntu 18.04 and in the local network I can establish video calls from desktop computers, that works.
I have also installed the certificate chain in nginx, opened the respective ports (as given in the quick install guide) in the NAT router and added the lines for the local and public IP-Addresses in the sip-communicator.properties
I can access the jitsi startpage from outside (‘the internet’) via https, the page loads and the browser shows that the certificate is valid and the connection is secure.
So everything looks fine so far, but when I try to join a meeting no real connection can be established. The browser keeps trying to establish a connection and retries after a while.
Same for the Android app, it can reach the server (so the certificate works) and I can try to join a meeting, but the circle keeps turning and I get a ‘connection lost’ message after a timeout.
It looks as if I am nearly there, but what am I missing?
I provide entries from the logfiles below that might give a clue.

Stefan

jvb.log (this is the only error I got there multiple times)
2020-04-03 16:31:16.984 SCHWERWIEGEND: [19] Health.doRun#300: Health check failed in 0ms:
java.lang.Exception: Failed to bind single-port
at org.jitsi.videobridge.health.Health.doCheck(Health.java:143)
at org.jitsi.videobridge.health.Health.doRun(Health.java:266)
at org.jitsi.utils.concurrent.PeriodicRunnableWithObject.run(PeriodicRunnableWithObject.java:87)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor.run(RecurringRunnableExecutor.java:216)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor.runInThread(RecurringRunnableExecutor.java:292)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor.access$000(RecurringRunnableExecutor.java:36)
at org.jitsi.utils.concurrent.RecurringRunnableExecutor$1.run(RecurringRunnableExecutor.java:328)

jicofo.log
ERRORS (only this one occurs multiple times)
Jicofo 2020-04-03 08:47:13.926 SCHWERWIEGEND: [32] org.jitsi.meet.ComponentMain.log() java.net.ConnectException: Verbindungsaufbau abgelehnt (Connection refused), host:localhost, port:5347
org.xmpp.component.ComponentException: java.net.ConnectException: Verbindungsaufbau abgelehnt (Connection refused)
at org.jivesoftware.whack.ExternalComponent.connect(ExternalComponent.java:296)
at org.jivesoftware.whack.ExternalComponentManager.addComponent(ExternalComponentManager.java:242)
at org.jivesoftware.whack.ExternalComponentManager.addComponent(ExternalComponentManager.java:222)
at org.jitsi.meet.ComponentMain.lambda$getConnectCallable$0(ComponentMain.java:285)
at org.jitsi.retry.RetryStrategy$TaskRunner.run(RetryStrategy.java:193)
at java.util.concurrent.Executors$RunnableAdapter.call(Executors.java:511)
at java.util.concurrent.FutureTask.run(FutureTask.java:266)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.access$201(ScheduledThreadPoolExecutor.java:180)
at java.util.concurrent.ScheduledThreadPoolExecutor$ScheduledFutureTask.run(ScheduledThreadPoolExecutor.java:293)
at java.util.concurrent.ThreadPoolExecutor.runWorker(ThreadPoolExecutor.java:1149)
at java.util.concurrent.ThreadPoolExecutor$Worker.run(ThreadPoolExecutor.java:624)
at java.lang.Thread.run(Thread.java:748)
Caused by: java.net.ConnectException: Verbindungsaufbau abgelehnt (Connection refused)
at java.net.PlainSocketImpl.socketConnect(Native Method)
at java.net.AbstractPlainSocketImpl.doConnect(AbstractPlainSocketImpl.java:350)
at java.net.AbstractPlainSocketImpl.connectToAddress(AbstractPlainSocketImpl.java:206)
at java.net.AbstractPlainSocketImpl.connect(AbstractPlainSocketImpl.java:188)
at java.net.SocksSocketImpl.connect(SocksSocketImpl.java:392)
at java.net.Socket.connect(Socket.java:607)
at org.jivesoftware.whack.ExternalComponent.connect(ExternalComponent.java:174)
… 11 more

WARNINGS (only these two occur multiple times)
Jicofo 2020-04-03 08:47:18.560 WARNUNG: [35] org.jitsi.jicofo.bridge.BridgeSelector.log() No pub-sub node mapped for jvbbrewery@internal.auth.192.168.178.90/2155bfd7-64fe-4909-9245-65e2d838e0d5
Jicofo 2020-04-03 08:47:11.985 WARNUNG: [11] org.jitsi.jicofo.FocusManager.log() No dedicated JVB MUC XMPP connection configured - falling back to the default XMPP connection

A new install did the trick - now it works!
I suspect that the pre-existing nginx was the cause of the problem. Now it was installed automatically during install of jitsi-meet.

1 Like

Hi, @StefanR I have the same problem, but I still have not been able to solve it. When you talk about the ports of NAT router, what do you mean? I’m a bit of a novice on port issues.

Thx