No audio/video for clients inside corporate network

Hello,

Need some help to configure properly our own self-hosting JITSI instance.

Everything is working fine for all clients exept for those who are in a corporate network behing a web proxy : they can connect to the webconf but no audio/video.

The official meet.jit.si webconfs are working perfectly with thoose restricted clients.

Therefore, we tried to install our own Coturn server with no chance.

Could anyone give us the path to follow in order to enable restricted clients behind web proxy to properly work ?

Thanks in advance for your help :slight_smile:

What is your deployment? Is it jitsi-meet on single machine?
By default jitsi-meet installs and runs a coturnserver on default turn ports, you just need a second DNS and make it work on port 443.

Hello,

Thanks a lot for this quick answer.
I’ve tried but still no video.

I don’t know if this can help but i noticed on the web console of the web browser that is inside the corporate network the following errors :

  • “websocket connection to wss://meet.mondomaine.com/colibri-ws/default-id/…” failed.
  • and “Channel closed : 1006”

Thank you for your help.

Pierre.

Do you have this in your nginx config?

Yes this is in my Nginx.

# colibri (JVB) websockets for jvb1
location ~ ^/colibri-ws/default-id/(.*) {
    proxy_pass http://127.0.0.1:9090/colibri-ws/default-id/$1$is_args$args;
    proxy_http_version 1.1;
    proxy_set_header Upgrade $http_upgrade;
    proxy_set_header Connection "upgrade";
    tcp_nodelay on;
}

… and it is responding :

telnet localhost 9090
Trying ::1...
Connected to localhost.
Escape character is '^]'.

Is it possible that you have some reverse proxy in front of nginx? Not sure what will be closing the connection then …

Hello,

Nothing is in front of nginx from server side.
From the browser i go throught a proxy that i don’t know the details.

Thank you so much for your help.

Is there an HTTP proxy on the client side?

yes

They should allow the direct access (not through the proxy) for this domain.

What i find weerd is that it works with the official meet.jit.si instance

It could be interesting for us to know the architecture (JVB, prosody, STUN, COTURN, etc.) of the official Jitsi instance (that worked perfectly).
Does anyone know it ?

If Nginx redirects the TURN traffic using the public IP and if the server cannot access the TURN server using its own public address, this will cause a problem too

find a solution by hosting the coturn on a different server. Thank you all.

1 Like

Hi Pierre,
Were having the exact same issue. I saw your solution and installed a coTURN on a didfernet stand-alone server ourselves.

Can you share your coTURN configuration? Are the JVBs connecting to it via 443 or 5349?

Any help will be greatly appreciated.

Thank you!