Only one user at time (NAT + Reverse Proxy)

With COVID confinement (in France), I try to install Jitsio in my enterprise.

But, only one user can access to meetings, when a second arrive, the first one is disconnected

Jitsi is installed through package on Ubuntu 18.04.
Server is an LXD container, so Jitsi is behind NAT and Reverse Proxy.

I’ve followed, the debamax.comblog post for reverse proxy configuration but with NGINX instead Apache.

Here is my configuration :
server {
listen 443;
ssl_certificate /etc/ssl/certs/; # wildcard cert
ssl_certificate_key /etc/ssl/private/;
access_log off;
large_client_header_buffers 4 16k;
proxy_ssl_verify off;
location / {
proxy_cache off;

Reverse proxy is also a LXD container, wich receive all 80/443 traffic and redirect it on other LXD containers depending the domain.

4443 and 10000 port are NATed (throught pfSense)

I changed /etc/jitsi/videobridge/ with:

  • NAT_HARVESTER_LOCAL_ADDRESS: IP of my Jitsi LXD container, ie

Thanks for your help

Hi Johan,

It seems that you have D-NATed the TCP port 10000 but no the UDP port 10000.


Sorry for the delay, even with UDP forwarding still not work :confused:


Hi Yoann,

I have a similar setup (lxc 18.04, without wildcad cert) running with the versions
apt install jitsi-meet=1.0.4101-1 jicofo=1.0-508-1 jitsi-meet-web=1.0.3729-1 jitsi-meet-web-config=1.0.3729-1 jitsi-meet-prosody=1.0.3729-1 jitsi-videobridge=1126-1

Any version greater jitsi-meet=1.0.4101-1 breaks my setup for unknown reasons and results in the same error.

In my case the wildcard cert is employed at a reverse proxy (synology) so that the container uses a self-signed cert.

Maybe a downgrade will resolve your issue, too?

Kind Regards

Silly question, but are you NATting 4443 to 443 via pfsense? In the first line of the image you have pasted, it looks like you are not change 4443 to 443, but keeping it as 4443?

1 Like

I managed a clean-install with a new container and apache. So maybe these issues were not related…

perhaps this will help

also keep in mind that with pfsense (haproxy), you can’t proxy udp. I don’t know what synology uses for reverse proxy, so you’ll need to check to see if it can proxy udp or not.

You Fix it ? I have the same issue with the same scenario, behind a pfSense too

Unfortunately no and I give up :frowning:
My coworkers start using Zoom and now it’s to late habits are taken :cry:

Yes Im close to give up too.

The painful thing is that it is a nice product, it hurts that the project owners do not even provide payment support.

I have the same problems. Any solution yet?