Synology NAS via Docker - Neither image nor sound when not accessing from localhost

Hi everyone,

I’ve install jitsi on my Synology NAS via Docker following this procedure : https://jitsi.github.io/handbook/docs/devops-guide/devops-guide-docker.

If I connect to a meeting via my PC + my phone (on Wifi, via Firefox or Chrome), I can see both webcam images from PC and phone. But I switch my phone internet connection to 4G, then, neither sound nor image is sent nor received from/to the phone. If I stay in 4G but connect in VPN, then it works fine again.

I tried disabling the Synology firewall, plus the one of my internet box and placing the Synology in a DMZ, but still the same.

Any idea ?

It sounds like UDP is not getting through - typically a firewall issue. You need to check that you can access reach your jitsi box with UDP on port 10000 when you’re on 4G, without the VPN.

@craigmj,

Normal I would also think it’s a firewall issue too, but he tried putting the Synology in the DMZ which should have opened up everything (obviously, not recommend for production but good for troubleshooting)

@VcNagZ, Welcome to the community!

Can you telnet to your Synology from outside on port 10000?
telnet meet.yourdomain.com 10000

I would disable P2P in your config. You are likely trying to connect those two devices directly, bypassing the DMZ Synology. So it’s not a good test.

Try joining your meeting with this link: https://meet.yourdomain.com/test#config.p2p.enabled=false

Thanks for kind answers :slight_smile:

I’ve not been able to reach 10000 port by telnet. I assume it is because it is maped by the Synology to docker. I’ve been able to telnet port 20000 but only when setted in TCP+UDP. Then this test meant the chain boxFirewall + boxNatRule + synologyFirewall is ok.

Then I changed the .env config by setting video port to 20000. Once again, in local everything work, but not when connected by the web.

It is my first use of Docker. May I have to setup something ? It would be strange as it seems 4443 port maping from the wan is already well routed whereas I didn’t do anything for that…

edit : still the same with this link https://meet.yourdomain.com/test#config.p2p.enabled=false :frowning:

@corby @Laurent @damencho

Do you have any clues for me ?

:smiley:

Hmm maybe there is some Synology NAT port filtering going on? Isn’t there a services/ports panel? Is the NAS firewall on it enabled? There are just so many features on the Synology…this could quickly get really challenging to debug on this community…

I don’t really have any other tips. I have a Synology disk station but no experience running Jitsi on it. It’s not very powerful. Even if I got it working on mine, I cannot imagine the CPU be would sufficient to run the Jitsi video bridge with much satisfaction, since it’s more geared toward NAS and file sharing.

Check out:

@corby I have finally found!

The problem was due to my DNS. Actually, my inernet provider doesn’t allow loop request. I mean, if my NAS is reachable with the URL test.example.com, if I try to access this adress from local, then the request doesn’t respond as the destination is also the source…

To avoid to have to use local IP and to not have problem with SSL certificate, I have set up a DNS on the synology to redirect *.example.com to 192.168.x.y, with a fall back to my internet provider DNS for all others domain. As this server was the primary DNS of the Synology, when JVB try to resolve meeting.example.com, it gets local IP instead of the public one.

To overcome this I have just set my internet provider DNS as the primary DNS of the syno, with a fall back on my personnal DNS. Everything works as before, except Jitsi works too now!

Thanks for your help :slight_smile: