Video black for 2 participants: what errors in prosody/jvb2 log are relevant?

I installed jitsi-meet from unstable (with jistsi-videobridge2) on a hosted server with public IP (changed to 1.2.3.4 in the logs below), served with apache2, with the meet.fqdn.com hostname in the DNS. I also only allowed authenticated users to host meetings (secure domain following https://github.com/jitsi/jicofo). I can connect as single person (host) to the server. Other can connect, too, but video does not get transmitted. The firewall allows incoming traffic at 10000/udp and 4443/tcp (and https, of course).

The first (host) client is running in LAN behind NAT (192.168.2.12, 172.17.0.1, 192.168.122.1, 192.168.100.10), the server is at 1.2.3.4 (public IP), the second client is over 4g (100.109.252.215).

I tried to isolate relevant log entries, though perhaps someone could tell me whether they are really relevant or not. The jvb2 entries all end with “Pair failed”.

prosody (not sure about Component not connected, is that okay?!):

Mar 28 08:38:48 jitsi-videobridge.meet.fqdn.com:component warn Component not connected, bouncing error for: <iq id='ZPH6B-548' type='get' to='jitsi-videobridge.meet.fqdn.com' from='focus@auth.meet.fqdn.com/focus21344584514491160'>
Mar 28 08:38:59 mod_bosh info New BOSH session, assigned it sid '2e9b9b40-671b-442e-a192-76f7cac762eb' 
Mar 28 08:38:59 bosh2e9b9b40-671b-442e-a192-76f7cac762eb info Authenticated as c389e853-538a-4cb0-bb92-3e14bb7c5ea8@guest.meet.fqdn.com

Mar 28 08:39:18 jitsi-videobridge.meet.fqdn.com:component warn Component not connected, bouncing error for:

jvb2 (as I understand, the conference host in LAN establishes connection to the server first):

2020-03-28 08:38:50.751 INFO: [17] Videobridge.createConference#326: create_conf, id=ac8dab017aee76a2 gid=null logging=false
...
2020-03-28 08:39:03.395 INFO: [49] [confId=f81ae052e2e402fd epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4 gid=ffd8d9 stats_id=Gustave-GU9 conf_name=matylda] DtlsTransport.startConnectivityEstablishment#190: The remote side is acting as DTLS client, we'll act as server 
2020-03-28 08:39:03.400 INFO: [49] [confId=f81ae052e2e402fd epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4 gid=ffd8d9 stats_id=Gustave-GU9 conf_name=matylda] IceTransport.startConnectivityEstablishment#413: Starting the Agent without remote candidates.  
2020-03-28 08:39:03.402 INFO: [49] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 conf_name=matylda ufrag=4s2fn1e4g4mnf4 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] Agent.startConnectivityEstablishment#751: Start ICE connectivity establishment. Local ufrag 4s2fn1e4g4mnf4 
2020-03-28 08:39:03.404 INFO: [49] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 conf_name=matylda ufrag=4s2fn1e4g4mnf4 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] Agent.initCheckLists#995: Init checklist for stream stream-da87f4e1 
2020-03-28 08:39:03.405 INFO: [49] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 conf_name=matylda ufrag=4s2fn1e4g4mnf4 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] Agent.setState#962: ICE state changed from Waiting to Running. Local ufrag 4s2fn1e4g4mnf4 
2020-03-28 08:39:03.406 INFO: [49] [confId=f81ae052e2e402fd epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4 gid=ffd8d9 stats_id=Gustave-GU9 conf_name=matylda] IceTransport.iceStateChange#605: ICE state changed old=Waiting new=Running 
2020-03-28 08:39:03.406 INFO: [49] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 conf_name=matylda ufrag=4s2fn1e4g4mnf4 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] ConnectivityCheckClient.startChecks#142: Start connectivity checks. Local ufrag 4s2fn1e4g4mnf4 
2020-03-28 08:39:03.426 INFO: [49] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 componentId=1 conf_name=matylda ufrag=4s2fn1e4g4mnf4 name=stream-da87f4e1 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] Component.addUpdateRemoteCandidates#347: Update remote candidate for stream-da87f4e1.RTP: 192.168.2.12:46705/udp 
2020-03-28 08:39:03.426 INFO: [49] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 componentId=1 conf_name=matylda ufrag=4s2fn1e4g4mnf4 name=stream-da87f4e1 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] Component.addUpdateRemoteCandidates#347: Update remote candidate for stream-da87f4e1.RTP: 192.168.100.1:43007/udp 
2020-03-28 08:39:03.426 INFO: [49] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 componentId=1 conf_name=matylda ufrag=4s2fn1e4g4mnf4 name=stream-da87f4e1 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] Component.addUpdateRemoteCandidates#347: Update remote candidate for stream-da87f4e1.RTP: 192.168.122.1:57533/udp 
2020-03-28 08:39:03.426 INFO: [49] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 componentId=1 conf_name=matylda ufrag=4s2fn1e4g4mnf4 name=stream-da87f4e1 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] Component.addUpdateRemoteCandidates#347: Update remote candidate for stream-da87f4e1.RTP: 172.17.0.1:58823/udp 
2020-03-28 08:39:03.426 INFO: [49] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 componentId=1 conf_name=matylda ufrag=4s2fn1e4g4mnf4 name=stream-da87f4e1 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] Component.updateRemoteCandidates#440: new Pair added: 1.2.3.4:10000/udp/host -> 192.168.2.12:46705/udp/host (stream-da87f4e1.RTP). Local ufrag 4s2fn1e4g4mnf4 
2020-03-28 08:39:03.426 INFO: [49] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 componentId=1 conf_name=matylda ufrag=4s2fn1e4g4mnf4 name=stream-da87f4e1 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] Component.updateRemoteCandidates#440: new Pair added: 1.2.3.4:10000/udp/host -> 192.168.100.1:43007/udp/host (stream-da87f4e1.RTP). Local ufrag 4s2fn1e4g4mnf4 
2020-03-28 08:39:03.427 INFO: [49] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 componentId=1 conf_name=matylda ufrag=4s2fn1e4g4mnf4 name=stream-da87f4e1 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] Component.updateRemoteCandidates#440: new Pair added: 1.2.3.4:10000/udp/host -> 192.168.122.1:57533/udp/host (stream-da87f4e1.RTP). Local ufrag 4s2fn1e4g4mnf4 
2020-03-28 08:39:03.427 INFO: [49] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 componentId=1 conf_name=matylda ufrag=4s2fn1e4g4mnf4 name=stream-da87f4e1 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] Component.updateRemoteCandidates#440: new Pair added: 1.2.3.4:10000/udp/host -> 172.17.0.1:58823/udp/host (stream-da87f4e1.RTP). Local ufrag 4s2fn1e4g4mnf4 
2020-03-28 08:39:03.441 INFO: [70] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 conf_name=matylda ufrag=4s2fn1e4g4mnf4 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] ConnectivityCheckClient$PaceMaker.run#922: Pair failed: 1.2.3.4:10000/udp/host -> 192.168.100.1:43007/udp/host (stream-da87f4e1.RTP) 
2020-03-28 08:39:03.463 INFO: [70] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 conf_name=matylda ufrag=4s2fn1e4g4mnf4 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] ConnectivityCheckClient$PaceMaker.run#922: Pair failed: 1.2.3.4:10000/udp/host -> 192.168.2.12:46705/udp/host (stream-da87f4e1.RTP) 
2020-03-28 08:39:03.484 INFO: [70] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 conf_name=matylda ufrag=4s2fn1e4g4mnf4 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] ConnectivityCheckClient$PaceMaker.run#922: Pair failed: 1.2.3.4:10000/udp/host -> 192.168.122.1:57533/udp/host (stream-da87f4e1.RTP) 
2020-03-28 08:39:03.507 INFO: [70] [confId=f81ae052e2e402fd gid=ffd8d9 stats_id=Gustave-GU9 conf_name=matylda ufrag=4s2fn1e4g4mnf4 epId=da87f4e1 local_ufrag=4s2fn1e4g4mnf4] ConnectivityCheckClient$PaceMaker.run#922: Pair failed: 1.2.3.4:10000/udp/host -> 172.17.0.1:58823/udp/host (stream-da87f4e1.RTP) 

And this is as the 4g client tries to establish connection (?):

2020-03-28 08:39:04.775 INFO: [49] [confId=f81ae052e2e402fd gid=ffd8d9 componentId=1 conf_name=matylda ufrag=c8s531e4g4moct name=stream-c389e853 epId=c389e853 local_ufrag=c8s531e4g4moct] Component.addUpdateRemoteCandidates#347: Update remote candidate for stream-c389e853.RTP: 100.109.252.215:60623/udp
2020-03-28 08:39:04.792 INFO: [70] [confId=f81ae052e2e402fd gid=ffd8d9 conf_name=matylda ufrag=c8s531e4g4moct epId=c389e853 local_ufrag=c8s531e4g4moct] ConnectivityCheckClient$PaceMaker.run#922: Pair failed: 1.2.3.4:10000/udp/host -> 100.109.252.215:60623/udp/host (stream-c389e853.RTP) 

Could someone offer an insight into this?

Should I perhaps purge the installation and test first without secure domain? Is there any hint this might be the issue?

Thanks!

Does you port forward of port usp 10000 works? Do you see in jvb logs on startup the correct addresses cat /var/log/jitsi/jvb.log | grep -i udplisten?

<feeling stupid> Good catch, thanks :slight_smile: The hosting has its own extra firewall I forgot about. After opening 10000 through the web interface there, everything works flawlessly. Thanks! </feeling stupid>