NAT Issue

[Partha Datta <da...@gmail.com>]

Hello,
I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
video.
I have Openmeeting server  behind a Linux firewall with NAT and opened up
5443 & 8888 ports. I can not see or hear the meeting participants nor he
can see me or hear.
The setup test, I can see my own voice and video.
Here is my nat table
rule family="ipv4" destination address="112.73.210.134" forward-port
port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port
port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"

public
  target: default
  icmp-block-inversion: no
  interfaces:
  sources:
  services: mdns dhcpv6-client
  ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

Could you please help me

Regards,
-- 
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."

Re: NAT Issue

[Partha Datta <da...@gmail.com>]

Hello Maxim,
[root@doc ~]# netstat -npl|grep 8888
tcp6       0      0 :::8888                 :::*                    LISTEN
     13844/docker-proxy
I have not installed TURN server, as I dont find one in the RPM repository
of FC27. Could you confirm if I could install the TURN in 192.168.1.11
server of my network diagram?  The server has Public IP
Regards,
Partha

On Mon, May 4, 2020 at 10:14 PM Maxim Solodovnik <so...@gmail.com>
wrote:

> Please check `netstat -npl|grep 8888`
> When you are starting dockerized KMS for ex. `docker run -v
> /home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
> -p 8888:8888 kurento/kurento-media-server`
> You make it available at `localhost:8888` due to forwarding
>
> to make everything workable behind NAT you need to ensure TURN is
> available outside the NAT
>
> On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com> wrote:
>
>> Hello Maxim,
>> Sorry, if I am not able to explain you properly, so attaching you a
>> network diagram of my setup. I have referred installation on  Fedora 30, it
>> doesn't talk about TURN installation, however I am installing on Fedora 27,
>> every thing works good in LAN & VPN but I can not access from PUBLIC
>> network. Hope I am clear now. Moreover the docker IP is not static. Do the
>> docker IP has to be in different Subnet?  I am also attaching you the NAT
>> table where OM, Docker & KMS is running.
>> [image: image.png]
>> netstat -ntp
>> [image: image.png]
>>
>>
>>
>>
>> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
>> wrote:
>>
>>> Hello Partha,
>>>
>>> this is something i don't understand :(
>>> I would expect KMS is accessible on the same IP
>>>
>>> Anyway you have to ensure correct KMS address is specified in OM config
>>> (and it is accessible to OM)
>>> and also accessible to TURN
>>>
>>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com> wrote:
>>>
>>>> Hello Maxim,
>>>> My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1, I
>>>> have not assigned any IP address to it. Do I need to change it to same
>>>> subnet or bind with the same IP address? If so can you tell me how to do
>>>> that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>>> Regards,
>>>> Partha
>>>>
>>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <so...@gmail.com>
>>>> wrote:
>>>>
>>>>> Finally I get to this thread :)
>>>>>
>>>>> I would suggest to check which network interfaces do you have
>>>>> And ensure OM, KMS and coturn are available at external network
>>>>> interface
>>>>>
>>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>>>>
>>>>>> Same at my side. It works as long as I’am in the lan (VPN is also in
>>>>>> the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>>>
>>>>>>
>>>>>>
>>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>>> user@openmeetings.apache.org>
>>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>>>>>> *Betreff: *Re: NAT Issue
>>>>>>
>>>>>>
>>>>>>
>>>>>> Hi Alvaro,
>>>>>>
>>>>>> No luck.. Here is my firewall configuration. But very strange.. it
>>>>>> works great when I get connected with VPN client
>>>>>>
>>>>>>
>>>>>>
>>>>>> FedoraServer (active)
>>>>>>   target: default
>>>>>>   icmp-block-inversion: no
>>>>>>   interfaces: enp5s10
>>>>>>   sources:
>>>>>>   services: ssh
>>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>>>   protocols:
>>>>>>   masquerade: yes
>>>>>>   forward-ports:
>>>>>>   source-ports:
>>>>>>   icmp-blocks:
>>>>>>   rich rules:
>>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>>> FedoraServer (active)
>>>>>>   target: default
>>>>>>   icmp-block-inversion: no
>>>>>>   interfaces: enp5s10
>>>>>>   sources:
>>>>>>   services: ssh
>>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>>>   protocols:
>>>>>>   masquerade: yes
>>>>>>   forward-ports:
>>>>>>   source-ports:
>>>>>>   icmp-blocks:
>>>>>>   rich rules:
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>>> to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>>>>>>
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Partha
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...Partha, please open in firewalld the ports:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> # service firewalld start
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>>> --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # service firewalld restart
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...and to see they are open:
>>>>>>
>>>>>>
>>>>>>
>>>>>> # firewall-cmd --list-all
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...and after this would be good stop the servers and reboot
>>>>>>
>>>>>> the machine.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ..................
>>>>>>
>>>>>>
>>>>>>
>>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>>
>>>>>> Hello Alvaro,
>>>>>>
>>>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>>>> server running openmeeting I cant access, even from the LAN, so I think  it
>>>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>>>> mentioned in the document you have sent on the local server . I shall do
>>>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>>>> port blocking.
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Partha
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>>
>>>>>> Partha and Julian, is neccesary to open that ports in the firewall and
>>>>>>
>>>>>> the router (both).
>>>>>>
>>>>>>
>>>>>>
>>>>>> Try without firewall to test (open ports in router).
>>>>>>
>>>>>>
>>>>>>
>>>>>> Are you in Ubuntu or Centos?
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ..............
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>>
>>>>>> Dear Alvaro,
>>>>>>
>>>>>>
>>>>>>
>>>>>> I have opened up all the port mentioned in the document but I keep
>>>>>> getting the error, stating failed to connect to media server.
>>>>>>
>>>>>> Does it need to do any other conficonfiguration.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Partha
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>>
>>>>>> ...that is for Ubuntu 18.04.
>>>>>>
>>>>>>
>>>>>>
>>>>>> And this is for Centos 7-8:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...................
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>>
>>>>>> ...take a look:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ................
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>>
>>>>>> Hello,
>>>>>>
>>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
>>>>>> audio & video.
>>>>>>
>>>>>> I have Openmeeting server  behind a Linux firewall with NAT and
>>>>>> opened up 5443 & 8888 ports. I can not see or hear the meeting participants
>>>>>> nor he can see me or hear.
>>>>>>
>>>>>> The setup test, I can see my own voice and video.
>>>>>>
>>>>>> Here is my nat table
>>>>>>
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>>>
>>>>>>
>>>>>>
>>>>>> public
>>>>>>   target: default
>>>>>>   icmp-block-inversion: no
>>>>>>   interfaces:
>>>>>>   sources:
>>>>>>   services: mdns dhcpv6-client
>>>>>>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>>>   protocols:
>>>>>>   masquerade: no
>>>>>>   forward-ports:
>>>>>>   source-ports:
>>>>>>   icmp-blocks:
>>>>>>   rich rules:
>>>>>>
>>>>>>
>>>>>>
>>>>>> Could you please help me
>>>>>>
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> --
>>>>>>
>>>>>> Partha
>>>>>> M +91-8825608651
>>>>>> Sent from mobile device
>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> Partha
>>>>>> M +91-8825608651
>>>>>> Sent from mobile device
>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>
>>>>>
>>>>
>>>> --
>>>> Partha
>>>> M +91-8825608651
>>>> Sent from mobile device
>>>> "If you worried about falling off the bike, you’d never..."
>>>>
>>>
>>>
>>> --
>>> Best regards,
>>> Maxim
>>>
>>
>>
>> --
>> Partha
>> M +91-8825608651
>> Sent from mobile device
>> "If you worried about falling off the bike, you’d never..."
>>
>
>
> --
> Best regards,
> Maxim
>


-- 
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."

Re: NAT Issue

[Maxim Solodovnik <so...@gmail.com>]

Unfortunately I have no experience with `fedora-coturn`
I'm using this one https://github.com/coturn/coturn

On Sun, 24 May 2020 at 02:37, Partha Datta <da...@gmail.com> wrote:

> Hi Maxim,
> I am stilling finding difficulty to install coturn. Here is the link I am
> following https://github.com/mugful/fedora-coturn
> the following command I have used. to install
>
> git clone https://github.com/mugful/fedora-coturn
> cd fedora-coturn
> docker build --force-rm -t mugful/fedora-coturn:master .
> docker run -d \
>     --name my_coturn \
>     -v /var/lib/coturn/turnserver.conf:/etc/turnserver/turnserver.conf:ro,z \
>     -p 3478:3478 -p 5349:5349 \
>     quay.io/mugful/fedora-coturn:master
>
> IT has created a bunch of directory in
>
> ls /var/lib/docker/overlay2/
> 018bf42d24bcdf050a5331795f059e0c4cc5140d74dc79240fd19939250a31ee       8b131842741af28c01fbe35b7445d1b4650a3114f2436447bad415ae06f053ec
> 1880ec93b59e55381e705ba8e2f6e810e9523659d244f170796980423f798e8d       8ef7213884b8f76cb216e674ae3a88325d1629e7e7f0c58bb73bbc3d7d6a37be
> 1dced65536ea85e7ba28e274bf65f2aae73b9abd052570990d620e5a07aec236       985a5bf6230b17883d49916754e2c3279d56668c6b784ec9b031989353d6396c
> 22c42c86137d7968b4284dd149bd40d79f6460e493a3df3409c5081946a20648       9b5b1a7de8f4c9917a96972139465711fe753b7b27e05b0beec88c3a171bdd22
> 446f22851a0507377ab6a15b5affa2ca0c58a528248d37d0b6606895ea14a425       9da9200d906eef49908205b1d09ef8bd3922cd533d37171732bef1ad235f0a43
> 614e31291c9e2c947e59d5665cedbe710319b5d74a48288b6be6e2b8a0fcdd78       ae677125288ef8538bd0e5eca6b9df4501f55a2795ed9e61f1f646b96dae31cb
> 63a73d1ebd55700e796bb57d8ae0ea7664add59de1bffe0ce67ce755372e26c0       c82488cc7f78e03c51ba54d01c47f361b36429060eaf41b59397acd1b961a04e
> 7b2c84324b1887aa5307848243da124137fde835eed4a6d2ea6faedc7606f8e9       ccf869146a3a4ba1c2c9d0d88e3e8a169fe4f7d90e4fb5ada1b1222a639fbcb8
> 7b2c84324b1887aa5307848243da124137fde835eed4a6d2ea6faedc7606f8e9-init  e6be882a55e88d7dab0fb21c9355a6b83455a62b3bd0a40107e5ab88a4664206
> 7e8012c09056023655deac193dffb497cbc0248409748a31803c3cd346d2ab2f       eefef789501bd4cebee7de3417932d6dec17f2451de909d48aeaa7e52a02ac97
> 7e8012c09056023655deac193dffb497cbc0248409748a31803c3cd346d2ab2f-init  ff379170f283a69a32e5e3eb6a1b335a7fd969bbc257bad3e678f4a77f058a4b
> 82e2479825ed6e16fc375f1bbdff042f10309c12a758adcf5ace5e1078fdfdd7       ff379170f283a69a32e5e3eb6a1b335a7fd969bbc257bad3e678f4a77f058a4b-init
> 853b24c5d54b6e5bf4818b132ff361aa343fa72b382616059b67681735893740       l
> 87009d6a4182d73c44118fae3f5229ee549a904782f13bf371360a67a2e55998
>
> I dont understand how what I should do next. Could you please help.
>
> Regards,
>
> Partha
>
>
>
>
>
>
> On Tue, May 19, 2020 at 6:59 AM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>> Hello Partha,
>>
>> It seems I missed the question :( (too much emails :((( )
>> TURN server should be able to handle connections for users behind NAT
>> Same time KMS should be fully accessible to it
>>
>> you can set it up on different server, but please ensure it has full
>> access to KMS
>>
>> On Tue, 19 May 2020 at 01:34, Partha Datta <da...@gmail.com> wrote:
>>
>>> Hello Maxim,
>>> I understand,  you have been busy. I was waiting  to hear back from you.
>>> I managed to get cturn for fedora 25. I have a doubt. Do I need to run
>>> cturn in the firewall server or I can run the cturn on the server I am
>>> running openmeeting? Which is behind the firewall server.
>>>
>>> Could you send me some reference, which will help me to overcome
>>> lockdown situations.
>>>
>>> Regards,
>>> Partha
>>>
>>> On Thu, May 7, 2020 at 6:37 AM Maxim Solodovnik <so...@gmail.com>
>>> wrote:
>>>
>>>> Hello Partha,
>>>>
>>>> sorry for keeping silence, I'm a bit overloaded :(
>>>>
>>>> I have no experience with `reTurnServer`, used only coturn, was sure it
>>>> is available for all distros :(
>>>> You need to make sure
>>>> - TURN is accessible from outside your NTA
>>>> - TURN can communicate with KMS
>>>>
>>>> On Wed, 6 May 2020 at 23:34, Partha Datta <da...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hi
>>>>> As discussed I have installed turn in a different server.
>>>>> [root@demo reTurn]# netstat -npl | grep -i turn
>>>>> tcp        0      0 0.0.0.0:3478            0.0.0.0:*
>>>>> LISTEN      8770/reTurnServer
>>>>> tcp6       0      0 :::3478                 :::*
>>>>>  LISTEN      8770/reTurnServer
>>>>> udp        0      0 0.0.0.0:3478            0.0.0.0:*
>>>>>           8770/reTurnServer
>>>>> udp6       0      0 :::3478                 :::*
>>>>>          8770/reTurnServer
>>>>> I have also edited the file
>>>>> /opt/open503/webapps/openmeetings/WEB-INF/classes/applicationContext.xml
>>>>>  <!-- Kurento -->
>>>>>         <bean id="kurentoHandler"
>>>>> class="org.apache.openmeetings.core.remote.KurentoHandler"
>>>>> init-method="init" destroy-method="destroy"
>>>>>                         p:kurentoWsUrl="ws://127.0.0.1:8888/kurento"
>>>>>                         p:checkTimeout="10000"
>>>>>                         p:watchThreadCount="10"
>>>>>                         p:turnUrl="125.85.210.130:3478"
>>>>>                         p:turnUser="kurento"
>>>>>                         p:turnSecret="ab5497d0f532dc7c24336ab0e74d5c"
>>>>>                         p:turnMode="rest"
>>>>>                         p:turnTtl="60"
>>>>>                         p:objCheckTimeout="200"
>>>>>                         />
>>>>> But still I cant access it from outside the LAN, Could you help me..
>>>>> Regards,
>>>>> Partha
>>>>>
>>>>> On Mon, May 4, 2020 at 10:14 PM Maxim Solodovnik <so...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Please check `netstat -npl|grep 8888`
>>>>>> When you are starting dockerized KMS for ex. `docker run -v
>>>>>> /home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
>>>>>> -p 8888:8888 kurento/kurento-media-server`
>>>>>> You make it available at `localhost:8888` due to forwarding
>>>>>>
>>>>>> to make everything workable behind NAT you need to ensure TURN is
>>>>>> available outside the NAT
>>>>>>
>>>>>> On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hello Maxim,
>>>>>>> Sorry, if I am not able to explain you properly, so attaching you a
>>>>>>> network diagram of my setup. I have referred installation on  Fedora 30, it
>>>>>>> doesn't talk about TURN installation, however I am installing on Fedora 27,
>>>>>>> every thing works good in LAN & VPN but I can not access from PUBLIC
>>>>>>> network. Hope I am clear now. Moreover the docker IP is not static. Do the
>>>>>>> docker IP has to be in different Subnet?  I am also attaching you the NAT
>>>>>>> table where OM, Docker & KMS is running.
>>>>>>> [image: image.png]
>>>>>>> netstat -ntp
>>>>>>> [image: image.png]
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <
>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>
>>>>>>>> Hello Partha,
>>>>>>>>
>>>>>>>> this is something i don't understand :(
>>>>>>>> I would expect KMS is accessible on the same IP
>>>>>>>>
>>>>>>>> Anyway you have to ensure correct KMS address is specified in OM
>>>>>>>> config (and it is accessible to OM)
>>>>>>>> and also accessible to TURN
>>>>>>>>
>>>>>>>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Hello Maxim,
>>>>>>>>> My server LAN IP is 192.168.1.16 and the docer is running
>>>>>>>>> 172.16.0.1, I have not assigned any IP address to it. Do I need to change
>>>>>>>>> it to same subnet or bind with the same IP address? If so can you tell me
>>>>>>>>> how to do that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>>>>>>>> Regards,
>>>>>>>>> Partha
>>>>>>>>>
>>>>>>>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <
>>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Finally I get to this thread :)
>>>>>>>>>>
>>>>>>>>>> I would suggest to check which network interfaces do you have
>>>>>>>>>> And ensure OM, KMS and coturn are available at external network
>>>>>>>>>> interface
>>>>>>>>>>
>>>>>>>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> Same at my side. It works as long as I’am in the lan (VPN is
>>>>>>>>>>> also in the lan) it works. Whe it comes to use the coturn server it doesn’t
>>>>>>>>>>> work.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>>>>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>>>>>>>> user@openmeetings.apache.org>
>>>>>>>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>>>>>>>> *An: *"user@openmeetings.apache.org" <
>>>>>>>>>>> user@openmeetings.apache.org>
>>>>>>>>>>> *Betreff: *Re: NAT Issue
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Hi Alvaro,
>>>>>>>>>>>
>>>>>>>>>>> No luck.. Here is my firewall configuration. But very strange..
>>>>>>>>>>> it works great when I get connected with VPN client
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> FedoraServer (active)
>>>>>>>>>>>   target: default
>>>>>>>>>>>   icmp-block-inversion: no
>>>>>>>>>>>   interfaces: enp5s10
>>>>>>>>>>>   sources:
>>>>>>>>>>>   services: ssh
>>>>>>>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>>>>> 49152-65535/udp
>>>>>>>>>>>   protocols:
>>>>>>>>>>>   masquerade: yes
>>>>>>>>>>>   forward-ports:
>>>>>>>>>>>   source-ports:
>>>>>>>>>>>   icmp-blocks:
>>>>>>>>>>>   rich rules:
>>>>>>>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>>>>>>>> FedoraServer (active)
>>>>>>>>>>>   target: default
>>>>>>>>>>>   icmp-block-inversion: no
>>>>>>>>>>>   interfaces: enp5s10
>>>>>>>>>>>   sources:
>>>>>>>>>>>   services: ssh
>>>>>>>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>>>>> 49152-65535/udp
>>>>>>>>>>>   protocols:
>>>>>>>>>>>   masquerade: yes
>>>>>>>>>>>   forward-ports:
>>>>>>>>>>>   source-ports:
>>>>>>>>>>>   icmp-blocks:
>>>>>>>>>>>   rich rules:
>>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>>> forward-port port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>>> forward-port port="3478" protocol="udp" to-port="3478"
>>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>>> forward-port port="3478" protocol="tcp" to-port="3478"
>>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>>
>>>>>>>>>>> Partha
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ...Partha, please open in firewalld the ports:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # service firewalld start
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>>>>>>>> --permanent
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # service firewalld restart
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ...and to see they are open:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # firewall-cmd --list-all
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ...and after this would be good stop the servers and reboot
>>>>>>>>>>>
>>>>>>>>>>> the machine.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ..................
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>>>>>>>
>>>>>>>>>>> Hello Alvaro,
>>>>>>>>>>>
>>>>>>>>>>> I am running in Fedora 27. When I enable Firewalld service in
>>>>>>>>>>> the server running openmeeting I cant access, even from the LAN, so I
>>>>>>>>>>> think  it is some thing to do with fire wall, I have not checked opening up
>>>>>>>>>>> the ports mentioned in the document you have sent on the local server . I
>>>>>>>>>>> shall do that today, and update you, to confirm if that is the issue with
>>>>>>>>>>> NAT or port blocking.
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>>
>>>>>>>>>>> Partha
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>> Partha and Julian, is neccesary to open that ports in the
>>>>>>>>>>> firewall and
>>>>>>>>>>>
>>>>>>>>>>> the router (both).
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Try without firewall to test (open ports in router).
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Are you in Ubuntu or Centos?
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ..............
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>>>>>>>
>>>>>>>>>>> Dear Alvaro,
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> I have opened up all the port mentioned in the document but I
>>>>>>>>>>> keep getting the error, stating failed to connect to media server.
>>>>>>>>>>>
>>>>>>>>>>> Does it need to do any other conficonfiguration.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>>
>>>>>>>>>>> Partha
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>> ...that is for Ubuntu 18.04.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> And this is for Centos 7-8:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ...................
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>>>>>>>
>>>>>>>>>>> ...take a look:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ................
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>>>>>>>
>>>>>>>>>>> Hello,
>>>>>>>>>>>
>>>>>>>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN
>>>>>>>>>>> both audio & video.
>>>>>>>>>>>
>>>>>>>>>>> I have Openmeeting server  behind a Linux firewall with NAT and
>>>>>>>>>>> opened up 5443 & 8888 ports. I can not see or hear the meeting participants
>>>>>>>>>>> nor he can see me or hear.
>>>>>>>>>>>
>>>>>>>>>>> The setup test, I can see my own voice and video.
>>>>>>>>>>>
>>>>>>>>>>> Here is my nat table
>>>>>>>>>>>
>>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> public
>>>>>>>>>>>   target: default
>>>>>>>>>>>   icmp-block-inversion: no
>>>>>>>>>>>   interfaces:
>>>>>>>>>>>   sources:
>>>>>>>>>>>   services: mdns dhcpv6-client
>>>>>>>>>>>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>>>>>>>>   protocols:
>>>>>>>>>>>   masquerade: no
>>>>>>>>>>>   forward-ports:
>>>>>>>>>>>   source-ports:
>>>>>>>>>>>   icmp-blocks:
>>>>>>>>>>>   rich rules:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Could you please help me
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>>
>>>>>>>>>>> Partha
>>>>>>>>>>> M +91-8825608651
>>>>>>>>>>> Sent from mobile device
>>>>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>>
>>>>>>>>>>> Partha
>>>>>>>>>>> M +91-8825608651
>>>>>>>>>>> Sent from mobile device
>>>>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Partha
>>>>>>>>> M +91-8825608651
>>>>>>>>> Sent from mobile device
>>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Best regards,
>>>>>>>> Maxim
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Partha
>>>>>>> M +91-8825608651
>>>>>>> Sent from mobile device
>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Best regards,
>>>>>> Maxim
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Partha
>>>>> M +91-8825608651
>>>>> Sent from mobile device
>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>
>>>>
>>>>
>>>> --
>>>> Best regards,
>>>> Maxim
>>>>
>>>
>>>
>>> --
>>> Partha
>>> M +91-8825608651
>>> Sent from mobile device
>>> "If you worried about falling off the bike, you’d never..."
>>>
>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
>
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>


-- 
Best regards,
Maxim

Re: NAT Issue

[Partha Datta <da...@gmail.com>]

Hi Maxim,
I am stilling finding difficulty to install coturn. Here is the link I am
following https://github.com/mugful/fedora-coturn
the following command I have used. to install

git clone https://github.com/mugful/fedora-coturn
cd fedora-coturn
docker build --force-rm -t mugful/fedora-coturn:master .
docker run -d \
    --name my_coturn \
    -v /var/lib/coturn/turnserver.conf:/etc/turnserver/turnserver.conf:ro,z \
    -p 3478:3478 -p 5349:5349 \
    quay.io/mugful/fedora-coturn:master

IT has created a bunch of directory in

ls /var/lib/docker/overlay2/
018bf42d24bcdf050a5331795f059e0c4cc5140d74dc79240fd19939250a31ee
8b131842741af28c01fbe35b7445d1b4650a3114f2436447bad415ae06f053ec
1880ec93b59e55381e705ba8e2f6e810e9523659d244f170796980423f798e8d
8ef7213884b8f76cb216e674ae3a88325d1629e7e7f0c58bb73bbc3d7d6a37be
1dced65536ea85e7ba28e274bf65f2aae73b9abd052570990d620e5a07aec236
985a5bf6230b17883d49916754e2c3279d56668c6b784ec9b031989353d6396c
22c42c86137d7968b4284dd149bd40d79f6460e493a3df3409c5081946a20648
9b5b1a7de8f4c9917a96972139465711fe753b7b27e05b0beec88c3a171bdd22
446f22851a0507377ab6a15b5affa2ca0c58a528248d37d0b6606895ea14a425
9da9200d906eef49908205b1d09ef8bd3922cd533d37171732bef1ad235f0a43
614e31291c9e2c947e59d5665cedbe710319b5d74a48288b6be6e2b8a0fcdd78
ae677125288ef8538bd0e5eca6b9df4501f55a2795ed9e61f1f646b96dae31cb
63a73d1ebd55700e796bb57d8ae0ea7664add59de1bffe0ce67ce755372e26c0
c82488cc7f78e03c51ba54d01c47f361b36429060eaf41b59397acd1b961a04e
7b2c84324b1887aa5307848243da124137fde835eed4a6d2ea6faedc7606f8e9
ccf869146a3a4ba1c2c9d0d88e3e8a169fe4f7d90e4fb5ada1b1222a639fbcb8
7b2c84324b1887aa5307848243da124137fde835eed4a6d2ea6faedc7606f8e9-init
e6be882a55e88d7dab0fb21c9355a6b83455a62b3bd0a40107e5ab88a4664206
7e8012c09056023655deac193dffb497cbc0248409748a31803c3cd346d2ab2f
eefef789501bd4cebee7de3417932d6dec17f2451de909d48aeaa7e52a02ac97
7e8012c09056023655deac193dffb497cbc0248409748a31803c3cd346d2ab2f-init
ff379170f283a69a32e5e3eb6a1b335a7fd969bbc257bad3e678f4a77f058a4b
82e2479825ed6e16fc375f1bbdff042f10309c12a758adcf5ace5e1078fdfdd7
ff379170f283a69a32e5e3eb6a1b335a7fd969bbc257bad3e678f4a77f058a4b-init
853b24c5d54b6e5bf4818b132ff361aa343fa72b382616059b67681735893740       l
87009d6a4182d73c44118fae3f5229ee549a904782f13bf371360a67a2e55998

I dont understand how what I should do next. Could you please help.

Regards,

Partha






On Tue, May 19, 2020 at 6:59 AM Maxim Solodovnik <so...@gmail.com>
wrote:

> Hello Partha,
>
> It seems I missed the question :( (too much emails :((( )
> TURN server should be able to handle connections for users behind NAT
> Same time KMS should be fully accessible to it
>
> you can set it up on different server, but please ensure it has full
> access to KMS
>
> On Tue, 19 May 2020 at 01:34, Partha Datta <da...@gmail.com> wrote:
>
>> Hello Maxim,
>> I understand,  you have been busy. I was waiting  to hear back from you.
>> I managed to get cturn for fedora 25. I have a doubt. Do I need to run
>> cturn in the firewall server or I can run the cturn on the server I am
>> running openmeeting? Which is behind the firewall server.
>>
>> Could you send me some reference, which will help me to overcome lockdown
>> situations.
>>
>> Regards,
>> Partha
>>
>> On Thu, May 7, 2020 at 6:37 AM Maxim Solodovnik <so...@gmail.com>
>> wrote:
>>
>>> Hello Partha,
>>>
>>> sorry for keeping silence, I'm a bit overloaded :(
>>>
>>> I have no experience with `reTurnServer`, used only coturn, was sure it
>>> is available for all distros :(
>>> You need to make sure
>>> - TURN is accessible from outside your NTA
>>> - TURN can communicate with KMS
>>>
>>> On Wed, 6 May 2020 at 23:34, Partha Datta <da...@gmail.com> wrote:
>>>
>>>> Hi
>>>> As discussed I have installed turn in a different server.
>>>> [root@demo reTurn]# netstat -npl | grep -i turn
>>>> tcp        0      0 0.0.0.0:3478            0.0.0.0:*
>>>> LISTEN      8770/reTurnServer
>>>> tcp6       0      0 :::3478                 :::*
>>>>  LISTEN      8770/reTurnServer
>>>> udp        0      0 0.0.0.0:3478            0.0.0.0:*
>>>>           8770/reTurnServer
>>>> udp6       0      0 :::3478                 :::*
>>>>          8770/reTurnServer
>>>> I have also edited the file
>>>> /opt/open503/webapps/openmeetings/WEB-INF/classes/applicationContext.xml
>>>>  <!-- Kurento -->
>>>>         <bean id="kurentoHandler"
>>>> class="org.apache.openmeetings.core.remote.KurentoHandler"
>>>> init-method="init" destroy-method="destroy"
>>>>                         p:kurentoWsUrl="ws://127.0.0.1:8888/kurento"
>>>>                         p:checkTimeout="10000"
>>>>                         p:watchThreadCount="10"
>>>>                         p:turnUrl="125.85.210.130:3478"
>>>>                         p:turnUser="kurento"
>>>>                         p:turnSecret="ab5497d0f532dc7c24336ab0e74d5c"
>>>>                         p:turnMode="rest"
>>>>                         p:turnTtl="60"
>>>>                         p:objCheckTimeout="200"
>>>>                         />
>>>> But still I cant access it from outside the LAN, Could you help me..
>>>> Regards,
>>>> Partha
>>>>
>>>> On Mon, May 4, 2020 at 10:14 PM Maxim Solodovnik <so...@gmail.com>
>>>> wrote:
>>>>
>>>>> Please check `netstat -npl|grep 8888`
>>>>> When you are starting dockerized KMS for ex. `docker run -v
>>>>> /home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
>>>>> -p 8888:8888 kurento/kurento-media-server`
>>>>> You make it available at `localhost:8888` due to forwarding
>>>>>
>>>>> to make everything workable behind NAT you need to ensure TURN is
>>>>> available outside the NAT
>>>>>
>>>>> On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hello Maxim,
>>>>>> Sorry, if I am not able to explain you properly, so attaching you a
>>>>>> network diagram of my setup. I have referred installation on  Fedora 30, it
>>>>>> doesn't talk about TURN installation, however I am installing on Fedora 27,
>>>>>> every thing works good in LAN & VPN but I can not access from PUBLIC
>>>>>> network. Hope I am clear now. Moreover the docker IP is not static. Do the
>>>>>> docker IP has to be in different Subnet?  I am also attaching you the NAT
>>>>>> table where OM, Docker & KMS is running.
>>>>>> [image: image.png]
>>>>>> netstat -ntp
>>>>>> [image: image.png]
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hello Partha,
>>>>>>>
>>>>>>> this is something i don't understand :(
>>>>>>> I would expect KMS is accessible on the same IP
>>>>>>>
>>>>>>> Anyway you have to ensure correct KMS address is specified in OM
>>>>>>> config (and it is accessible to OM)
>>>>>>> and also accessible to TURN
>>>>>>>
>>>>>>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Hello Maxim,
>>>>>>>> My server LAN IP is 192.168.1.16 and the docer is running
>>>>>>>> 172.16.0.1, I have not assigned any IP address to it. Do I need to change
>>>>>>>> it to same subnet or bind with the same IP address? If so can you tell me
>>>>>>>> how to do that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>>>>>>> Regards,
>>>>>>>> Partha
>>>>>>>>
>>>>>>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <
>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Finally I get to this thread :)
>>>>>>>>>
>>>>>>>>> I would suggest to check which network interfaces do you have
>>>>>>>>> And ensure OM, KMS and coturn are available at external network
>>>>>>>>> interface
>>>>>>>>>
>>>>>>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> Same at my side. It works as long as I’am in the lan (VPN is also
>>>>>>>>>> in the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>>>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>>>>>>> user@openmeetings.apache.org>
>>>>>>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>>>>>>> *An: *"user@openmeetings.apache.org" <
>>>>>>>>>> user@openmeetings.apache.org>
>>>>>>>>>> *Betreff: *Re: NAT Issue
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Hi Alvaro,
>>>>>>>>>>
>>>>>>>>>> No luck.. Here is my firewall configuration. But very strange..
>>>>>>>>>> it works great when I get connected with VPN client
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> FedoraServer (active)
>>>>>>>>>>   target: default
>>>>>>>>>>   icmp-block-inversion: no
>>>>>>>>>>   interfaces: enp5s10
>>>>>>>>>>   sources:
>>>>>>>>>>   services: ssh
>>>>>>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>>>> 49152-65535/udp
>>>>>>>>>>   protocols:
>>>>>>>>>>   masquerade: yes
>>>>>>>>>>   forward-ports:
>>>>>>>>>>   source-ports:
>>>>>>>>>>   icmp-blocks:
>>>>>>>>>>   rich rules:
>>>>>>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>>>>>>> FedoraServer (active)
>>>>>>>>>>   target: default
>>>>>>>>>>   icmp-block-inversion: no
>>>>>>>>>>   interfaces: enp5s10
>>>>>>>>>>   sources:
>>>>>>>>>>   services: ssh
>>>>>>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>>>> 49152-65535/udp
>>>>>>>>>>   protocols:
>>>>>>>>>>   masquerade: yes
>>>>>>>>>>   forward-ports:
>>>>>>>>>>   source-ports:
>>>>>>>>>>   icmp-blocks:
>>>>>>>>>>   rich rules:
>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>> forward-port port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>> forward-port port="3478" protocol="udp" to-port="3478"
>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>> forward-port port="3478" protocol="tcp" to-port="3478"
>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>>
>>>>>>>>>> Partha
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ...Partha, please open in firewalld the ports:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # service firewalld start
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>>>>>>> --permanent
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # service firewalld restart
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ...and to see they are open:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # firewall-cmd --list-all
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ...and after this would be good stop the servers and reboot
>>>>>>>>>>
>>>>>>>>>> the machine.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ..................
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>>>>>>
>>>>>>>>>> Hello Alvaro,
>>>>>>>>>>
>>>>>>>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>>>>>>>> server running openmeeting I cant access, even from the LAN, so I think  it
>>>>>>>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>>>>>>>> mentioned in the document you have sent on the local server . I shall do
>>>>>>>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>>>>>>>> port blocking.
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>>
>>>>>>>>>> Partha
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>> Partha and Julian, is neccesary to open that ports in the
>>>>>>>>>> firewall and
>>>>>>>>>>
>>>>>>>>>> the router (both).
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Try without firewall to test (open ports in router).
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Are you in Ubuntu or Centos?
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ..............
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>>>>>>
>>>>>>>>>> Dear Alvaro,
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> I have opened up all the port mentioned in the document but I
>>>>>>>>>> keep getting the error, stating failed to connect to media server.
>>>>>>>>>>
>>>>>>>>>> Does it need to do any other conficonfiguration.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>>
>>>>>>>>>> Partha
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>> ...that is for Ubuntu 18.04.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> And this is for Centos 7-8:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ...................
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>>>>>>
>>>>>>>>>> ...take a look:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ................
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>>>>>>
>>>>>>>>>> Hello,
>>>>>>>>>>
>>>>>>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
>>>>>>>>>> audio & video.
>>>>>>>>>>
>>>>>>>>>> I have Openmeeting server  behind a Linux firewall with NAT and
>>>>>>>>>> opened up 5443 & 8888 ports. I can not see or hear the meeting participants
>>>>>>>>>> nor he can see me or hear.
>>>>>>>>>>
>>>>>>>>>> The setup test, I can see my own voice and video.
>>>>>>>>>>
>>>>>>>>>> Here is my nat table
>>>>>>>>>>
>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> public
>>>>>>>>>>   target: default
>>>>>>>>>>   icmp-block-inversion: no
>>>>>>>>>>   interfaces:
>>>>>>>>>>   sources:
>>>>>>>>>>   services: mdns dhcpv6-client
>>>>>>>>>>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>>>>>>>   protocols:
>>>>>>>>>>   masquerade: no
>>>>>>>>>>   forward-ports:
>>>>>>>>>>   source-ports:
>>>>>>>>>>   icmp-blocks:
>>>>>>>>>>   rich rules:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Could you please help me
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>>
>>>>>>>>>> Partha
>>>>>>>>>> M +91-8825608651
>>>>>>>>>> Sent from mobile device
>>>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>>
>>>>>>>>>> Partha
>>>>>>>>>> M +91-8825608651
>>>>>>>>>> Sent from mobile device
>>>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Partha
>>>>>>>> M +91-8825608651
>>>>>>>> Sent from mobile device
>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Best regards,
>>>>>>> Maxim
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Partha
>>>>>> M +91-8825608651
>>>>>> Sent from mobile device
>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Best regards,
>>>>> Maxim
>>>>>
>>>>
>>>>
>>>> --
>>>> Partha
>>>> M +91-8825608651
>>>> Sent from mobile device
>>>> "If you worried about falling off the bike, you’d never..."
>>>>
>>>
>>>
>>> --
>>> Best regards,
>>> Maxim
>>>
>>
>>
>> --
>> Partha
>> M +91-8825608651
>> Sent from mobile device
>> "If you worried about falling off the bike, you’d never..."
>>
>
>
> --
> Best regards,
> Maxim
>


-- 
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."

Re: NAT Issue

[Maxim Solodovnik <so...@gmail.com>]

Hello Partha,

It seems I missed the question :( (too much emails :((( )
TURN server should be able to handle connections for users behind NAT
Same time KMS should be fully accessible to it

you can set it up on different server, but please ensure it has full access
to KMS

On Tue, 19 May 2020 at 01:34, Partha Datta <da...@gmail.com> wrote:

> Hello Maxim,
> I understand,  you have been busy. I was waiting  to hear back from you.
> I managed to get cturn for fedora 25. I have a doubt. Do I need to run
> cturn in the firewall server or I can run the cturn on the server I am
> running openmeeting? Which is behind the firewall server.
>
> Could you send me some reference, which will help me to overcome lockdown
> situations.
>
> Regards,
> Partha
>
> On Thu, May 7, 2020 at 6:37 AM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>> Hello Partha,
>>
>> sorry for keeping silence, I'm a bit overloaded :(
>>
>> I have no experience with `reTurnServer`, used only coturn, was sure it
>> is available for all distros :(
>> You need to make sure
>> - TURN is accessible from outside your NTA
>> - TURN can communicate with KMS
>>
>> On Wed, 6 May 2020 at 23:34, Partha Datta <da...@gmail.com> wrote:
>>
>>> Hi
>>> As discussed I have installed turn in a different server.
>>> [root@demo reTurn]# netstat -npl | grep -i turn
>>> tcp        0      0 0.0.0.0:3478            0.0.0.0:*
>>> LISTEN      8770/reTurnServer
>>> tcp6       0      0 :::3478                 :::*
>>>  LISTEN      8770/reTurnServer
>>> udp        0      0 0.0.0.0:3478            0.0.0.0:*
>>>         8770/reTurnServer
>>> udp6       0      0 :::3478                 :::*
>>>        8770/reTurnServer
>>> I have also edited the file
>>> /opt/open503/webapps/openmeetings/WEB-INF/classes/applicationContext.xml
>>>  <!-- Kurento -->
>>>         <bean id="kurentoHandler"
>>> class="org.apache.openmeetings.core.remote.KurentoHandler"
>>> init-method="init" destroy-method="destroy"
>>>                         p:kurentoWsUrl="ws://127.0.0.1:8888/kurento"
>>>                         p:checkTimeout="10000"
>>>                         p:watchThreadCount="10"
>>>                         p:turnUrl="125.85.210.130:3478"
>>>                         p:turnUser="kurento"
>>>                         p:turnSecret="ab5497d0f532dc7c24336ab0e74d5c"
>>>                         p:turnMode="rest"
>>>                         p:turnTtl="60"
>>>                         p:objCheckTimeout="200"
>>>                         />
>>> But still I cant access it from outside the LAN, Could you help me..
>>> Regards,
>>> Partha
>>>
>>> On Mon, May 4, 2020 at 10:14 PM Maxim Solodovnik <so...@gmail.com>
>>> wrote:
>>>
>>>> Please check `netstat -npl|grep 8888`
>>>> When you are starting dockerized KMS for ex. `docker run -v
>>>> /home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
>>>> -p 8888:8888 kurento/kurento-media-server`
>>>> You make it available at `localhost:8888` due to forwarding
>>>>
>>>> to make everything workable behind NAT you need to ensure TURN is
>>>> available outside the NAT
>>>>
>>>> On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hello Maxim,
>>>>> Sorry, if I am not able to explain you properly, so attaching you a
>>>>> network diagram of my setup. I have referred installation on  Fedora 30, it
>>>>> doesn't talk about TURN installation, however I am installing on Fedora 27,
>>>>> every thing works good in LAN & VPN but I can not access from PUBLIC
>>>>> network. Hope I am clear now. Moreover the docker IP is not static. Do the
>>>>> docker IP has to be in different Subnet?  I am also attaching you the NAT
>>>>> table where OM, Docker & KMS is running.
>>>>> [image: image.png]
>>>>> netstat -ntp
>>>>> [image: image.png]
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hello Partha,
>>>>>>
>>>>>> this is something i don't understand :(
>>>>>> I would expect KMS is accessible on the same IP
>>>>>>
>>>>>> Anyway you have to ensure correct KMS address is specified in OM
>>>>>> config (and it is accessible to OM)
>>>>>> and also accessible to TURN
>>>>>>
>>>>>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hello Maxim,
>>>>>>> My server LAN IP is 192.168.1.16 and the docer is running
>>>>>>> 172.16.0.1, I have not assigned any IP address to it. Do I need to change
>>>>>>> it to same subnet or bind with the same IP address? If so can you tell me
>>>>>>> how to do that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>>>>>> Regards,
>>>>>>> Partha
>>>>>>>
>>>>>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <
>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>
>>>>>>>> Finally I get to this thread :)
>>>>>>>>
>>>>>>>> I would suggest to check which network interfaces do you have
>>>>>>>> And ensure OM, KMS and coturn are available at external network
>>>>>>>> interface
>>>>>>>>
>>>>>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>>>>>>>
>>>>>>>>> Same at my side. It works as long as I’am in the lan (VPN is also
>>>>>>>>> in the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>>>>>> user@openmeetings.apache.org>
>>>>>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>>>>>> *An: *"user@openmeetings.apache.org" <user@openmeetings.apache.org
>>>>>>>>> >
>>>>>>>>> *Betreff: *Re: NAT Issue
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Hi Alvaro,
>>>>>>>>>
>>>>>>>>> No luck.. Here is my firewall configuration. But very strange.. it
>>>>>>>>> works great when I get connected with VPN client
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> FedoraServer (active)
>>>>>>>>>   target: default
>>>>>>>>>   icmp-block-inversion: no
>>>>>>>>>   interfaces: enp5s10
>>>>>>>>>   sources:
>>>>>>>>>   services: ssh
>>>>>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>>> 49152-65535/udp
>>>>>>>>>   protocols:
>>>>>>>>>   masquerade: yes
>>>>>>>>>   forward-ports:
>>>>>>>>>   source-ports:
>>>>>>>>>   icmp-blocks:
>>>>>>>>>   rich rules:
>>>>>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>>>>>> FedoraServer (active)
>>>>>>>>>   target: default
>>>>>>>>>   icmp-block-inversion: no
>>>>>>>>>   interfaces: enp5s10
>>>>>>>>>   sources:
>>>>>>>>>   services: ssh
>>>>>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>>> 49152-65535/udp
>>>>>>>>>   protocols:
>>>>>>>>>   masquerade: yes
>>>>>>>>>   forward-ports:
>>>>>>>>>   source-ports:
>>>>>>>>>   icmp-blocks:
>>>>>>>>>   rich rules:
>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>> forward-port port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>> forward-port port="3478" protocol="udp" to-port="3478"
>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>> forward-port port="3478" protocol="tcp" to-port="3478"
>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>>
>>>>>>>>> Partha
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ...Partha, please open in firewalld the ports:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # service firewalld start
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>>>>>> --permanent
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # service firewalld restart
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ...and to see they are open:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # firewall-cmd --list-all
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ...and after this would be good stop the servers and reboot
>>>>>>>>>
>>>>>>>>> the machine.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ..................
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>>>>>
>>>>>>>>> Hello Alvaro,
>>>>>>>>>
>>>>>>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>>>>>>> server running openmeeting I cant access, even from the LAN, so I think  it
>>>>>>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>>>>>>> mentioned in the document you have sent on the local server . I shall do
>>>>>>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>>>>>>> port blocking.
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>>
>>>>>>>>> Partha
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>>
>>>>>>>>> Partha and Julian, is neccesary to open that ports in the firewall
>>>>>>>>> and
>>>>>>>>>
>>>>>>>>> the router (both).
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Try without firewall to test (open ports in router).
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Are you in Ubuntu or Centos?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ..............
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>>>>>
>>>>>>>>> Dear Alvaro,
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> I have opened up all the port mentioned in the document but I keep
>>>>>>>>> getting the error, stating failed to connect to media server.
>>>>>>>>>
>>>>>>>>> Does it need to do any other conficonfiguration.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>>
>>>>>>>>> Partha
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>>
>>>>>>>>> ...that is for Ubuntu 18.04.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> And this is for Centos 7-8:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ...................
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>>>>>
>>>>>>>>> ...take a look:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ................
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>>>>>
>>>>>>>>> Hello,
>>>>>>>>>
>>>>>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
>>>>>>>>> audio & video.
>>>>>>>>>
>>>>>>>>> I have Openmeeting server  behind a Linux firewall with NAT and
>>>>>>>>> opened up 5443 & 8888 ports. I can not see or hear the meeting participants
>>>>>>>>> nor he can see me or hear.
>>>>>>>>>
>>>>>>>>> The setup test, I can see my own voice and video.
>>>>>>>>>
>>>>>>>>> Here is my nat table
>>>>>>>>>
>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> public
>>>>>>>>>   target: default
>>>>>>>>>   icmp-block-inversion: no
>>>>>>>>>   interfaces:
>>>>>>>>>   sources:
>>>>>>>>>   services: mdns dhcpv6-client
>>>>>>>>>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>>>>>>   protocols:
>>>>>>>>>   masquerade: no
>>>>>>>>>   forward-ports:
>>>>>>>>>   source-ports:
>>>>>>>>>   icmp-blocks:
>>>>>>>>>   rich rules:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Could you please help me
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>>
>>>>>>>>> Partha
>>>>>>>>> M +91-8825608651
>>>>>>>>> Sent from mobile device
>>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>>
>>>>>>>>> Partha
>>>>>>>>> M +91-8825608651
>>>>>>>>> Sent from mobile device
>>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Partha
>>>>>>> M +91-8825608651
>>>>>>> Sent from mobile device
>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Best regards,
>>>>>> Maxim
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Partha
>>>>> M +91-8825608651
>>>>> Sent from mobile device
>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>
>>>>
>>>>
>>>> --
>>>> Best regards,
>>>> Maxim
>>>>
>>>
>>>
>>> --
>>> Partha
>>> M +91-8825608651
>>> Sent from mobile device
>>> "If you worried about falling off the bike, you’d never..."
>>>
>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
>
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>


-- 
Best regards,
Maxim

Re: NAT Issue

[Partha Datta <da...@gmail.com>]

Hello Maxim,
I understand,  you have been busy. I was waiting  to hear back from you.
I managed to get cturn for fedora 25. I have a doubt. Do I need to run
cturn in the firewall server or I can run the cturn on the server I am
running openmeeting? Which is behind the firewall server.

Could you send me some reference, which will help me to overcome lockdown
situations.

Regards,
Partha

On Thu, May 7, 2020 at 6:37 AM Maxim Solodovnik <so...@gmail.com>
wrote:

> Hello Partha,
>
> sorry for keeping silence, I'm a bit overloaded :(
>
> I have no experience with `reTurnServer`, used only coturn, was sure it is
> available for all distros :(
> You need to make sure
> - TURN is accessible from outside your NTA
> - TURN can communicate with KMS
>
> On Wed, 6 May 2020 at 23:34, Partha Datta <da...@gmail.com> wrote:
>
>> Hi
>> As discussed I have installed turn in a different server.
>> [root@demo reTurn]# netstat -npl | grep -i turn
>> tcp        0      0 0.0.0.0:3478            0.0.0.0:*
>> LISTEN      8770/reTurnServer
>> tcp6       0      0 :::3478                 :::*
>>  LISTEN      8770/reTurnServer
>> udp        0      0 0.0.0.0:3478            0.0.0.0:*
>>         8770/reTurnServer
>> udp6       0      0 :::3478                 :::*
>>        8770/reTurnServer
>> I have also edited the file
>> /opt/open503/webapps/openmeetings/WEB-INF/classes/applicationContext.xml
>>  <!-- Kurento -->
>>         <bean id="kurentoHandler"
>> class="org.apache.openmeetings.core.remote.KurentoHandler"
>> init-method="init" destroy-method="destroy"
>>                         p:kurentoWsUrl="ws://127.0.0.1:8888/kurento"
>>                         p:checkTimeout="10000"
>>                         p:watchThreadCount="10"
>>                         p:turnUrl="125.85.210.130:3478"
>>                         p:turnUser="kurento"
>>                         p:turnSecret="ab5497d0f532dc7c24336ab0e74d5c"
>>                         p:turnMode="rest"
>>                         p:turnTtl="60"
>>                         p:objCheckTimeout="200"
>>                         />
>> But still I cant access it from outside the LAN, Could you help me..
>> Regards,
>> Partha
>>
>> On Mon, May 4, 2020 at 10:14 PM Maxim Solodovnik <so...@gmail.com>
>> wrote:
>>
>>> Please check `netstat -npl|grep 8888`
>>> When you are starting dockerized KMS for ex. `docker run -v
>>> /home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
>>> -p 8888:8888 kurento/kurento-media-server`
>>> You make it available at `localhost:8888` due to forwarding
>>>
>>> to make everything workable behind NAT you need to ensure TURN is
>>> available outside the NAT
>>>
>>> On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com> wrote:
>>>
>>>> Hello Maxim,
>>>> Sorry, if I am not able to explain you properly, so attaching you a
>>>> network diagram of my setup. I have referred installation on  Fedora 30, it
>>>> doesn't talk about TURN installation, however I am installing on Fedora 27,
>>>> every thing works good in LAN & VPN but I can not access from PUBLIC
>>>> network. Hope I am clear now. Moreover the docker IP is not static. Do the
>>>> docker IP has to be in different Subnet?  I am also attaching you the NAT
>>>> table where OM, Docker & KMS is running.
>>>> [image: image.png]
>>>> netstat -ntp
>>>> [image: image.png]
>>>>
>>>>
>>>>
>>>>
>>>> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hello Partha,
>>>>>
>>>>> this is something i don't understand :(
>>>>> I would expect KMS is accessible on the same IP
>>>>>
>>>>> Anyway you have to ensure correct KMS address is specified in OM
>>>>> config (and it is accessible to OM)
>>>>> and also accessible to TURN
>>>>>
>>>>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hello Maxim,
>>>>>> My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1,
>>>>>> I have not assigned any IP address to it. Do I need to change it to same
>>>>>> subnet or bind with the same IP address? If so can you tell me how to do
>>>>>> that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>>>>> Regards,
>>>>>> Partha
>>>>>>
>>>>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <
>>>>>> solomax666@gmail.com> wrote:
>>>>>>
>>>>>>> Finally I get to this thread :)
>>>>>>>
>>>>>>> I would suggest to check which network interfaces do you have
>>>>>>> And ensure OM, KMS and coturn are available at external network
>>>>>>> interface
>>>>>>>
>>>>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>>>>>>
>>>>>>>> Same at my side. It works as long as I’am in the lan (VPN is also
>>>>>>>> in the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>>>>> user@openmeetings.apache.org>
>>>>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>>>>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>>>>>>>> *Betreff: *Re: NAT Issue
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Hi Alvaro,
>>>>>>>>
>>>>>>>> No luck.. Here is my firewall configuration. But very strange.. it
>>>>>>>> works great when I get connected with VPN client
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> FedoraServer (active)
>>>>>>>>   target: default
>>>>>>>>   icmp-block-inversion: no
>>>>>>>>   interfaces: enp5s10
>>>>>>>>   sources:
>>>>>>>>   services: ssh
>>>>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>> 49152-65535/udp
>>>>>>>>   protocols:
>>>>>>>>   masquerade: yes
>>>>>>>>   forward-ports:
>>>>>>>>   source-ports:
>>>>>>>>   icmp-blocks:
>>>>>>>>   rich rules:
>>>>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>>>>> FedoraServer (active)
>>>>>>>>   target: default
>>>>>>>>   icmp-block-inversion: no
>>>>>>>>   interfaces: enp5s10
>>>>>>>>   sources:
>>>>>>>>   services: ssh
>>>>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>> 49152-65535/udp
>>>>>>>>   protocols:
>>>>>>>>   masquerade: yes
>>>>>>>>   forward-ports:
>>>>>>>>   source-ports:
>>>>>>>>   icmp-blocks:
>>>>>>>>   rich rules:
>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>> to-addr="192.168.110.16"
>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>> to-addr="192.168.110.16"
>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>> forward-port port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>>>>> to-addr="192.168.110.16"
>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>> forward-port port="3478" protocol="udp" to-port="3478"
>>>>>>>> to-addr="192.168.110.16"
>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>> forward-port port="3478" protocol="tcp" to-port="3478"
>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>>
>>>>>>>> Partha
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ...Partha, please open in firewalld the ports:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # service firewalld start
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>>>>> --permanent
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # service firewalld restart
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ...and to see they are open:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # firewall-cmd --list-all
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ...and after this would be good stop the servers and reboot
>>>>>>>>
>>>>>>>> the machine.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ..................
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>>>>
>>>>>>>> Hello Alvaro,
>>>>>>>>
>>>>>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>>>>>> server running openmeeting I cant access, even from the LAN, so I think  it
>>>>>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>>>>>> mentioned in the document you have sent on the local server . I shall do
>>>>>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>>>>>> port blocking.
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>>
>>>>>>>> Partha
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>
>>>>>>>> Partha and Julian, is neccesary to open that ports in the firewall
>>>>>>>> and
>>>>>>>>
>>>>>>>> the router (both).
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Try without firewall to test (open ports in router).
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Are you in Ubuntu or Centos?
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ..............
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>>>>
>>>>>>>> Dear Alvaro,
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> I have opened up all the port mentioned in the document but I keep
>>>>>>>> getting the error, stating failed to connect to media server.
>>>>>>>>
>>>>>>>> Does it need to do any other conficonfiguration.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>>
>>>>>>>> Partha
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>
>>>>>>>> ...that is for Ubuntu 18.04.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> And this is for Centos 7-8:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ...................
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>>>>
>>>>>>>> ...take a look:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ................
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>>>>
>>>>>>>> Hello,
>>>>>>>>
>>>>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
>>>>>>>> audio & video.
>>>>>>>>
>>>>>>>> I have Openmeeting server  behind a Linux firewall with NAT and
>>>>>>>> opened up 5443 & 8888 ports. I can not see or hear the meeting participants
>>>>>>>> nor he can see me or hear.
>>>>>>>>
>>>>>>>> The setup test, I can see my own voice and video.
>>>>>>>>
>>>>>>>> Here is my nat table
>>>>>>>>
>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>> to-addr="192.168.110.16"
>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> public
>>>>>>>>   target: default
>>>>>>>>   icmp-block-inversion: no
>>>>>>>>   interfaces:
>>>>>>>>   sources:
>>>>>>>>   services: mdns dhcpv6-client
>>>>>>>>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>>>>>   protocols:
>>>>>>>>   masquerade: no
>>>>>>>>   forward-ports:
>>>>>>>>   source-ports:
>>>>>>>>   icmp-blocks:
>>>>>>>>   rich rules:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Could you please help me
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>>
>>>>>>>> --
>>>>>>>>
>>>>>>>> Partha
>>>>>>>> M +91-8825608651
>>>>>>>> Sent from mobile device
>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>>
>>>>>>>> Partha
>>>>>>>> M +91-8825608651
>>>>>>>> Sent from mobile device
>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Partha
>>>>>> M +91-8825608651
>>>>>> Sent from mobile device
>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Best regards,
>>>>> Maxim
>>>>>
>>>>
>>>>
>>>> --
>>>> Partha
>>>> M +91-8825608651
>>>> Sent from mobile device
>>>> "If you worried about falling off the bike, you’d never..."
>>>>
>>>
>>>
>>> --
>>> Best regards,
>>> Maxim
>>>
>>
>>
>> --
>> Partha
>> M +91-8825608651
>> Sent from mobile device
>> "If you worried about falling off the bike, you’d never..."
>>
>
>
> --
> Best regards,
> Maxim
>


-- 
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."

Re: NAT Issue

[Maxim Solodovnik <so...@gmail.com>]

Hello Partha,

sorry for keeping silence, I'm a bit overloaded :(

I have no experience with `reTurnServer`, used only coturn, was sure it is
available for all distros :(
You need to make sure
- TURN is accessible from outside your NTA
- TURN can communicate with KMS

On Wed, 6 May 2020 at 23:34, Partha Datta <da...@gmail.com> wrote:

> Hi
> As discussed I have installed turn in a different server.
> [root@demo reTurn]# netstat -npl | grep -i turn
> tcp        0      0 0.0.0.0:3478            0.0.0.0:*
> LISTEN      8770/reTurnServer
> tcp6       0      0 :::3478                 :::*                    LISTEN
>      8770/reTurnServer
> udp        0      0 0.0.0.0:3478            0.0.0.0:*
>       8770/reTurnServer
> udp6       0      0 :::3478                 :::*
>      8770/reTurnServer
> I have also edited the file
> /opt/open503/webapps/openmeetings/WEB-INF/classes/applicationContext.xml
>  <!-- Kurento -->
>         <bean id="kurentoHandler"
> class="org.apache.openmeetings.core.remote.KurentoHandler"
> init-method="init" destroy-method="destroy"
>                         p:kurentoWsUrl="ws://127.0.0.1:8888/kurento"
>                         p:checkTimeout="10000"
>                         p:watchThreadCount="10"
>                         p:turnUrl="125.85.210.130:3478"
>                         p:turnUser="kurento"
>                         p:turnSecret="ab5497d0f532dc7c24336ab0e74d5c"
>                         p:turnMode="rest"
>                         p:turnTtl="60"
>                         p:objCheckTimeout="200"
>                         />
> But still I cant access it from outside the LAN, Could you help me..
> Regards,
> Partha
>
> On Mon, May 4, 2020 at 10:14 PM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>> Please check `netstat -npl|grep 8888`
>> When you are starting dockerized KMS for ex. `docker run -v
>> /home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
>> -p 8888:8888 kurento/kurento-media-server`
>> You make it available at `localhost:8888` due to forwarding
>>
>> to make everything workable behind NAT you need to ensure TURN is
>> available outside the NAT
>>
>> On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com> wrote:
>>
>>> Hello Maxim,
>>> Sorry, if I am not able to explain you properly, so attaching you a
>>> network diagram of my setup. I have referred installation on  Fedora 30, it
>>> doesn't talk about TURN installation, however I am installing on Fedora 27,
>>> every thing works good in LAN & VPN but I can not access from PUBLIC
>>> network. Hope I am clear now. Moreover the docker IP is not static. Do the
>>> docker IP has to be in different Subnet?  I am also attaching you the NAT
>>> table where OM, Docker & KMS is running.
>>> [image: image.png]
>>> netstat -ntp
>>> [image: image.png]
>>>
>>>
>>>
>>>
>>> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
>>> wrote:
>>>
>>>> Hello Partha,
>>>>
>>>> this is something i don't understand :(
>>>> I would expect KMS is accessible on the same IP
>>>>
>>>> Anyway you have to ensure correct KMS address is specified in OM config
>>>> (and it is accessible to OM)
>>>> and also accessible to TURN
>>>>
>>>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hello Maxim,
>>>>> My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1,
>>>>> I have not assigned any IP address to it. Do I need to change it to same
>>>>> subnet or bind with the same IP address? If so can you tell me how to do
>>>>> that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>>>> Regards,
>>>>> Partha
>>>>>
>>>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <so...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Finally I get to this thread :)
>>>>>>
>>>>>> I would suggest to check which network interfaces do you have
>>>>>> And ensure OM, KMS and coturn are available at external network
>>>>>> interface
>>>>>>
>>>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>>>>>
>>>>>>> Same at my side. It works as long as I’am in the lan (VPN is also in
>>>>>>> the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>>>> user@openmeetings.apache.org>
>>>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>>>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>>>>>>> *Betreff: *Re: NAT Issue
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Hi Alvaro,
>>>>>>>
>>>>>>> No luck.. Here is my firewall configuration. But very strange.. it
>>>>>>> works great when I get connected with VPN client
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> FedoraServer (active)
>>>>>>>   target: default
>>>>>>>   icmp-block-inversion: no
>>>>>>>   interfaces: enp5s10
>>>>>>>   sources:
>>>>>>>   services: ssh
>>>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>>>>   protocols:
>>>>>>>   masquerade: yes
>>>>>>>   forward-ports:
>>>>>>>   source-ports:
>>>>>>>   icmp-blocks:
>>>>>>>   rich rules:
>>>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>>>> FedoraServer (active)
>>>>>>>   target: default
>>>>>>>   icmp-block-inversion: no
>>>>>>>   interfaces: enp5s10
>>>>>>>   sources:
>>>>>>>   services: ssh
>>>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>>>>   protocols:
>>>>>>>   masquerade: yes
>>>>>>>   forward-ports:
>>>>>>>   source-ports:
>>>>>>>   icmp-blocks:
>>>>>>>   rich rules:
>>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>>> port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>>>> to-addr="192.168.110.16"
>>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>>> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
>>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>>> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Regards,
>>>>>>>
>>>>>>> Partha
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ...Partha, please open in firewalld the ports:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # service firewalld start
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>>>> --permanent
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # service firewalld restart
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ...and to see they are open:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # firewall-cmd --list-all
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ...and after this would be good stop the servers and reboot
>>>>>>>
>>>>>>> the machine.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ..................
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>>>
>>>>>>> Hello Alvaro,
>>>>>>>
>>>>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>>>>> server running openmeeting I cant access, even from the LAN, so I think  it
>>>>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>>>>> mentioned in the document you have sent on the local server . I shall do
>>>>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>>>>> port blocking.
>>>>>>>
>>>>>>> Regards,
>>>>>>>
>>>>>>> Partha
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>
>>>>>>> Partha and Julian, is neccesary to open that ports in the firewall
>>>>>>> and
>>>>>>>
>>>>>>> the router (both).
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Try without firewall to test (open ports in router).
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Are you in Ubuntu or Centos?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ..............
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>>>
>>>>>>> Dear Alvaro,
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> I have opened up all the port mentioned in the document but I keep
>>>>>>> getting the error, stating failed to connect to media server.
>>>>>>>
>>>>>>> Does it need to do any other conficonfiguration.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Regards,
>>>>>>>
>>>>>>> Partha
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>
>>>>>>> ...that is for Ubuntu 18.04.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> And this is for Centos 7-8:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ...................
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>>>
>>>>>>> ...take a look:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ................
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>>>
>>>>>>> Hello,
>>>>>>>
>>>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
>>>>>>> audio & video.
>>>>>>>
>>>>>>> I have Openmeeting server  behind a Linux firewall with NAT and
>>>>>>> opened up 5443 & 8888 ports. I can not see or hear the meeting participants
>>>>>>> nor he can see me or hear.
>>>>>>>
>>>>>>> The setup test, I can see my own voice and video.
>>>>>>>
>>>>>>> Here is my nat table
>>>>>>>
>>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> public
>>>>>>>   target: default
>>>>>>>   icmp-block-inversion: no
>>>>>>>   interfaces:
>>>>>>>   sources:
>>>>>>>   services: mdns dhcpv6-client
>>>>>>>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>>>>   protocols:
>>>>>>>   masquerade: no
>>>>>>>   forward-ports:
>>>>>>>   source-ports:
>>>>>>>   icmp-blocks:
>>>>>>>   rich rules:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Could you please help me
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Regards,
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>> Partha
>>>>>>> M +91-8825608651
>>>>>>> Sent from mobile device
>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>> Partha
>>>>>>> M +91-8825608651
>>>>>>> Sent from mobile device
>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> Partha
>>>>> M +91-8825608651
>>>>> Sent from mobile device
>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>
>>>>
>>>>
>>>> --
>>>> Best regards,
>>>> Maxim
>>>>
>>>
>>>
>>> --
>>> Partha
>>> M +91-8825608651
>>> Sent from mobile device
>>> "If you worried about falling off the bike, you’d never..."
>>>
>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
>
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>


-- 
Best regards,
Maxim

Re: NAT Issue

[Partha Datta <da...@gmail.com>]

Hi
As discussed I have installed turn in a different server.
[root@demo reTurn]# netstat -npl | grep -i turn
tcp        0      0 0.0.0.0:3478            0.0.0.0:*               LISTEN
     8770/reTurnServer
tcp6       0      0 :::3478                 :::*                    LISTEN
     8770/reTurnServer
udp        0      0 0.0.0.0:3478            0.0.0.0:*
    8770/reTurnServer
udp6       0      0 :::3478                 :::*
     8770/reTurnServer
I have also edited the file
/opt/open503/webapps/openmeetings/WEB-INF/classes/applicationContext.xml
 <!-- Kurento -->
        <bean id="kurentoHandler"
class="org.apache.openmeetings.core.remote.KurentoHandler"
init-method="init" destroy-method="destroy"
                        p:kurentoWsUrl="ws://127.0.0.1:8888/kurento"
                        p:checkTimeout="10000"
                        p:watchThreadCount="10"
                        p:turnUrl="125.85.210.130:3478"
                        p:turnUser="kurento"
                        p:turnSecret="ab5497d0f532dc7c24336ab0e74d5c"
                        p:turnMode="rest"
                        p:turnTtl="60"
                        p:objCheckTimeout="200"
                        />
But still I cant access it from outside the LAN, Could you help me..
Regards,
Partha

On Mon, May 4, 2020 at 10:14 PM Maxim Solodovnik <so...@gmail.com>
wrote:

> Please check `netstat -npl|grep 8888`
> When you are starting dockerized KMS for ex. `docker run -v
> /home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
> -p 8888:8888 kurento/kurento-media-server`
> You make it available at `localhost:8888` due to forwarding
>
> to make everything workable behind NAT you need to ensure TURN is
> available outside the NAT
>
> On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com> wrote:
>
>> Hello Maxim,
>> Sorry, if I am not able to explain you properly, so attaching you a
>> network diagram of my setup. I have referred installation on  Fedora 30, it
>> doesn't talk about TURN installation, however I am installing on Fedora 27,
>> every thing works good in LAN & VPN but I can not access from PUBLIC
>> network. Hope I am clear now. Moreover the docker IP is not static. Do the
>> docker IP has to be in different Subnet?  I am also attaching you the NAT
>> table where OM, Docker & KMS is running.
>> [image: image.png]
>> netstat -ntp
>> [image: image.png]
>>
>>
>>
>>
>> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
>> wrote:
>>
>>> Hello Partha,
>>>
>>> this is something i don't understand :(
>>> I would expect KMS is accessible on the same IP
>>>
>>> Anyway you have to ensure correct KMS address is specified in OM config
>>> (and it is accessible to OM)
>>> and also accessible to TURN
>>>
>>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com> wrote:
>>>
>>>> Hello Maxim,
>>>> My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1, I
>>>> have not assigned any IP address to it. Do I need to change it to same
>>>> subnet or bind with the same IP address? If so can you tell me how to do
>>>> that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>>> Regards,
>>>> Partha
>>>>
>>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <so...@gmail.com>
>>>> wrote:
>>>>
>>>>> Finally I get to this thread :)
>>>>>
>>>>> I would suggest to check which network interfaces do you have
>>>>> And ensure OM, KMS and coturn are available at external network
>>>>> interface
>>>>>
>>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>>>>
>>>>>> Same at my side. It works as long as I’am in the lan (VPN is also in
>>>>>> the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>>>
>>>>>>
>>>>>>
>>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>>> user@openmeetings.apache.org>
>>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>>>>>> *Betreff: *Re: NAT Issue
>>>>>>
>>>>>>
>>>>>>
>>>>>> Hi Alvaro,
>>>>>>
>>>>>> No luck.. Here is my firewall configuration. But very strange.. it
>>>>>> works great when I get connected with VPN client
>>>>>>
>>>>>>
>>>>>>
>>>>>> FedoraServer (active)
>>>>>>   target: default
>>>>>>   icmp-block-inversion: no
>>>>>>   interfaces: enp5s10
>>>>>>   sources:
>>>>>>   services: ssh
>>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>>>   protocols:
>>>>>>   masquerade: yes
>>>>>>   forward-ports:
>>>>>>   source-ports:
>>>>>>   icmp-blocks:
>>>>>>   rich rules:
>>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>>> FedoraServer (active)
>>>>>>   target: default
>>>>>>   icmp-block-inversion: no
>>>>>>   interfaces: enp5s10
>>>>>>   sources:
>>>>>>   services: ssh
>>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>>>   protocols:
>>>>>>   masquerade: yes
>>>>>>   forward-ports:
>>>>>>   source-ports:
>>>>>>   icmp-blocks:
>>>>>>   rich rules:
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>>> to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>>>>>>
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Partha
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...Partha, please open in firewalld the ports:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> # service firewalld start
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>>> --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # service firewalld restart
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...and to see they are open:
>>>>>>
>>>>>>
>>>>>>
>>>>>> # firewall-cmd --list-all
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...and after this would be good stop the servers and reboot
>>>>>>
>>>>>> the machine.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ..................
>>>>>>
>>>>>>
>>>>>>
>>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>>
>>>>>> Hello Alvaro,
>>>>>>
>>>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>>>> server running openmeeting I cant access, even from the LAN, so I think  it
>>>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>>>> mentioned in the document you have sent on the local server . I shall do
>>>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>>>> port blocking.
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Partha
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>>
>>>>>> Partha and Julian, is neccesary to open that ports in the firewall and
>>>>>>
>>>>>> the router (both).
>>>>>>
>>>>>>
>>>>>>
>>>>>> Try without firewall to test (open ports in router).
>>>>>>
>>>>>>
>>>>>>
>>>>>> Are you in Ubuntu or Centos?
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ..............
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>>
>>>>>> Dear Alvaro,
>>>>>>
>>>>>>
>>>>>>
>>>>>> I have opened up all the port mentioned in the document but I keep
>>>>>> getting the error, stating failed to connect to media server.
>>>>>>
>>>>>> Does it need to do any other conficonfiguration.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Partha
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>>
>>>>>> ...that is for Ubuntu 18.04.
>>>>>>
>>>>>>
>>>>>>
>>>>>> And this is for Centos 7-8:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...................
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>>
>>>>>> ...take a look:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ................
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>>
>>>>>> Hello,
>>>>>>
>>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
>>>>>> audio & video.
>>>>>>
>>>>>> I have Openmeeting server  behind a Linux firewall with NAT and
>>>>>> opened up 5443 & 8888 ports. I can not see or hear the meeting participants
>>>>>> nor he can see me or hear.
>>>>>>
>>>>>> The setup test, I can see my own voice and video.
>>>>>>
>>>>>> Here is my nat table
>>>>>>
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>>>
>>>>>>
>>>>>>
>>>>>> public
>>>>>>   target: default
>>>>>>   icmp-block-inversion: no
>>>>>>   interfaces:
>>>>>>   sources:
>>>>>>   services: mdns dhcpv6-client
>>>>>>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>>>   protocols:
>>>>>>   masquerade: no
>>>>>>   forward-ports:
>>>>>>   source-ports:
>>>>>>   icmp-blocks:
>>>>>>   rich rules:
>>>>>>
>>>>>>
>>>>>>
>>>>>> Could you please help me
>>>>>>
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> --
>>>>>>
>>>>>> Partha
>>>>>> M +91-8825608651
>>>>>> Sent from mobile device
>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> Partha
>>>>>> M +91-8825608651
>>>>>> Sent from mobile device
>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>
>>>>>
>>>>
>>>> --
>>>> Partha
>>>> M +91-8825608651
>>>> Sent from mobile device
>>>> "If you worried about falling off the bike, you’d never..."
>>>>
>>>
>>>
>>> --
>>> Best regards,
>>> Maxim
>>>
>>
>>
>> --
>> Partha
>> M +91-8825608651
>> Sent from mobile device
>> "If you worried about falling off the bike, you’d never..."
>>
>
>
> --
> Best regards,
> Maxim
>


-- 
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."

Re: NAT Issue

[Maxim Solodovnik <so...@gmail.com>]

Please check `netstat -npl|grep 8888`
When you are starting dockerized KMS for ex. `docker run -v
/home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
-p 8888:8888 kurento/kurento-media-server`
You make it available at `localhost:8888` due to forwarding

to make everything workable behind NAT you need to ensure TURN is available
outside the NAT

On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com> wrote:

> Hello Maxim,
> Sorry, if I am not able to explain you properly, so attaching you a
> network diagram of my setup. I have referred installation on  Fedora 30, it
> doesn't talk about TURN installation, however I am installing on Fedora 27,
> every thing works good in LAN & VPN but I can not access from PUBLIC
> network. Hope I am clear now. Moreover the docker IP is not static. Do the
> docker IP has to be in different Subnet?  I am also attaching you the NAT
> table where OM, Docker & KMS is running.
> [image: image.png]
> netstat -ntp
> [image: image.png]
>
>
>
>
> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>> Hello Partha,
>>
>> this is something i don't understand :(
>> I would expect KMS is accessible on the same IP
>>
>> Anyway you have to ensure correct KMS address is specified in OM config
>> (and it is accessible to OM)
>> and also accessible to TURN
>>
>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com> wrote:
>>
>>> Hello Maxim,
>>> My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1, I
>>> have not assigned any IP address to it. Do I need to change it to same
>>> subnet or bind with the same IP address? If so can you tell me how to do
>>> that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>> Regards,
>>> Partha
>>>
>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <so...@gmail.com>
>>> wrote:
>>>
>>>> Finally I get to this thread :)
>>>>
>>>> I would suggest to check which network interfaces do you have
>>>> And ensure OM, KMS and coturn are available at external network
>>>> interface
>>>>
>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>>>
>>>>> Same at my side. It works as long as I’am in the lan (VPN is also in
>>>>> the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>>
>>>>>
>>>>>
>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>> user@openmeetings.apache.org>
>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>>>>> *Betreff: *Re: NAT Issue
>>>>>
>>>>>
>>>>>
>>>>> Hi Alvaro,
>>>>>
>>>>> No luck.. Here is my firewall configuration. But very strange.. it
>>>>> works great when I get connected with VPN client
>>>>>
>>>>>
>>>>>
>>>>> FedoraServer (active)
>>>>>   target: default
>>>>>   icmp-block-inversion: no
>>>>>   interfaces: enp5s10
>>>>>   sources:
>>>>>   services: ssh
>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>>   protocols:
>>>>>   masquerade: yes
>>>>>   forward-ports:
>>>>>   source-ports:
>>>>>   icmp-blocks:
>>>>>   rich rules:
>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>> FedoraServer (active)
>>>>>   target: default
>>>>>   icmp-block-inversion: no
>>>>>   interfaces: enp5s10
>>>>>   sources:
>>>>>   services: ssh
>>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>>   protocols:
>>>>>   masquerade: yes
>>>>>   forward-ports:
>>>>>   source-ports:
>>>>>   icmp-blocks:
>>>>>   rich rules:
>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>> port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>> to-addr="192.168.110.16"
>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>>>>>
>>>>>
>>>>>
>>>>> Regards,
>>>>>
>>>>> Partha
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>>>>
>>>>>
>>>>>
>>>>> ...Partha, please open in firewalld the ports:
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> # service firewalld start
>>>>>
>>>>>
>>>>>
>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>
>>>>>
>>>>>
>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>
>>>>>
>>>>>
>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>
>>>>>
>>>>>
>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>
>>>>>
>>>>>
>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>> --permanent
>>>>>
>>>>>
>>>>>
>>>>> # service firewalld restart
>>>>>
>>>>>
>>>>>
>>>>> ...and to see they are open:
>>>>>
>>>>>
>>>>>
>>>>> # firewall-cmd --list-all
>>>>>
>>>>>
>>>>>
>>>>> ...and after this would be good stop the servers and reboot
>>>>>
>>>>> the machine.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ..................
>>>>>
>>>>>
>>>>>
>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>
>>>>> Hello Alvaro,
>>>>>
>>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>>> server running openmeeting I cant access, even from the LAN, so I think  it
>>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>>> mentioned in the document you have sent on the local server . I shall do
>>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>>> port blocking.
>>>>>
>>>>> Regards,
>>>>>
>>>>> Partha
>>>>>
>>>>>
>>>>>
>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>
>>>>> Partha and Julian, is neccesary to open that ports in the firewall and
>>>>>
>>>>> the router (both).
>>>>>
>>>>>
>>>>>
>>>>> Try without firewall to test (open ports in router).
>>>>>
>>>>>
>>>>>
>>>>> Are you in Ubuntu or Centos?
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ..............
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>
>>>>> Dear Alvaro,
>>>>>
>>>>>
>>>>>
>>>>> I have opened up all the port mentioned in the document but I keep
>>>>> getting the error, stating failed to connect to media server.
>>>>>
>>>>> Does it need to do any other conficonfiguration.
>>>>>
>>>>>
>>>>>
>>>>> Regards,
>>>>>
>>>>> Partha
>>>>>
>>>>>
>>>>>
>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>
>>>>> ...that is for Ubuntu 18.04.
>>>>>
>>>>>
>>>>>
>>>>> And this is for Centos 7-8:
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ...................
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>
>>>>> ...take a look:
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ................
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>
>>>>> Hello,
>>>>>
>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
>>>>> audio & video.
>>>>>
>>>>> I have Openmeeting server  behind a Linux firewall with NAT and opened
>>>>> up 5443 & 8888 ports. I can not see or hear the meeting participants nor he
>>>>> can see me or hear.
>>>>>
>>>>> The setup test, I can see my own voice and video.
>>>>>
>>>>> Here is my nat table
>>>>>
>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>>
>>>>>
>>>>>
>>>>> public
>>>>>   target: default
>>>>>   icmp-block-inversion: no
>>>>>   interfaces:
>>>>>   sources:
>>>>>   services: mdns dhcpv6-client
>>>>>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>>   protocols:
>>>>>   masquerade: no
>>>>>   forward-ports:
>>>>>   source-ports:
>>>>>   icmp-blocks:
>>>>>   rich rules:
>>>>>
>>>>>
>>>>>
>>>>> Could you please help me
>>>>>
>>>>>
>>>>>
>>>>> Regards,
>>>>>
>>>>> --
>>>>>
>>>>> Partha
>>>>> M +91-8825608651
>>>>> Sent from mobile device
>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>> Partha
>>>>> M +91-8825608651
>>>>> Sent from mobile device
>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>
>>>>
>>>
>>> --
>>> Partha
>>> M +91-8825608651
>>> Sent from mobile device
>>> "If you worried about falling off the bike, you’d never..."
>>>
>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
>
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>


-- 
Best regards,
Maxim

Re: NAT Issue

[Partha Datta <da...@gmail.com>]

Hello Maxim,
Sorry, if I am not able to explain you properly, so attaching you a network
diagram of my setup. I have referred installation on  Fedora 30, it doesn't
talk about TURN installation, however I am installing on Fedora 27, every
thing works good in LAN & VPN but I can not access from PUBLIC network.
Hope I am clear now. Moreover the docker IP is not static. Do the docker IP
has to be in different Subnet?  I am also attaching you the NAT table where
OM, Docker & KMS is running.
[image: image.png]
netstat -ntp
[image: image.png]




On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
wrote:

> Hello Partha,
>
> this is something i don't understand :(
> I would expect KMS is accessible on the same IP
>
> Anyway you have to ensure correct KMS address is specified in OM config
> (and it is accessible to OM)
> and also accessible to TURN
>
> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com> wrote:
>
>> Hello Maxim,
>> My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1, I
>> have not assigned any IP address to it. Do I need to change it to same
>> subnet or bind with the same IP address? If so can you tell me how to do
>> that. I am using docker-ce-18.09.0-3.fc27.x86_64
>> Regards,
>> Partha
>>
>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <so...@gmail.com>
>> wrote:
>>
>>> Finally I get to this thread :)
>>>
>>> I would suggest to check which network interfaces do you have
>>> And ensure OM, KMS and coturn are available at external network interface
>>>
>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>>
>>>> Same at my side. It works as long as I’am in the lan (VPN is also in
>>>> the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>
>>>>
>>>>
>>>> *Von: *Partha Datta <da...@gmail.com>
>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>> user@openmeetings.apache.org>
>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>>>> *Betreff: *Re: NAT Issue
>>>>
>>>>
>>>>
>>>> Hi Alvaro,
>>>>
>>>> No luck.. Here is my firewall configuration. But very strange.. it
>>>> works great when I get connected with VPN client
>>>>
>>>>
>>>>
>>>> FedoraServer (active)
>>>>   target: default
>>>>   icmp-block-inversion: no
>>>>   interfaces: enp5s10
>>>>   sources:
>>>>   services: ssh
>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>   protocols:
>>>>   masquerade: yes
>>>>   forward-ports:
>>>>   source-ports:
>>>>   icmp-blocks:
>>>>   rich rules:
>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>> FedoraServer (active)
>>>>   target: default
>>>>   icmp-block-inversion: no
>>>>   interfaces: enp5s10
>>>>   sources:
>>>>   services: ssh
>>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>   protocols:
>>>>   masquerade: yes
>>>>   forward-ports:
>>>>   source-ports:
>>>>   icmp-blocks:
>>>>   rich rules:
>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>> port="49152-65535" protocol="udp" to-port="49152-65535"
>>>> to-addr="192.168.110.16"
>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>>>>
>>>>
>>>>
>>>> Regards,
>>>>
>>>> Partha
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>>>
>>>>
>>>>
>>>> ...Partha, please open in firewalld the ports:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> # service firewalld start
>>>>
>>>>
>>>>
>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>
>>>>
>>>>
>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>
>>>>
>>>>
>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>
>>>>
>>>>
>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>
>>>>
>>>>
>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp --permanent
>>>>
>>>>
>>>>
>>>> # service firewalld restart
>>>>
>>>>
>>>>
>>>> ...and to see they are open:
>>>>
>>>>
>>>>
>>>> # firewall-cmd --list-all
>>>>
>>>>
>>>>
>>>> ...and after this would be good stop the servers and reboot
>>>>
>>>> the machine.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ..................
>>>>
>>>>
>>>>
>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>
>>>> Hello Alvaro,
>>>>
>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>> server running openmeeting I cant access, even from the LAN, so I think  it
>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>> mentioned in the document you have sent on the local server . I shall do
>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>> port blocking.
>>>>
>>>> Regards,
>>>>
>>>> Partha
>>>>
>>>>
>>>>
>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>
>>>> Partha and Julian, is neccesary to open that ports in the firewall and
>>>>
>>>> the router (both).
>>>>
>>>>
>>>>
>>>> Try without firewall to test (open ports in router).
>>>>
>>>>
>>>>
>>>> Are you in Ubuntu or Centos?
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ..............
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>
>>>> Dear Alvaro,
>>>>
>>>>
>>>>
>>>> I have opened up all the port mentioned in the document but I keep
>>>> getting the error, stating failed to connect to media server.
>>>>
>>>> Does it need to do any other conficonfiguration.
>>>>
>>>>
>>>>
>>>> Regards,
>>>>
>>>> Partha
>>>>
>>>>
>>>>
>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>
>>>> ...that is for Ubuntu 18.04.
>>>>
>>>>
>>>>
>>>> And this is for Centos 7-8:
>>>>
>>>>
>>>>
>>>>
>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ...................
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>
>>>> ...take a look:
>>>>
>>>>
>>>>
>>>>
>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ................
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>
>>>> Hello,
>>>>
>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio
>>>> & video.
>>>>
>>>> I have Openmeeting server  behind a Linux firewall with NAT and opened
>>>> up 5443 & 8888 ports. I can not see or hear the meeting participants nor he
>>>> can see me or hear.
>>>>
>>>> The setup test, I can see my own voice and video.
>>>>
>>>> Here is my nat table
>>>>
>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>
>>>>
>>>>
>>>> public
>>>>   target: default
>>>>   icmp-block-inversion: no
>>>>   interfaces:
>>>>   sources:
>>>>   services: mdns dhcpv6-client
>>>>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>   protocols:
>>>>   masquerade: no
>>>>   forward-ports:
>>>>   source-ports:
>>>>   icmp-blocks:
>>>>   rich rules:
>>>>
>>>>
>>>>
>>>> Could you please help me
>>>>
>>>>
>>>>
>>>> Regards,
>>>>
>>>> --
>>>>
>>>> Partha
>>>> M +91-8825608651
>>>> Sent from mobile device
>>>> "If you worried about falling off the bike, you’d never..."
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> Partha
>>>> M +91-8825608651
>>>> Sent from mobile device
>>>> "If you worried about falling off the bike, you’d never..."
>>>>
>>>
>>
>> --
>> Partha
>> M +91-8825608651
>> Sent from mobile device
>> "If you worried about falling off the bike, you’d never..."
>>
>
>
> --
> Best regards,
> Maxim
>


-- 
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."

Re: NAT Issue

[Maxim Solodovnik <so...@gmail.com>]

Hello Partha,

this is something i don't understand :(
I would expect KMS is accessible on the same IP

Anyway you have to ensure correct KMS address is specified in OM config
(and it is accessible to OM)
and also accessible to TURN

On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com> wrote:

> Hello Maxim,
> My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1, I
> have not assigned any IP address to it. Do I need to change it to same
> subnet or bind with the same IP address? If so can you tell me how to do
> that. I am using docker-ce-18.09.0-3.fc27.x86_64
> Regards,
> Partha
>
> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>> Finally I get to this thread :)
>>
>> I would suggest to check which network interfaces do you have
>> And ensure OM, KMS and coturn are available at external network interface
>>
>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>
>>> Same at my side. It works as long as I’am in the lan (VPN is also in the
>>> lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>
>>>
>>>
>>> *Von: *Partha Datta <da...@gmail.com>
>>> *Antworten an: *"user@openmeetings.apache.org" <
>>> user@openmeetings.apache.org>
>>> *Datum: *Montag, 27. April 2020 um 22:14
>>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>>> *Betreff: *Re: NAT Issue
>>>
>>>
>>>
>>> Hi Alvaro,
>>>
>>> No luck.. Here is my firewall configuration. But very strange.. it works
>>> great when I get connected with VPN client
>>>
>>>
>>>
>>> FedoraServer (active)
>>>   target: default
>>>   icmp-block-inversion: no
>>>   interfaces: enp5s10
>>>   sources:
>>>   services: ssh
>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>   protocols:
>>>   masquerade: yes
>>>   forward-ports:
>>>   source-ports:
>>>   icmp-blocks:
>>>   rich rules:
>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>> FedoraServer (active)
>>>   target: default
>>>   icmp-block-inversion: no
>>>   interfaces: enp5s10
>>>   sources:
>>>   services: ssh
>>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>   protocols:
>>>   masquerade: yes
>>>   forward-ports:
>>>   source-ports:
>>>   icmp-blocks:
>>>   rich rules:
>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>> port="49152-65535" protocol="udp" to-port="49152-65535"
>>> to-addr="192.168.110.16"
>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>>>
>>>
>>>
>>> Regards,
>>>
>>> Partha
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>>
>>>
>>>
>>> ...Partha, please open in firewalld the ports:
>>>
>>>
>>>
>>>
>>>
>>> # service firewalld start
>>>
>>>
>>>
>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>
>>>
>>>
>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>
>>>
>>>
>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>
>>>
>>>
>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>
>>>
>>>
>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp --permanent
>>>
>>>
>>>
>>> # service firewalld restart
>>>
>>>
>>>
>>> ...and to see they are open:
>>>
>>>
>>>
>>> # firewall-cmd --list-all
>>>
>>>
>>>
>>> ...and after this would be good stop the servers and reboot
>>>
>>> the machine.
>>>
>>>
>>>
>>>
>>>
>>> ..................
>>>
>>>
>>>
>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>
>>> Hello Alvaro,
>>>
>>> I am running in Fedora 27. When I enable Firewalld service in the server
>>> running openmeeting I cant access, even from the LAN, so I think  it is
>>> some thing to do with fire wall, I have not checked opening up the ports
>>> mentioned in the document you have sent on the local server . I shall do
>>> that today, and update you, to confirm if that is the issue with NAT or
>>> port blocking.
>>>
>>> Regards,
>>>
>>> Partha
>>>
>>>
>>>
>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>
>>> Partha and Julian, is neccesary to open that ports in the firewall and
>>>
>>> the router (both).
>>>
>>>
>>>
>>> Try without firewall to test (open ports in router).
>>>
>>>
>>>
>>> Are you in Ubuntu or Centos?
>>>
>>>
>>>
>>>
>>>
>>> ..............
>>>
>>>
>>>
>>>
>>>
>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>
>>> Dear Alvaro,
>>>
>>>
>>>
>>> I have opened up all the port mentioned in the document but I keep
>>> getting the error, stating failed to connect to media server.
>>>
>>> Does it need to do any other conficonfiguration.
>>>
>>>
>>>
>>> Regards,
>>>
>>> Partha
>>>
>>>
>>>
>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>
>>> ...that is for Ubuntu 18.04.
>>>
>>>
>>>
>>> And this is for Centos 7-8:
>>>
>>>
>>>
>>>
>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> ...................
>>>
>>>
>>>
>>>
>>>
>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>
>>> ...take a look:
>>>
>>>
>>>
>>>
>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>
>>>
>>>
>>>
>>>
>>> ................
>>>
>>>
>>>
>>>
>>>
>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>
>>> Hello,
>>>
>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio
>>> & video.
>>>
>>> I have Openmeeting server  behind a Linux firewall with NAT and opened
>>> up 5443 & 8888 ports. I can not see or hear the meeting participants nor he
>>> can see me or hear.
>>>
>>> The setup test, I can see my own voice and video.
>>>
>>> Here is my nat table
>>>
>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>
>>>
>>>
>>> public
>>>   target: default
>>>   icmp-block-inversion: no
>>>   interfaces:
>>>   sources:
>>>   services: mdns dhcpv6-client
>>>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>   protocols:
>>>   masquerade: no
>>>   forward-ports:
>>>   source-ports:
>>>   icmp-blocks:
>>>   rich rules:
>>>
>>>
>>>
>>> Could you please help me
>>>
>>>
>>>
>>> Regards,
>>>
>>> --
>>>
>>> Partha
>>> M +91-8825608651
>>> Sent from mobile device
>>> "If you worried about falling off the bike, you’d never..."
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> --
>>>
>>> Partha
>>> M +91-8825608651
>>> Sent from mobile device
>>> "If you worried about falling off the bike, you’d never..."
>>>
>>
>
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>


-- 
Best regards,
Maxim

Re: NAT Issue

[Partha Datta <da...@gmail.com>]

Hello Maxim,
My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1, I
have not assigned any IP address to it. Do I need to change it to same
subnet or bind with the same IP address? If so can you tell me how to do
that. I am using docker-ce-18.09.0-3.fc27.x86_64
Regards,
Partha

On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <so...@gmail.com>
wrote:

> Finally I get to this thread :)
>
> I would suggest to check which network interfaces do you have
> And ensure OM, KMS and coturn are available at external network interface
>
> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>
>> Same at my side. It works as long as I’am in the lan (VPN is also in the
>> lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>
>>
>>
>> *Von: *Partha Datta <da...@gmail.com>
>> *Antworten an: *"user@openmeetings.apache.org" <
>> user@openmeetings.apache.org>
>> *Datum: *Montag, 27. April 2020 um 22:14
>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>> *Betreff: *Re: NAT Issue
>>
>>
>>
>> Hi Alvaro,
>>
>> No luck.. Here is my firewall configuration. But very strange.. it works
>> great when I get connected with VPN client
>>
>>
>>
>> FedoraServer (active)
>>   target: default
>>   icmp-block-inversion: no
>>   interfaces: enp5s10
>>   sources:
>>   services: ssh
>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>   protocols:
>>   masquerade: yes
>>   forward-ports:
>>   source-ports:
>>   icmp-blocks:
>>   rich rules:
>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>> FedoraServer (active)
>>   target: default
>>   icmp-block-inversion: no
>>   interfaces: enp5s10
>>   sources:
>>   services: ssh
>>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>   protocols:
>>   masquerade: yes
>>   forward-ports:
>>   source-ports:
>>   icmp-blocks:
>>   rich rules:
>> rule family="ipv4" destination address="112.73.210.134" forward-port
>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>> rule family="ipv4" destination address="112.73.210.134" forward-port
>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>> rule family="ipv4" destination address="112.73.210.134" forward-port
>> port="49152-65535" protocol="udp" to-port="49152-65535"
>> to-addr="192.168.110.16"
>> rule family="ipv4" destination address="112.73.210.134" forward-port
>> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
>> rule family="ipv4" destination address="112.73.210.134" forward-port
>> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>>
>>
>>
>> Regards,
>>
>> Partha
>>
>>
>>
>>
>>
>>
>>
>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>
>>
>>
>> ...Partha, please open in firewalld the ports:
>>
>>
>>
>>
>>
>> # service firewalld start
>>
>>
>>
>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>
>>
>>
>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>
>>
>>
>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>
>>
>>
>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>
>>
>>
>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp --permanent
>>
>>
>>
>> # service firewalld restart
>>
>>
>>
>> ...and to see they are open:
>>
>>
>>
>> # firewall-cmd --list-all
>>
>>
>>
>> ...and after this would be good stop the servers and reboot
>>
>> the machine.
>>
>>
>>
>>
>>
>> ..................
>>
>>
>>
>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>
>> Hello Alvaro,
>>
>> I am running in Fedora 27. When I enable Firewalld service in the server
>> running openmeeting I cant access, even from the LAN, so I think  it is
>> some thing to do with fire wall, I have not checked opening up the ports
>> mentioned in the document you have sent on the local server . I shall do
>> that today, and update you, to confirm if that is the issue with NAT or
>> port blocking.
>>
>> Regards,
>>
>> Partha
>>
>>
>>
>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>
>> Partha and Julian, is neccesary to open that ports in the firewall and
>>
>> the router (both).
>>
>>
>>
>> Try without firewall to test (open ports in router).
>>
>>
>>
>> Are you in Ubuntu or Centos?
>>
>>
>>
>>
>>
>> ..............
>>
>>
>>
>>
>>
>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>
>> Dear Alvaro,
>>
>>
>>
>> I have opened up all the port mentioned in the document but I keep
>> getting the error, stating failed to connect to media server.
>>
>> Does it need to do any other conficonfiguration.
>>
>>
>>
>> Regards,
>>
>> Partha
>>
>>
>>
>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>
>> ...that is for Ubuntu 18.04.
>>
>>
>>
>> And this is for Centos 7-8:
>>
>>
>>
>>
>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>
>>
>>
>>
>>
>>
>>
>> ...................
>>
>>
>>
>>
>>
>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>
>> ...take a look:
>>
>>
>>
>>
>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>
>>
>>
>>
>>
>> ................
>>
>>
>>
>>
>>
>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>
>> Hello,
>>
>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
>> video.
>>
>> I have Openmeeting server  behind a Linux firewall with NAT and opened up
>> 5443 & 8888 ports. I can not see or hear the meeting participants nor he
>> can see me or hear.
>>
>> The setup test, I can see my own voice and video.
>>
>> Here is my nat table
>>
>> rule family="ipv4" destination address="112.73.210.134" forward-port
>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>> rule family="ipv4" destination address="112.73.210.134" forward-port
>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>
>>
>>
>> public
>>   target: default
>>   icmp-block-inversion: no
>>   interfaces:
>>   sources:
>>   services: mdns dhcpv6-client
>>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>   protocols:
>>   masquerade: no
>>   forward-ports:
>>   source-ports:
>>   icmp-blocks:
>>   rich rules:
>>
>>
>>
>> Could you please help me
>>
>>
>>
>> Regards,
>>
>> --
>>
>> Partha
>> M +91-8825608651
>> Sent from mobile device
>> "If you worried about falling off the bike, you’d never..."
>>
>>
>>
>>
>>
>>
>>
>> --
>>
>> Partha
>> M +91-8825608651
>> Sent from mobile device
>> "If you worried about falling off the bike, you’d never..."
>>
>

-- 
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."

Re: NAT Issue

[Maxim Solodovnik <so...@gmail.com>]

Finally I get to this thread :)

I would suggest to check which network interfaces do you have
And ensure OM, KMS and coturn are available at external network interface

On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:

> Same at my side. It works as long as I’am in the lan (VPN is also in the
> lan) it works. Whe it comes to use the coturn server it doesn’t work.
>
>
>
> *Von: *Partha Datta <da...@gmail.com>
> *Antworten an: *"user@openmeetings.apache.org" <
> user@openmeetings.apache.org>
> *Datum: *Montag, 27. April 2020 um 22:14
> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
> *Betreff: *Re: NAT Issue
>
>
>
> Hi Alvaro,
>
> No luck.. Here is my firewall configuration. But very strange.. it works
> great when I get connected with VPN client
>
>
>
> FedoraServer (active)
>   target: default
>   icmp-block-inversion: no
>   interfaces: enp5s10
>   sources:
>   services: ssh
>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>   protocols:
>   masquerade: yes
>   forward-ports:
>   source-ports:
>   icmp-blocks:
>   rich rules:
> [root@hepi3 ~]# firewall-cmd --list-all-zones
> FedoraServer (active)
>   target: default
>   icmp-block-inversion: no
>   interfaces: enp5s10
>   sources:
>   services: ssh
>   ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>   protocols:
>   masquerade: yes
>   forward-ports:
>   source-ports:
>   icmp-blocks:
>   rich rules:
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="49152-65535" protocol="udp" to-port="49152-65535"
> to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>
>
>
> Regards,
>
> Partha
>
>
>
>
>
>
>
> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>
>
>
> ...Partha, please open in firewalld the ports:
>
>
>
>
>
> # service firewalld start
>
>
>
> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>
>
>
> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>
>
>
> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>
>
>
> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>
>
>
> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp --permanent
>
>
>
> # service firewalld restart
>
>
>
> ...and to see they are open:
>
>
>
> # firewall-cmd --list-all
>
>
>
> ...and after this would be good stop the servers and reboot
>
> the machine.
>
>
>
>
>
> ..................
>
>
>
> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>
> Hello Alvaro,
>
> I am running in Fedora 27. When I enable Firewalld service in the server
> running openmeeting I cant access, even from the LAN, so I think  it is
> some thing to do with fire wall, I have not checked opening up the ports
> mentioned in the document you have sent on the local server . I shall do
> that today, and update you, to confirm if that is the issue with NAT or
> port blocking.
>
> Regards,
>
> Partha
>
>
>
> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>
> Partha and Julian, is neccesary to open that ports in the firewall and
>
> the router (both).
>
>
>
> Try without firewall to test (open ports in router).
>
>
>
> Are you in Ubuntu or Centos?
>
>
>
>
>
> ..............
>
>
>
>
>
> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>
> Dear Alvaro,
>
>
>
> I have opened up all the port mentioned in the document but I keep getting
> the error, stating failed to connect to media server.
>
> Does it need to do any other conficonfiguration.
>
>
>
> Regards,
>
> Partha
>
>
>
> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>
> ...that is for Ubuntu 18.04.
>
>
>
> And this is for Centos 7-8:
>
>
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
>
>
>
>
>
> ...................
>
>
>
>
>
> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>
> ...take a look:
>
>
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
>
>
>
> ................
>
>
>
>
>
> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>
> Hello,
>
> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
> video.
>
> I have Openmeeting server  behind a Linux firewall with NAT and opened up
> 5443 & 8888 ports. I can not see or hear the meeting participants nor he
> can see me or hear.
>
> The setup test, I can see my own voice and video.
>
> Here is my nat table
>
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>
>
>
> public
>   target: default
>   icmp-block-inversion: no
>   interfaces:
>   sources:
>   services: mdns dhcpv6-client
>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>   protocols:
>   masquerade: no
>   forward-ports:
>   source-ports:
>   icmp-blocks:
>   rich rules:
>
>
>
> Could you please help me
>
>
>
> Regards,
>
> --
>
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>
>
>
>
>
>
>
> --
>
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>

Re: NAT Issue

[Julian Weiß <ju...@ch-weiss.de>]

Same at my side. It works as long as I’am in the lan (VPN is also in the lan) it works. Whe it comes to use the coturn server it doesn’t work.

 

Von: Partha Datta <da...@gmail.com>
Antworten an: "user@openmeetings.apache.org" <us...@openmeetings.apache.org>
Datum: Montag, 27. April 2020 um 22:14
An: "user@openmeetings.apache.org" <us...@openmeetings.apache.org>
Betreff: Re: NAT Issue

 

Hi Alvaro,

No luck.. Here is my firewall configuration. But very strange.. it works great when I get connected with VPN client

 

FedoraServer (active)
  target: default
  icmp-block-inversion: no
  interfaces: enp5s10
  sources: 
  services: ssh 
  ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
  protocols: 
  masquerade: yes
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
[root@hepi3 ~]# firewall-cmd --list-all-zones 
FedoraServer (active)
  target: default
  icmp-block-inversion: no
  interfaces: enp5s10
  sources: 
  services: ssh 
  ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
  protocols: 
  masquerade: yes
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 
rule family="ipv4" destination address="112.73.210.134" forward-port port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port port="49152-65535" protocol="udp" to-port="49152-65535" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"

 

Regards,

Partha

 

 

 

On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:

 

...Partha, please open in firewalld the ports:

 

 

# service firewalld start

 

# sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent

 

# sudo firewall-cmd --zone=public --add-port=3478/udp --permanent

 

# sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent

 

# sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent

 

# sudo firewall-cmd --zone=public --add-port=49152-65535/udp --permanent

 

# service firewalld restart

 

...and to see they are open:

 

# firewall-cmd --list-all

 

...and after this would be good stop the servers and reboot

the machine.

 

 

..................

 

El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:

Hello Alvaro, 

I am running in Fedora 27. When I enable Firewalld service in the server running openmeeting I cant access, even from the LAN, so I think  it is some thing to do with fire wall, I have not checked opening up the ports mentioned in the document you have sent on the local server . I shall do that today, and update you, to confirm if that is the issue with NAT or port blocking. 

Regards,

Partha

 

On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:

Partha and Julian, is neccesary to open that ports in the firewall and

the router (both).

 

Try without firewall to test (open ports in router).

 

Are you in Ubuntu or Centos?

 

 

..............

 

 

El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:

Dear Alvaro, 

 

I have opened up all the port mentioned in the document but I keep getting the error, stating failed to connect to media server. 

Does it need to do any other conficonfiguration. 

 

Regards,

Partha

 

On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:

...that is for Ubuntu 18.04.

 

And this is for Centos 7-8:

 

https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf

 

 

 

...................

 

 

El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:

...take a look:

 

https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf

 

 

................

 

 

El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:

Hello,

I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio & video.

I have Openmeeting server  behind a Linux firewall with NAT and opened up 5443 & 8888 ports. I can not see or hear the meeting participants nor he can see me or hear.

The setup test, I can see my own voice and video.

Here is my nat table 

rule family="ipv4" destination address="112.73.210.134" forward-port port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"

 

public
  target: default
  icmp-block-inversion: no
  interfaces: 
  sources: 
  services: mdns dhcpv6-client
  ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
  protocols: 
  masquerade: no
  forward-ports: 
  source-ports: 
  icmp-blocks: 
  rich rules: 

 

Could you please help me

 

Regards,

-- 

Partha 
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."

 

 



-- 

Partha 
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."

Re: NAT Issue

[Partha Datta <da...@gmail.com>]

Hi Alvaro,
No luck.. Here is my firewall configuration. But very strange.. it works
great when I get connected with VPN client

FedoraServer (active)
  target: default
  icmp-block-inversion: no
  interfaces: enp5s10
  sources:
  services: ssh
  ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
  protocols:
  masquerade: yes
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:
[root@hepi3 ~]# firewall-cmd --list-all-zones
FedoraServer (active)
  target: default
  icmp-block-inversion: no
  interfaces: enp5s10
  sources:
  services: ssh
  ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
  protocols:
  masquerade: yes
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:
rule family="ipv4" destination address="112.73.210.134" forward-port
port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port
port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port
port="49152-65535" protocol="udp" to-port="49152-65535"
to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port
port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port
port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"

Regards,
Partha



On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:

>
> ...Partha, please open in firewalld the ports:
>
>
> # service firewalld start
>
> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>
> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>
> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>
> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>
> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp --permanent
>
> # service firewalld restart
>
> ...and to see they are open:
>
> # firewall-cmd --list-all
>
> ...and after this would be good stop the servers and reboot
> the machine.
>
>
> ..................
>
> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>
> Hello Alvaro,
> I am running in Fedora 27. When I enable Firewalld service in the server
> running openmeeting I cant access, even from the LAN, so I think  it is
> some thing to do with fire wall, I have not checked opening up the ports
> mentioned in the document you have sent on the local server . I shall do
> that today, and update you, to confirm if that is the issue with NAT or
> port blocking.
> Regards,
> Partha
>
> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>
> Partha and Julian, is neccesary to open that ports in the firewall and
> the router (both).
>
> Try without firewall to test (open ports in router).
>
> Are you in Ubuntu or Centos?
>
>
> ..............
>
>
> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>
> Dear Alvaro,
>
> I have opened up all the port mentioned in the document but I keep getting
> the error, stating failed to connect to media server.
> Does it need to do any other conficonfiguration.
>
> Regards,
> Partha
>
> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>
> ...that is for Ubuntu 18.04.
>
> And this is for Centos 7-8:
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
>
> ...................
>
>
> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>
> ...take a look:
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
> ................
>
>
> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>
> Hello,
> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
> video.
> I have Openmeeting server  behind a Linux firewall with NAT and opened up
> 5443 & 8888 ports. I can not see or hear the meeting participants nor he
> can see me or hear.
> The setup test, I can see my own voice and video.
> Here is my nat table
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>
> public
>   target: default
>   icmp-block-inversion: no
>   interfaces:
>   sources:
>   services: mdns dhcpv6-client
>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>   protocols:
>   masquerade: no
>   forward-ports:
>   source-ports:
>   icmp-blocks:
>   rich rules:
>
> Could you please help me
>
> Regards,
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>
>
>
>

-- 
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."

Re: NAT Issue

[Alvaro <zu...@gmail.com>]

...Partha, please open in firewalld the ports:

# service firewalld start
# sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
# sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
# sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
# sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
# sudo firewall-cmd --zone=public --add-port=49152-65535/udp --
permanent
# service firewalld restart
...and to see they are open:
# firewall-cmd --list-all
...and after this would be good stop the servers and rebootthe machine.

..................
El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
> Hello Alvaro,I am running in Fedora 27. When I enable Firewalld
> service in the server running openmeeting I cant access, even from
> the LAN, so I think  it is some thing to do with fire wall, I have
> not checked opening up the ports mentioned in the document you have
> sent on the local server . I shall do that today, and update you, to
> confirm if that is the issue with NAT or port blocking. 
> Regards,
> Partha
> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
> > Partha and Julian, is neccesary to open that ports in the firewall
> > andthe router (both).
> > Try without firewall to test (open ports in router).
> > Are you in Ubuntu or Centos?
> > 
> > ..............
> > 
> > El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
> > > Dear Alvaro,
> > > I have opened up all the port mentioned in the document but I
> > > keep getting the error, stating failed to connect to media
> > > server. 
> > > Does it need to do any other conficonfiguration. 
> > > 
> > > Regards,
> > > Partha
> > > On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
> > > > ...that is for Ubuntu 18.04.
> > > > And this is for Centos 7-8:
> > > > https://cwiki.apache.org/confluence/download/attachments/278382
> > > > 16/Centos%207-
> > > > 8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20Op
> > > > enMeetings%205.0.0-M3.pdf
> > > > 
> > > > 
> > > > ...................
> > > > 
> > > > El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
> > > > > ...take a look:
> > > > > https://cwiki.apache.org/confluence/download/attachments/2783
> > > > > 8216/Installation%20SSL%20certificates%20and%20Coturn%20for%2
> > > > > 0OpenMeetings%205.0.0-M3.pdf
> > > > > 
> > > > > ................
> > > > > 
> > > > > El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
> > > > > > Hello,
> > > > > > I have installed OpenMeetings 5.0.0-M3. It is working in
> > > > > > LAN both audio & video.
> > > > > > I have Openmeeting server   behind a Linux firewall with
> > > > > > NAT and opened up 5443 & 8888 ports. I can not see or hear
> > > > > > the meeting participants nor he can see me or hear.
> > > > > > The setup test, I can see my own voice and video.
> > > > > > Here is my nat table 
> > > > > > rule family="ipv4" destination address="112.73.210.134"
> > > > > > forward-port port="5443" protocol="tcp" to-port="5443" to-
> > > > > > addr="192.168.110.16"
> > > > > > 	rule family="ipv4" destination address="112.73.210.134"
> > > > > > forward-port port="8888" protocol="tcp" to-port="8888" to-
> > > > > > addr="192.168.110.16"
> > > > > > 
> > > > > > public
> > > > > >   target: default
> > > > > >   icmp-block-inversion: no
> > > > > >   interfaces: 
> > > > > >   sources: 
> > > > > >   services: mdns dhcpv6-client
> > > > > >   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> > > > > >   protocols: 
> > > > > >   masquerade: no
> > > > > >   forward-ports: 
> > > > > >   source-ports: 
> > > > > >   icmp-blocks: 
> > > > > >   rich rules: 
> > > > > > 
> > > > > > Could you please help me
> > > > > > 
> > > > > > Regards,
> > > > > > -- 
> > > > > > 
> > > > > > Partha 
> > > > > > M +91-8825608651
> > > > > > Sent from mobile device
> > > > > > "If you worried about falling off the bike, you’d never..."
> > > > > > 

Re: NAT Issue

[Partha Datta <da...@gmail.com>]

Hello Alvaro,
I am running in Fedora 27. When I enable Firewalld service in the server
running openmeeting I cant access, even from the LAN, so I think  it is
some thing to do with fire wall, I have not checked opening up the ports
mentioned in the document you have sent on the local server . I shall do
that today, and update you, to confirm if that is the issue with NAT or
port blocking.
Regards,
Partha

On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:

> Partha and Julian, is neccesary to open that ports in the firewall and
> the router (both).
>
> Try without firewall to test (open ports in router).
>
> Are you in Ubuntu or Centos?
>
>
> ..............
>
>
> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>
> Dear Alvaro,
>
> I have opened up all the port mentioned in the document but I keep getting
> the error, stating failed to connect to media server.
> Does it need to do any other conficonfiguration.
>
> Regards,
> Partha
>
> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>
> ...that is for Ubuntu 18.04.
>
> And this is for Centos 7-8:
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
>
> ...................
>
>
> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>
> ...take a look:
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
> ................
>
>
> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>
> Hello,
> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
> video.
> I have Openmeeting server  behind a Linux firewall with NAT and opened up
> 5443 & 8888 ports. I can not see or hear the meeting participants nor he
> can see me or hear.
> The setup test, I can see my own voice and video.
> Here is my nat table
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>
> public
>   target: default
>   icmp-block-inversion: no
>   interfaces:
>   sources:
>   services: mdns dhcpv6-client
>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>   protocols:
>   masquerade: no
>   forward-ports:
>   source-ports:
>   icmp-blocks:
>   rich rules:
>
> Could you please help me
>
> Regards,
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>
>
>

Re: NAT Issue

[Alvaro <zu...@gmail.com>]

Partha and Julian, is neccesary to open that ports in the firewall
andthe router (both).
Try without firewall to test (open ports in router).
Are you in Ubuntu or Centos?

..............

El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
> Dear Alvaro,
> I have opened up all the port mentioned in the document but I keep
> getting the error, stating failed to connect to media server. 
> Does it need to do any other conficonfiguration. 
> 
> Regards,
> Partha
> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
> > ...that is for Ubuntu 18.04.
> > And this is for Centos 7-8:
> > https://cwiki.apache.org/confluence/download/attachments/27838216/C
> > entos%207-
> > 8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMe
> > etings%205.0.0-M3.pdf
> > 
> > 
> > ...................
> > 
> > El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
> > > ...take a look:
> > > https://cwiki.apache.org/confluence/download/attachments/27838216
> > > /Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMee
> > > tings%205.0.0-M3.pdf
> > > 
> > > ................
> > > 
> > > El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
> > > > Hello,
> > > > I have installed OpenMeetings 5.0.0-M3. It is working in LAN
> > > > both audio & video.
> > > > I have Openmeeting server   behind a Linux firewall with NAT
> > > > and opened up 5443 & 8888 ports. I can not see or hear the
> > > > meeting participants nor he can see me or hear.
> > > > The setup test, I can see my own voice and video.
> > > > Here is my nat table 
> > > > rule family="ipv4" destination address="112.73.210.134"
> > > > forward-port port="5443" protocol="tcp" to-port="5443" to-
> > > > addr="192.168.110.16"
> > > > 	rule family="ipv4" destination address="112.73.210.134"
> > > > forward-port port="8888" protocol="tcp" to-port="8888" to-
> > > > addr="192.168.110.16"
> > > > 
> > > > public
> > > >   target: default
> > > >   icmp-block-inversion: no
> > > >   interfaces: 
> > > >   sources: 
> > > >   services: mdns dhcpv6-client
> > > >   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> > > >   protocols: 
> > > >   masquerade: no
> > > >   forward-ports: 
> > > >   source-ports: 
> > > >   icmp-blocks: 
> > > >   rich rules: 
> > > > 
> > > > Could you please help me
> > > > 
> > > > Regards,
> > > > -- 
> > > > 
> > > > Partha 
> > > > M +91-8825608651
> > > > Sent from mobile device
> > > > "If you worried about falling off the bike, you’d never..."
> > > > 

Re: NAT Issue

[Julian Weiß <ju...@ch-weiss.de>]

So am i. I can report the same Problem. Andy Ideas. Hey Partha do you have any Errorlogs from coturn.

... von unterwegs gesendet... daher etwas kurz in der Formulierung!...
________________________________
Von: Partha Datta <da...@gmail.com>
Gesendet: Sunday, April 26, 2020 8:22:14 PM
An: user@openmeetings.apache.org <us...@openmeetings.apache.org>
Betreff: Re: NAT Issue

Dear Alvaro,

I have opened up all the port mentioned in the document but I keep getting the error, stating failed to connect to media server.
Does it need to do any other conficonfiguration.

Regards,
Partha

On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com>> wrote:
...that is for Ubuntu 18.04.

And this is for Centos 7-8:

https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf<https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>



...................


El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
...take a look:

https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf<https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>


................


El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
Hello,
I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio & video.
I have Openmeeting server  behind a Linux firewall with NAT and opened up 5443 & 8888 ports. I can not see or hear the meeting participants nor he can see me or hear.
The setup test, I can see my own voice and video.
Here is my nat table
rule family="ipv4" destination address="112.73.210.134" forward-port port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"

public
  target: default
  icmp-block-inversion: no
  interfaces:
  sources:
  services: mdns dhcpv6-client
  ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
  protocols:
  masquerade: no
  forward-ports:
  source-ports:
  icmp-blocks:
  rich rules:

Could you please help me

Regards,
--
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."

Re: NAT Issue

[Partha Datta <da...@gmail.com>]

Dear Alvaro,

I have opened up all the port mentioned in the document but I keep getting
the error, stating failed to connect to media server.
Does it need to do any other conficonfiguration.

Regards,
Partha

On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:

> ...that is for Ubuntu 18.04.
>
> And this is for Centos 7-8:
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
>
> ...................
>
>
> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>
> ...take a look:
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
> ................
>
>
> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>
> Hello,
> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
> video.
> I have Openmeeting server  behind a Linux firewall with NAT and opened up
> 5443 & 8888 ports. I can not see or hear the meeting participants nor he
> can see me or hear.
> The setup test, I can see my own voice and video.
> Here is my nat table
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>
> public
>   target: default
>   icmp-block-inversion: no
>   interfaces:
>   sources:
>   services: mdns dhcpv6-client
>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>   protocols:
>   masquerade: no
>   forward-ports:
>   source-ports:
>   icmp-blocks:
>   rich rules:
>
> Could you please help me
>
> Regards,
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>
>

Re: NAT Issue

[Alvaro <zu...@gmail.com>]

...that is for Ubuntu 18.04.
And this is for Centos 7-8:
https://cwiki.apache.org/confluence/download/attachments/27838216/Cento
s%207-
8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetin
gs%205.0.0-M3.pdf


...................

El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
> ...take a look:
> https://cwiki.apache.org/confluence/download/attachments/27838216/Ins
> tallation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%20
> 5.0.0-M3.pdf
> 
> ................
> 
> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
> > Hello,
> > I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
> > audio & video.
> > I have Openmeeting server   behind a Linux firewall with NAT and
> > opened up 5443 & 8888 ports. I can not see or hear the meeting
> > participants nor he can see me or hear.
> > The setup test, I can see my own voice and video.
> > Here is my nat table 
> > rule family="ipv4" destination address="112.73.210.134" forward-
> > port port="5443" protocol="tcp" to-port="5443" to-
> > addr="192.168.110.16"
> > 	rule family="ipv4" destination address="112.73.210.134"
> > forward-port port="8888" protocol="tcp" to-port="8888" to-
> > addr="192.168.110.16"
> > 
> > public
> >   target: default
> >   icmp-block-inversion: no
> >   interfaces: 
> >   sources: 
> >   services: mdns dhcpv6-client
> >   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> >   protocols: 
> >   masquerade: no
> >   forward-ports: 
> >   source-ports: 
> >   icmp-blocks: 
> >   rich rules: 
> > 
> > Could you please help me
> > 
> > Regards,
> > -- 
> > 
> > Partha 
> > M +91-8825608651
> > Sent from mobile device
> > "If you worried about falling off the bike, you’d never..."
> > 

Re: NAT Issue

[Alvaro <zu...@gmail.com>]

...take a look:
https://cwiki.apache.org/confluence/download/attachments/27838216/Insta
llation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.
0-M3.pdf

................

El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
> Hello,
> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
> audio & video.
> I have Openmeeting server   behind a Linux firewall with NAT and
> opened up 5443 & 8888 ports. I can not see or hear the meeting
> participants nor he can see me or hear.
> The setup test, I can see my own voice and video.
> Here is my nat table 
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> 	rule family="ipv4" destination address="112.73.210.134"
> forward-port port="8888" protocol="tcp" to-port="8888" to-
> addr="192.168.110.16"
> 
> public
>   target: default
>   icmp-block-inversion: no
>   interfaces: 
>   sources: 
>   services: mdns dhcpv6-client
>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>   protocols: 
>   masquerade: no
>   forward-ports: 
>   source-ports: 
>   icmp-blocks: 
>   rich rules: 
> 
> Could you please help me
> 
> Regards,
> -- 
> 
> Partha 
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
> 

Re: NAT Issue

[ratatouille <ra...@bitclusive.de>]

Julian Weiß <ju...@ch-weiss.de> schrieb am 27.04.20 um 11:29:23 Uhr:

> I’m using UBUNTU 18LTS

You are not very familiar with Linuxsystems, are you?

> Yes I edited the application Context xml file
> 
> Any Ideas how to get the turnserver running is it a problem that only sudo can see that it is working. As long as I type in turnserver I just get the information of a binding problem.
> 
> Any Ideas might it be a right conflicti

This is because there is an instance of the turnserver already running.
Why don't you execute a netstat -pantu |grep turn in a terminal to
see if it is running?

Where is the problem to start the turnserver via systemctl start turnserver
or what ever turnserver you are running?

If you don't provide details of what you are doing nobody can help you.

  Andreas

Re: NAT Issue

[Julian Weiß <ju...@ch-weiss.de>]

Hey Partha,

I’m using UBUNTU 18LTS

Yes I edited the application Context xml file

Any Ideas how to get the turnserver running is it a problem that only sudo can see that it is working. As long as I type in turnserver I just get the information of a binding problem.

Any Ideas might it be a right conflicti

 

Von: Partha Datta <da...@gmail.com>
Antworten an: "user@openmeetings.apache.org" <us...@openmeetings.apache.org>
Datum: Montag, 27. April 2020 um 07:05
An: "user@openmeetings.apache.org" <us...@openmeetings.apache.org>
Betreff: Re: NAT Issue

 

Hello Julian,

Which OS are you  running? Have you edited .../WEB-INF/classes/applicationContext.xml file?

Regards,

Partha

 

On Mon, Apr 27, 2020 at 2:08 AM Julian Weiß <ju...@ch-weiss.de> wrote:

Hello,
I'M using a NAT-Router but all ports are open. Openmeetings is already reachable with https.

Am 26.04.20, 22:35 schrieb "ratatouille" <ra...@bitclusive.de>:

    Hello!

    Julian Weiß <ju...@ch-weiss.de> schrieb am 26.04.20 um 20:22:27 Uhr:

    > Hey there thanks for your reply. Tried it but no results Audio and video is still missing.
    > The turnserver is working but only under sudo rights --- is that OK?

    netstat -pantu |grep turn

    What kind of firewall are you using and how does your network-structure look like?

    > And I found the log..
    > WARNING: cannot find certificate file: turn_server_cert.pem (1)
    > 0: WARNING: cannot start TLS and DTLS listeners because certificate file is not set properly
    > 0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
    > 0: WARNING: cannot start TLS and DTLS listeners because private key file is not set properly
    > Might it be possible, that this is the reason I can't get any audio or video.

    No, as far as I understand openmeetings uses a selfsigned certificate if you didn't configure
    it to use yours. Is openmeetings reachable with https?

    > I've tried letsencrypt but there themes to be a broken package so that I can't create a ssl certificate  any other ideas how to create certs?
    > Thanks a lot for all your great help you all doing such a great job
    > 
    > Am 26.04.20, 21:25 schrieb "ratatouille" <ra...@bitclusive.de>:
    > 
    >     Hello!
    > 
    >     Partha Datta <da...@gmail.com> schrieb am 24.04.20 um 00:34:14 Uhr:
    > 
    >     > I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
    >     > video.
    >     > I have Openmeeting server  behind a Linux firewall with NAT and opened up
    >     > 5443 & 8888 ports. I can not see or hear the meeting participants nor he
    >     > can see me or hear.  
    > 
    >     Is this firewall running on the same host like openmeetings? Is this firewalld?
    >     What does iptables -nL say on the firewall host?
    > 
    >     > The setup test, I can see my own voice and video.
    >     > Here is my nat table
    >     > rule family="ipv4" destination address="112.73.210.134" forward-port
    >     > port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
    >     > rule family="ipv4" destination address="112.73.210.134" forward-port
    >     > port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
    >     > 
    >     > public
    >     >   target: default
    >     >   icmp-block-inversion: no
    >     >   interfaces:
    >     >   sources:
    >     >   services: mdns dhcpv6-client
    >     >   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
    >     >   protocols:
    >     >   masquerade: no
    >     >   forward-ports:
    >     >   source-ports:
    >     >   icmp-blocks:
    >     >   rich rules:  
    > 
    >       Andreas



-- 

Partha 
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."

Re: NAT Issue

[Partha Datta <da...@gmail.com>]

Hello Julian,
Which OS are you  running? Have you edited
.../WEB-INF/classes/applicationContext.xml file?
Regards,
Partha

On Mon, Apr 27, 2020 at 2:08 AM Julian Weiß <ju...@ch-weiss.de> wrote:

> Hello,
> I'M using a NAT-Router but all ports are open. Openmeetings is already
> reachable with https.
>
> Am 26.04.20, 22:35 schrieb "ratatouille" <ra...@bitclusive.de>:
>
>     Hello!
>
>     Julian Weiß <ju...@ch-weiss.de> schrieb am 26.04.20 um 20:22:27 Uhr:
>
>     > Hey there thanks for your reply. Tried it but no results Audio and
> video is still missing.
>     > The turnserver is working but only under sudo rights --- is that OK?
>
>     netstat -pantu |grep turn
>
>     What kind of firewall are you using and how does your
> network-structure look like?
>
>     > And I found the log..
>     > WARNING: cannot find certificate file: turn_server_cert.pem (1)
>     > 0: WARNING: cannot start TLS and DTLS listeners because certificate
> file is not set properly
>     > 0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
>     > 0: WARNING: cannot start TLS and DTLS listeners because private key
> file is not set properly
>     > Might it be possible, that this is the reason I can't get any audio
> or video.
>
>     No, as far as I understand openmeetings uses a selfsigned certificate
> if you didn't configure
>     it to use yours. Is openmeetings reachable with https?
>
>     > I've tried letsencrypt but there themes to be a broken package so
> that I can't create a ssl certificate  any other ideas how to create certs?
>     > Thanks a lot for all your great help you all doing such a great job
>     >
>     > Am 26.04.20, 21:25 schrieb "ratatouille" <ratatouille@bitclusive.de
> >:
>     >
>     >     Hello!
>     >
>     >     Partha Datta <da...@gmail.com> schrieb am 24.04.20 um
> 00:34:14 Uhr:
>     >
>     >     > I have installed OpenMeetings 5.0.0-M3. It is working in LAN
> both audio &
>     >     > video.
>     >     > I have Openmeeting server  behind a Linux firewall with NAT
> and opened up
>     >     > 5443 & 8888 ports. I can not see or hear the meeting
> participants nor he
>     >     > can see me or hear.
>     >
>     >     Is this firewall running on the same host like openmeetings? Is
> this firewalld?
>     >     What does iptables -nL say on the firewall host?
>     >
>     >     > The setup test, I can see my own voice and video.
>     >     > Here is my nat table
>     >     > rule family="ipv4" destination address="112.73.210.134"
> forward-port
>     >     > port="5443" protocol="tcp" to-port="5443"
> to-addr="192.168.110.16"
>     >     > rule family="ipv4" destination address="112.73.210.134"
> forward-port
>     >     > port="8888" protocol="tcp" to-port="8888"
> to-addr="192.168.110.16"
>     >     >
>     >     > public
>     >     >   target: default
>     >     >   icmp-block-inversion: no
>     >     >   interfaces:
>     >     >   sources:
>     >     >   services: mdns dhcpv6-client
>     >     >   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>     >     >   protocols:
>     >     >   masquerade: no
>     >     >   forward-ports:
>     >     >   source-ports:
>     >     >   icmp-blocks:
>     >     >   rich rules:
>     >
>     >       Andreas
>
>

-- 
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."

Re: NAT Issue

[ratatouille <ra...@bitclusive.de>]

Now what does this commands say?

netstat -pantu |grep turn
netstat -pantu |grep 8888

  Andreas

Julian Weiß <ju...@ch-weiss.de> schrieb am 26.04.20 um 20:38:25 Uhr:

> Hello,
> I'M using a NAT-Router but all ports are open. Openmeetings is already reachable with https.
> 
> Am 26.04.20, 22:35 schrieb "ratatouille" <ra...@bitclusive.de>:
> 
>     Hello!
> 
>     Julian Weiß <ju...@ch-weiss.de> schrieb am 26.04.20 um 20:22:27 Uhr:
> 
>     > Hey there thanks for your reply. Tried it but no results Audio and video is still missing.
>     > The turnserver is working but only under sudo rights --- is that OK?  
> 
>     netstat -pantu |grep turn
> 
>     What kind of firewall are you using and how does your network-structure look like?
> 
>     > And I found the log..
>     > WARNING: cannot find certificate file: turn_server_cert.pem (1)
>     > 0: WARNING: cannot start TLS and DTLS listeners because certificate file is not set properly
>     > 0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
>     > 0: WARNING: cannot start TLS and DTLS listeners because private key file is not set properly
>     > Might it be possible, that this is the reason I can't get any audio or video.  
> 
>     No, as far as I understand openmeetings uses a selfsigned certificate if you didn't configure
>     it to use yours. Is openmeetings reachable with https?
> 
>     > I've tried letsencrypt but there themes to be a broken package so that I can't create a ssl certificate  any other ideas how to create certs?
>     > Thanks a lot for all your great help you all doing such a great job
>     > 
>     > Am 26.04.20, 21:25 schrieb "ratatouille" <ra...@bitclusive.de>:
>     > 
>     >     Hello!
>     > 
>     >     Partha Datta <da...@gmail.com> schrieb am 24.04.20 um 00:34:14 Uhr:
>     >   
>     >     > I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
>     >     > video.
>     >     > I have Openmeeting server  behind a Linux firewall with NAT and opened up
>     >     > 5443 & 8888 ports. I can not see or hear the meeting participants nor he
>     >     > can see me or hear.    
>     > 
>     >     Is this firewall running on the same host like openmeetings? Is this firewalld?
>     >     What does iptables -nL say on the firewall host?
>     >   
>     >     > The setup test, I can see my own voice and video.
>     >     > Here is my nat table
>     >     > rule family="ipv4" destination address="112.73.210.134" forward-port
>     >     > port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>     >     > rule family="ipv4" destination address="112.73.210.134" forward-port
>     >     > port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>     >     > 
>     >     > public
>     >     >   target: default
>     >     >   icmp-block-inversion: no
>     >     >   interfaces:
>     >     >   sources:
>     >     >   services: mdns dhcpv6-client
>     >     >   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>     >     >   protocols:
>     >     >   masquerade: no
>     >     >   forward-ports:
>     >     >   source-ports:
>     >     >   icmp-blocks:
>     >     >   rich rules:    
>     > 
>     >       Andreas  
> 

Re: NAT Issue

[Julian Weiß <ju...@ch-weiss.de>]

Hello,
I'M using a NAT-Router but all ports are open. Openmeetings is already reachable with https.

Am 26.04.20, 22:35 schrieb "ratatouille" <ra...@bitclusive.de>:

    Hello!

    Julian Weiß <ju...@ch-weiss.de> schrieb am 26.04.20 um 20:22:27 Uhr:

    > Hey there thanks for your reply. Tried it but no results Audio and video is still missing.
    > The turnserver is working but only under sudo rights --- is that OK?

    netstat -pantu |grep turn

    What kind of firewall are you using and how does your network-structure look like?

    > And I found the log..
    > WARNING: cannot find certificate file: turn_server_cert.pem (1)
    > 0: WARNING: cannot start TLS and DTLS listeners because certificate file is not set properly
    > 0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
    > 0: WARNING: cannot start TLS and DTLS listeners because private key file is not set properly
    > Might it be possible, that this is the reason I can't get any audio or video.

    No, as far as I understand openmeetings uses a selfsigned certificate if you didn't configure
    it to use yours. Is openmeetings reachable with https?

    > I've tried letsencrypt but there themes to be a broken package so that I can't create a ssl certificate  any other ideas how to create certs?
    > Thanks a lot for all your great help you all doing such a great job
    > 
    > Am 26.04.20, 21:25 schrieb "ratatouille" <ra...@bitclusive.de>:
    > 
    >     Hello!
    > 
    >     Partha Datta <da...@gmail.com> schrieb am 24.04.20 um 00:34:14 Uhr:
    > 
    >     > I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
    >     > video.
    >     > I have Openmeeting server  behind a Linux firewall with NAT and opened up
    >     > 5443 & 8888 ports. I can not see or hear the meeting participants nor he
    >     > can see me or hear.  
    > 
    >     Is this firewall running on the same host like openmeetings? Is this firewalld?
    >     What does iptables -nL say on the firewall host?
    > 
    >     > The setup test, I can see my own voice and video.
    >     > Here is my nat table
    >     > rule family="ipv4" destination address="112.73.210.134" forward-port
    >     > port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
    >     > rule family="ipv4" destination address="112.73.210.134" forward-port
    >     > port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
    >     > 
    >     > public
    >     >   target: default
    >     >   icmp-block-inversion: no
    >     >   interfaces:
    >     >   sources:
    >     >   services: mdns dhcpv6-client
    >     >   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
    >     >   protocols:
    >     >   masquerade: no
    >     >   forward-ports:
    >     >   source-ports:
    >     >   icmp-blocks:
    >     >   rich rules:  
    > 
    >       Andreas

Re: NAT Issue

[ratatouille <ra...@bitclusive.de>]

Hello!

Julian Weiß <ju...@ch-weiss.de> schrieb am 26.04.20 um 20:22:27 Uhr:

> Hey there thanks for your reply. Tried it but no results Audio and video is still missing.
> The turnserver is working but only under sudo rights --- is that OK?

netstat -pantu |grep turn

What kind of firewall are you using and how does your network-structure look like?

> And I found the log..
> WARNING: cannot find certificate file: turn_server_cert.pem (1)
> 0: WARNING: cannot start TLS and DTLS listeners because certificate file is not set properly
> 0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
> 0: WARNING: cannot start TLS and DTLS listeners because private key file is not set properly
> Might it be possible, that this is the reason I can't get any audio or video.

No, as far as I understand openmeetings uses a selfsigned certificate if you didn't configure
it to use yours. Is openmeetings reachable with https?

> I've tried letsencrypt but there themes to be a broken package so that I can't create a ssl certificate  any other ideas how to create certs?
> Thanks a lot for all your great help you all doing such a great job
> 
> Am 26.04.20, 21:25 schrieb "ratatouille" <ra...@bitclusive.de>:
> 
>     Hello!
> 
>     Partha Datta <da...@gmail.com> schrieb am 24.04.20 um 00:34:14 Uhr:
> 
>     > I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
>     > video.
>     > I have Openmeeting server  behind a Linux firewall with NAT and opened up
>     > 5443 & 8888 ports. I can not see or hear the meeting participants nor he
>     > can see me or hear.  
> 
>     Is this firewall running on the same host like openmeetings? Is this firewalld?
>     What does iptables -nL say on the firewall host?
> 
>     > The setup test, I can see my own voice and video.
>     > Here is my nat table
>     > rule family="ipv4" destination address="112.73.210.134" forward-port
>     > port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>     > rule family="ipv4" destination address="112.73.210.134" forward-port
>     > port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>     > 
>     > public
>     >   target: default
>     >   icmp-block-inversion: no
>     >   interfaces:
>     >   sources:
>     >   services: mdns dhcpv6-client
>     >   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>     >   protocols:
>     >   masquerade: no
>     >   forward-ports:
>     >   source-ports:
>     >   icmp-blocks:
>     >   rich rules:  
> 
>       Andreas

Re: NAT Issue

[Julian Weiß <ju...@ch-weiss.de>]

Hey there thanks for your reply. Tried it but no results Audio and video is still missing.
The turnserver is working but only under sudo rights --- is that OK?
And I found the log..
WARNING: cannot find certificate file: turn_server_cert.pem (1)
0: WARNING: cannot start TLS and DTLS listeners because certificate file is not set properly
0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
0: WARNING: cannot start TLS and DTLS listeners because private key file is not set properly
Might it be possible, that this is the reason I can't get any audio or video.
I've tried letsencrypt but there themes to be a broken package so that I can't create a ssl certificate  any other ideas how to create certs?
Thanks a lot for all your great help you all doing such a great job

Am 26.04.20, 21:25 schrieb "ratatouille" <ra...@bitclusive.de>:

    Hello!

    Partha Datta <da...@gmail.com> schrieb am 24.04.20 um 00:34:14 Uhr:

    > I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
    > video.
    > I have Openmeeting server  behind a Linux firewall with NAT and opened up
    > 5443 & 8888 ports. I can not see or hear the meeting participants nor he
    > can see me or hear.

    Is this firewall running on the same host like openmeetings? Is this firewalld?
    What does iptables -nL say on the firewall host?

    > The setup test, I can see my own voice and video.
    > Here is my nat table
    > rule family="ipv4" destination address="112.73.210.134" forward-port
    > port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
    > rule family="ipv4" destination address="112.73.210.134" forward-port
    > port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
    > 
    > public
    >   target: default
    >   icmp-block-inversion: no
    >   interfaces:
    >   sources:
    >   services: mdns dhcpv6-client
    >   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
    >   protocols:
    >   masquerade: no
    >   forward-ports:
    >   source-ports:
    >   icmp-blocks:
    >   rich rules:

      Andreas

Re: NAT Issue

[ratatouille <ra...@bitclusive.de>]

Hello!

Partha Datta <da...@gmail.com> schrieb am 24.04.20 um 00:34:14 Uhr:

> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
> video.
> I have Openmeeting server  behind a Linux firewall with NAT and opened up
> 5443 & 8888 ports. I can not see or hear the meeting participants nor he
> can see me or hear.

Is this firewall running on the same host like openmeetings? Is this firewalld?
What does iptables -nL say on the firewall host?

> The setup test, I can see my own voice and video.
> Here is my nat table
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
> 
> public
>   target: default
>   icmp-block-inversion: no
>   interfaces:
>   sources:
>   services: mdns dhcpv6-client
>   ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>   protocols:
>   masquerade: no
>   forward-ports:
>   source-ports:
>   icmp-blocks:
>   rich rules:

  Andreas