You are viewing a plain text version of this content. The canonical link for it is here.
Posted to user@openmeetings.apache.org by Partha Datta <da...@gmail.com> on 2020/04/23 19:04:14 UTC
NAT Issue
Hello,
I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
video.
I have Openmeeting server behind a Linux firewall with NAT and opened up
5443 & 8888 ports. I can not see or hear the meeting participants nor he
can see me or hear.
The setup test, I can see my own voice and video.
Here is my nat table
rule family="ipv4" destination address="112.73.210.134" forward-port
port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port
port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
public
target: default
icmp-block-inversion: no
interfaces:
sources:
services: mdns dhcpv6-client
ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Could you please help me
Regards,
--
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."
Re: NAT Issue
Posted by Partha Datta <da...@gmail.com>.
Hello Maxim,
[root@doc ~]# netstat -npl|grep 8888
tcp6 0 0 :::8888 :::* LISTEN
13844/docker-proxy
I have not installed TURN server, as I dont find one in the RPM repository
of FC27. Could you confirm if I could install the TURN in 192.168.1.11
server of my network diagram? The server has Public IP
Regards,
Partha
On Mon, May 4, 2020 at 10:14 PM Maxim Solodovnik <so...@gmail.com>
wrote:
> Please check `netstat -npl|grep 8888`
> When you are starting dockerized KMS for ex. `docker run -v
> /home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
> -p 8888:8888 kurento/kurento-media-server`
> You make it available at `localhost:8888` due to forwarding
>
> to make everything workable behind NAT you need to ensure TURN is
> available outside the NAT
>
> On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com> wrote:
>
>> Hello Maxim,
>> Sorry, if I am not able to explain you properly, so attaching you a
>> network diagram of my setup. I have referred installation on Fedora 30, it
>> doesn't talk about TURN installation, however I am installing on Fedora 27,
>> every thing works good in LAN & VPN but I can not access from PUBLIC
>> network. Hope I am clear now. Moreover the docker IP is not static. Do the
>> docker IP has to be in different Subnet? I am also attaching you the NAT
>> table where OM, Docker & KMS is running.
>> [image: image.png]
>> netstat -ntp
>> [image: image.png]
>>
>>
>>
>>
>> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
>> wrote:
>>
>>> Hello Partha,
>>>
>>> this is something i don't understand :(
>>> I would expect KMS is accessible on the same IP
>>>
>>> Anyway you have to ensure correct KMS address is specified in OM config
>>> (and it is accessible to OM)
>>> and also accessible to TURN
>>>
>>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com> wrote:
>>>
>>>> Hello Maxim,
>>>> My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1, I
>>>> have not assigned any IP address to it. Do I need to change it to same
>>>> subnet or bind with the same IP address? If so can you tell me how to do
>>>> that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>>> Regards,
>>>> Partha
>>>>
>>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <so...@gmail.com>
>>>> wrote:
>>>>
>>>>> Finally I get to this thread :)
>>>>>
>>>>> I would suggest to check which network interfaces do you have
>>>>> And ensure OM, KMS and coturn are available at external network
>>>>> interface
>>>>>
>>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>>>>
>>>>>> Same at my side. It works as long as I’am in the lan (VPN is also in
>>>>>> the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>>>
>>>>>>
>>>>>>
>>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>>> user@openmeetings.apache.org>
>>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>>>>>> *Betreff: *Re: NAT Issue
>>>>>>
>>>>>>
>>>>>>
>>>>>> Hi Alvaro,
>>>>>>
>>>>>> No luck.. Here is my firewall configuration. But very strange.. it
>>>>>> works great when I get connected with VPN client
>>>>>>
>>>>>>
>>>>>>
>>>>>> FedoraServer (active)
>>>>>> target: default
>>>>>> icmp-block-inversion: no
>>>>>> interfaces: enp5s10
>>>>>> sources:
>>>>>> services: ssh
>>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>>> protocols:
>>>>>> masquerade: yes
>>>>>> forward-ports:
>>>>>> source-ports:
>>>>>> icmp-blocks:
>>>>>> rich rules:
>>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>>> FedoraServer (active)
>>>>>> target: default
>>>>>> icmp-block-inversion: no
>>>>>> interfaces: enp5s10
>>>>>> sources:
>>>>>> services: ssh
>>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>>> protocols:
>>>>>> masquerade: yes
>>>>>> forward-ports:
>>>>>> source-ports:
>>>>>> icmp-blocks:
>>>>>> rich rules:
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>>> to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>>>>>>
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Partha
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...Partha, please open in firewalld the ports:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> # service firewalld start
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>>> --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # service firewalld restart
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...and to see they are open:
>>>>>>
>>>>>>
>>>>>>
>>>>>> # firewall-cmd --list-all
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...and after this would be good stop the servers and reboot
>>>>>>
>>>>>> the machine.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ..................
>>>>>>
>>>>>>
>>>>>>
>>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>>
>>>>>> Hello Alvaro,
>>>>>>
>>>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>>>> server running openmeeting I cant access, even from the LAN, so I think it
>>>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>>>> mentioned in the document you have sent on the local server . I shall do
>>>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>>>> port blocking.
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Partha
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>>
>>>>>> Partha and Julian, is neccesary to open that ports in the firewall and
>>>>>>
>>>>>> the router (both).
>>>>>>
>>>>>>
>>>>>>
>>>>>> Try without firewall to test (open ports in router).
>>>>>>
>>>>>>
>>>>>>
>>>>>> Are you in Ubuntu or Centos?
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ..............
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>>
>>>>>> Dear Alvaro,
>>>>>>
>>>>>>
>>>>>>
>>>>>> I have opened up all the port mentioned in the document but I keep
>>>>>> getting the error, stating failed to connect to media server.
>>>>>>
>>>>>> Does it need to do any other conficonfiguration.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Partha
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>>
>>>>>> ...that is for Ubuntu 18.04.
>>>>>>
>>>>>>
>>>>>>
>>>>>> And this is for Centos 7-8:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...................
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>>
>>>>>> ...take a look:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ................
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>>
>>>>>> Hello,
>>>>>>
>>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
>>>>>> audio & video.
>>>>>>
>>>>>> I have Openmeeting server behind a Linux firewall with NAT and
>>>>>> opened up 5443 & 8888 ports. I can not see or hear the meeting participants
>>>>>> nor he can see me or hear.
>>>>>>
>>>>>> The setup test, I can see my own voice and video.
>>>>>>
>>>>>> Here is my nat table
>>>>>>
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>>>
>>>>>>
>>>>>>
>>>>>> public
>>>>>> target: default
>>>>>> icmp-block-inversion: no
>>>>>> interfaces:
>>>>>> sources:
>>>>>> services: mdns dhcpv6-client
>>>>>> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>>> protocols:
>>>>>> masquerade: no
>>>>>> forward-ports:
>>>>>> source-ports:
>>>>>> icmp-blocks:
>>>>>> rich rules:
>>>>>>
>>>>>>
>>>>>>
>>>>>> Could you please help me
>>>>>>
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> --
>>>>>>
>>>>>> Partha
>>>>>> M +91-8825608651
>>>>>> Sent from mobile device
>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> Partha
>>>>>> M +91-8825608651
>>>>>> Sent from mobile device
>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>
>>>>>
>>>>
>>>> --
>>>> Partha
>>>> M +91-8825608651
>>>> Sent from mobile device
>>>> "If you worried about falling off the bike, you’d never..."
>>>>
>>>
>>>
>>> --
>>> Best regards,
>>> Maxim
>>>
>>
>>
>> --
>> Partha
>> M +91-8825608651
>> Sent from mobile device
>> "If you worried about falling off the bike, you’d never..."
>>
>
>
> --
> Best regards,
> Maxim
>
--
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."
Re: NAT Issue
Posted by Maxim Solodovnik <so...@gmail.com>.
Unfortunately I have no experience with `fedora-coturn`
I'm using this one https://github.com/coturn/coturn
On Sun, 24 May 2020 at 02:37, Partha Datta <da...@gmail.com> wrote:
> Hi Maxim,
> I am stilling finding difficulty to install coturn. Here is the link I am
> following https://github.com/mugful/fedora-coturn
> the following command I have used. to install
>
> git clone https://github.com/mugful/fedora-coturn
> cd fedora-coturn
> docker build --force-rm -t mugful/fedora-coturn:master .
> docker run -d \
> --name my_coturn \
> -v /var/lib/coturn/turnserver.conf:/etc/turnserver/turnserver.conf:ro,z \
> -p 3478:3478 -p 5349:5349 \
> quay.io/mugful/fedora-coturn:master
>
> IT has created a bunch of directory in
>
> ls /var/lib/docker/overlay2/
> 018bf42d24bcdf050a5331795f059e0c4cc5140d74dc79240fd19939250a31ee 8b131842741af28c01fbe35b7445d1b4650a3114f2436447bad415ae06f053ec
> 1880ec93b59e55381e705ba8e2f6e810e9523659d244f170796980423f798e8d 8ef7213884b8f76cb216e674ae3a88325d1629e7e7f0c58bb73bbc3d7d6a37be
> 1dced65536ea85e7ba28e274bf65f2aae73b9abd052570990d620e5a07aec236 985a5bf6230b17883d49916754e2c3279d56668c6b784ec9b031989353d6396c
> 22c42c86137d7968b4284dd149bd40d79f6460e493a3df3409c5081946a20648 9b5b1a7de8f4c9917a96972139465711fe753b7b27e05b0beec88c3a171bdd22
> 446f22851a0507377ab6a15b5affa2ca0c58a528248d37d0b6606895ea14a425 9da9200d906eef49908205b1d09ef8bd3922cd533d37171732bef1ad235f0a43
> 614e31291c9e2c947e59d5665cedbe710319b5d74a48288b6be6e2b8a0fcdd78 ae677125288ef8538bd0e5eca6b9df4501f55a2795ed9e61f1f646b96dae31cb
> 63a73d1ebd55700e796bb57d8ae0ea7664add59de1bffe0ce67ce755372e26c0 c82488cc7f78e03c51ba54d01c47f361b36429060eaf41b59397acd1b961a04e
> 7b2c84324b1887aa5307848243da124137fde835eed4a6d2ea6faedc7606f8e9 ccf869146a3a4ba1c2c9d0d88e3e8a169fe4f7d90e4fb5ada1b1222a639fbcb8
> 7b2c84324b1887aa5307848243da124137fde835eed4a6d2ea6faedc7606f8e9-init e6be882a55e88d7dab0fb21c9355a6b83455a62b3bd0a40107e5ab88a4664206
> 7e8012c09056023655deac193dffb497cbc0248409748a31803c3cd346d2ab2f eefef789501bd4cebee7de3417932d6dec17f2451de909d48aeaa7e52a02ac97
> 7e8012c09056023655deac193dffb497cbc0248409748a31803c3cd346d2ab2f-init ff379170f283a69a32e5e3eb6a1b335a7fd969bbc257bad3e678f4a77f058a4b
> 82e2479825ed6e16fc375f1bbdff042f10309c12a758adcf5ace5e1078fdfdd7 ff379170f283a69a32e5e3eb6a1b335a7fd969bbc257bad3e678f4a77f058a4b-init
> 853b24c5d54b6e5bf4818b132ff361aa343fa72b382616059b67681735893740 l
> 87009d6a4182d73c44118fae3f5229ee549a904782f13bf371360a67a2e55998
>
> I dont understand how what I should do next. Could you please help.
>
> Regards,
>
> Partha
>
>
>
>
>
>
> On Tue, May 19, 2020 at 6:59 AM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>> Hello Partha,
>>
>> It seems I missed the question :( (too much emails :((( )
>> TURN server should be able to handle connections for users behind NAT
>> Same time KMS should be fully accessible to it
>>
>> you can set it up on different server, but please ensure it has full
>> access to KMS
>>
>> On Tue, 19 May 2020 at 01:34, Partha Datta <da...@gmail.com> wrote:
>>
>>> Hello Maxim,
>>> I understand, you have been busy. I was waiting to hear back from you.
>>> I managed to get cturn for fedora 25. I have a doubt. Do I need to run
>>> cturn in the firewall server or I can run the cturn on the server I am
>>> running openmeeting? Which is behind the firewall server.
>>>
>>> Could you send me some reference, which will help me to overcome
>>> lockdown situations.
>>>
>>> Regards,
>>> Partha
>>>
>>> On Thu, May 7, 2020 at 6:37 AM Maxim Solodovnik <so...@gmail.com>
>>> wrote:
>>>
>>>> Hello Partha,
>>>>
>>>> sorry for keeping silence, I'm a bit overloaded :(
>>>>
>>>> I have no experience with `reTurnServer`, used only coturn, was sure it
>>>> is available for all distros :(
>>>> You need to make sure
>>>> - TURN is accessible from outside your NTA
>>>> - TURN can communicate with KMS
>>>>
>>>> On Wed, 6 May 2020 at 23:34, Partha Datta <da...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hi
>>>>> As discussed I have installed turn in a different server.
>>>>> [root@demo reTurn]# netstat -npl | grep -i turn
>>>>> tcp 0 0 0.0.0.0:3478 0.0.0.0:*
>>>>> LISTEN 8770/reTurnServer
>>>>> tcp6 0 0 :::3478 :::*
>>>>> LISTEN 8770/reTurnServer
>>>>> udp 0 0 0.0.0.0:3478 0.0.0.0:*
>>>>> 8770/reTurnServer
>>>>> udp6 0 0 :::3478 :::*
>>>>> 8770/reTurnServer
>>>>> I have also edited the file
>>>>> /opt/open503/webapps/openmeetings/WEB-INF/classes/applicationContext.xml
>>>>> <!-- Kurento -->
>>>>> <bean id="kurentoHandler"
>>>>> class="org.apache.openmeetings.core.remote.KurentoHandler"
>>>>> init-method="init" destroy-method="destroy"
>>>>> p:kurentoWsUrl="ws://127.0.0.1:8888/kurento"
>>>>> p:checkTimeout="10000"
>>>>> p:watchThreadCount="10"
>>>>> p:turnUrl="125.85.210.130:3478"
>>>>> p:turnUser="kurento"
>>>>> p:turnSecret="ab5497d0f532dc7c24336ab0e74d5c"
>>>>> p:turnMode="rest"
>>>>> p:turnTtl="60"
>>>>> p:objCheckTimeout="200"
>>>>> />
>>>>> But still I cant access it from outside the LAN, Could you help me..
>>>>> Regards,
>>>>> Partha
>>>>>
>>>>> On Mon, May 4, 2020 at 10:14 PM Maxim Solodovnik <so...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Please check `netstat -npl|grep 8888`
>>>>>> When you are starting dockerized KMS for ex. `docker run -v
>>>>>> /home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
>>>>>> -p 8888:8888 kurento/kurento-media-server`
>>>>>> You make it available at `localhost:8888` due to forwarding
>>>>>>
>>>>>> to make everything workable behind NAT you need to ensure TURN is
>>>>>> available outside the NAT
>>>>>>
>>>>>> On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hello Maxim,
>>>>>>> Sorry, if I am not able to explain you properly, so attaching you a
>>>>>>> network diagram of my setup. I have referred installation on Fedora 30, it
>>>>>>> doesn't talk about TURN installation, however I am installing on Fedora 27,
>>>>>>> every thing works good in LAN & VPN but I can not access from PUBLIC
>>>>>>> network. Hope I am clear now. Moreover the docker IP is not static. Do the
>>>>>>> docker IP has to be in different Subnet? I am also attaching you the NAT
>>>>>>> table where OM, Docker & KMS is running.
>>>>>>> [image: image.png]
>>>>>>> netstat -ntp
>>>>>>> [image: image.png]
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <
>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>
>>>>>>>> Hello Partha,
>>>>>>>>
>>>>>>>> this is something i don't understand :(
>>>>>>>> I would expect KMS is accessible on the same IP
>>>>>>>>
>>>>>>>> Anyway you have to ensure correct KMS address is specified in OM
>>>>>>>> config (and it is accessible to OM)
>>>>>>>> and also accessible to TURN
>>>>>>>>
>>>>>>>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com>
>>>>>>>> wrote:
>>>>>>>>
>>>>>>>>> Hello Maxim,
>>>>>>>>> My server LAN IP is 192.168.1.16 and the docer is running
>>>>>>>>> 172.16.0.1, I have not assigned any IP address to it. Do I need to change
>>>>>>>>> it to same subnet or bind with the same IP address? If so can you tell me
>>>>>>>>> how to do that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>>>>>>>> Regards,
>>>>>>>>> Partha
>>>>>>>>>
>>>>>>>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <
>>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>>
>>>>>>>>>> Finally I get to this thread :)
>>>>>>>>>>
>>>>>>>>>> I would suggest to check which network interfaces do you have
>>>>>>>>>> And ensure OM, KMS and coturn are available at external network
>>>>>>>>>> interface
>>>>>>>>>>
>>>>>>>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>> Same at my side. It works as long as I’am in the lan (VPN is
>>>>>>>>>>> also in the lan) it works. Whe it comes to use the coturn server it doesn’t
>>>>>>>>>>> work.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>>>>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>>>>>>>> user@openmeetings.apache.org>
>>>>>>>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>>>>>>>> *An: *"user@openmeetings.apache.org" <
>>>>>>>>>>> user@openmeetings.apache.org>
>>>>>>>>>>> *Betreff: *Re: NAT Issue
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Hi Alvaro,
>>>>>>>>>>>
>>>>>>>>>>> No luck.. Here is my firewall configuration. But very strange..
>>>>>>>>>>> it works great when I get connected with VPN client
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> FedoraServer (active)
>>>>>>>>>>> target: default
>>>>>>>>>>> icmp-block-inversion: no
>>>>>>>>>>> interfaces: enp5s10
>>>>>>>>>>> sources:
>>>>>>>>>>> services: ssh
>>>>>>>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>>>>> 49152-65535/udp
>>>>>>>>>>> protocols:
>>>>>>>>>>> masquerade: yes
>>>>>>>>>>> forward-ports:
>>>>>>>>>>> source-ports:
>>>>>>>>>>> icmp-blocks:
>>>>>>>>>>> rich rules:
>>>>>>>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>>>>>>>> FedoraServer (active)
>>>>>>>>>>> target: default
>>>>>>>>>>> icmp-block-inversion: no
>>>>>>>>>>> interfaces: enp5s10
>>>>>>>>>>> sources:
>>>>>>>>>>> services: ssh
>>>>>>>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>>>>> 49152-65535/udp
>>>>>>>>>>> protocols:
>>>>>>>>>>> masquerade: yes
>>>>>>>>>>> forward-ports:
>>>>>>>>>>> source-ports:
>>>>>>>>>>> icmp-blocks:
>>>>>>>>>>> rich rules:
>>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>>> forward-port port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>>> forward-port port="3478" protocol="udp" to-port="3478"
>>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>>> forward-port port="3478" protocol="tcp" to-port="3478"
>>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>>
>>>>>>>>>>> Partha
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com>
>>>>>>>>>>> wrote:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ...Partha, please open in firewalld the ports:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # service firewalld start
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>>>>>>>> --permanent
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # service firewalld restart
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ...and to see they are open:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> # firewall-cmd --list-all
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ...and after this would be good stop the servers and reboot
>>>>>>>>>>>
>>>>>>>>>>> the machine.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ..................
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>>>>>>>
>>>>>>>>>>> Hello Alvaro,
>>>>>>>>>>>
>>>>>>>>>>> I am running in Fedora 27. When I enable Firewalld service in
>>>>>>>>>>> the server running openmeeting I cant access, even from the LAN, so I
>>>>>>>>>>> think it is some thing to do with fire wall, I have not checked opening up
>>>>>>>>>>> the ports mentioned in the document you have sent on the local server . I
>>>>>>>>>>> shall do that today, and update you, to confirm if that is the issue with
>>>>>>>>>>> NAT or port blocking.
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>>
>>>>>>>>>>> Partha
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>> Partha and Julian, is neccesary to open that ports in the
>>>>>>>>>>> firewall and
>>>>>>>>>>>
>>>>>>>>>>> the router (both).
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Try without firewall to test (open ports in router).
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Are you in Ubuntu or Centos?
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ..............
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>>>>>>>
>>>>>>>>>>> Dear Alvaro,
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> I have opened up all the port mentioned in the document but I
>>>>>>>>>>> keep getting the error, stating failed to connect to media server.
>>>>>>>>>>>
>>>>>>>>>>> Does it need to do any other conficonfiguration.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>>
>>>>>>>>>>> Partha
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>>>>
>>>>>>>>>>> ...that is for Ubuntu 18.04.
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> And this is for Centos 7-8:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ...................
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>>>>>>>
>>>>>>>>>>> ...take a look:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> ................
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>>>>>>>
>>>>>>>>>>> Hello,
>>>>>>>>>>>
>>>>>>>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN
>>>>>>>>>>> both audio & video.
>>>>>>>>>>>
>>>>>>>>>>> I have Openmeeting server behind a Linux firewall with NAT and
>>>>>>>>>>> opened up 5443 & 8888 ports. I can not see or hear the meeting participants
>>>>>>>>>>> nor he can see me or hear.
>>>>>>>>>>>
>>>>>>>>>>> The setup test, I can see my own voice and video.
>>>>>>>>>>>
>>>>>>>>>>> Here is my nat table
>>>>>>>>>>>
>>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> public
>>>>>>>>>>> target: default
>>>>>>>>>>> icmp-block-inversion: no
>>>>>>>>>>> interfaces:
>>>>>>>>>>> sources:
>>>>>>>>>>> services: mdns dhcpv6-client
>>>>>>>>>>> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>>>>>>>> protocols:
>>>>>>>>>>> masquerade: no
>>>>>>>>>>> forward-ports:
>>>>>>>>>>> source-ports:
>>>>>>>>>>> icmp-blocks:
>>>>>>>>>>> rich rules:
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Could you please help me
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> Regards,
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>>
>>>>>>>>>>> Partha
>>>>>>>>>>> M +91-8825608651
>>>>>>>>>>> Sent from mobile device
>>>>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>>
>>>>>>>>>>> --
>>>>>>>>>>>
>>>>>>>>>>> Partha
>>>>>>>>>>> M +91-8825608651
>>>>>>>>>>> Sent from mobile device
>>>>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>> Partha
>>>>>>>>> M +91-8825608651
>>>>>>>>> Sent from mobile device
>>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Best regards,
>>>>>>>> Maxim
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Partha
>>>>>>> M +91-8825608651
>>>>>>> Sent from mobile device
>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Best regards,
>>>>>> Maxim
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Partha
>>>>> M +91-8825608651
>>>>> Sent from mobile device
>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>
>>>>
>>>>
>>>> --
>>>> Best regards,
>>>> Maxim
>>>>
>>>
>>>
>>> --
>>> Partha
>>> M +91-8825608651
>>> Sent from mobile device
>>> "If you worried about falling off the bike, you’d never..."
>>>
>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
>
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>
--
Best regards,
Maxim
Re: NAT Issue
Posted by Partha Datta <da...@gmail.com>.
Hi Maxim,
I am stilling finding difficulty to install coturn. Here is the link I am
following https://github.com/mugful/fedora-coturn
the following command I have used. to install
git clone https://github.com/mugful/fedora-coturn
cd fedora-coturn
docker build --force-rm -t mugful/fedora-coturn:master .
docker run -d \
--name my_coturn \
-v /var/lib/coturn/turnserver.conf:/etc/turnserver/turnserver.conf:ro,z \
-p 3478:3478 -p 5349:5349 \
quay.io/mugful/fedora-coturn:master
IT has created a bunch of directory in
ls /var/lib/docker/overlay2/
018bf42d24bcdf050a5331795f059e0c4cc5140d74dc79240fd19939250a31ee
8b131842741af28c01fbe35b7445d1b4650a3114f2436447bad415ae06f053ec
1880ec93b59e55381e705ba8e2f6e810e9523659d244f170796980423f798e8d
8ef7213884b8f76cb216e674ae3a88325d1629e7e7f0c58bb73bbc3d7d6a37be
1dced65536ea85e7ba28e274bf65f2aae73b9abd052570990d620e5a07aec236
985a5bf6230b17883d49916754e2c3279d56668c6b784ec9b031989353d6396c
22c42c86137d7968b4284dd149bd40d79f6460e493a3df3409c5081946a20648
9b5b1a7de8f4c9917a96972139465711fe753b7b27e05b0beec88c3a171bdd22
446f22851a0507377ab6a15b5affa2ca0c58a528248d37d0b6606895ea14a425
9da9200d906eef49908205b1d09ef8bd3922cd533d37171732bef1ad235f0a43
614e31291c9e2c947e59d5665cedbe710319b5d74a48288b6be6e2b8a0fcdd78
ae677125288ef8538bd0e5eca6b9df4501f55a2795ed9e61f1f646b96dae31cb
63a73d1ebd55700e796bb57d8ae0ea7664add59de1bffe0ce67ce755372e26c0
c82488cc7f78e03c51ba54d01c47f361b36429060eaf41b59397acd1b961a04e
7b2c84324b1887aa5307848243da124137fde835eed4a6d2ea6faedc7606f8e9
ccf869146a3a4ba1c2c9d0d88e3e8a169fe4f7d90e4fb5ada1b1222a639fbcb8
7b2c84324b1887aa5307848243da124137fde835eed4a6d2ea6faedc7606f8e9-init
e6be882a55e88d7dab0fb21c9355a6b83455a62b3bd0a40107e5ab88a4664206
7e8012c09056023655deac193dffb497cbc0248409748a31803c3cd346d2ab2f
eefef789501bd4cebee7de3417932d6dec17f2451de909d48aeaa7e52a02ac97
7e8012c09056023655deac193dffb497cbc0248409748a31803c3cd346d2ab2f-init
ff379170f283a69a32e5e3eb6a1b335a7fd969bbc257bad3e678f4a77f058a4b
82e2479825ed6e16fc375f1bbdff042f10309c12a758adcf5ace5e1078fdfdd7
ff379170f283a69a32e5e3eb6a1b335a7fd969bbc257bad3e678f4a77f058a4b-init
853b24c5d54b6e5bf4818b132ff361aa343fa72b382616059b67681735893740 l
87009d6a4182d73c44118fae3f5229ee549a904782f13bf371360a67a2e55998
I dont understand how what I should do next. Could you please help.
Regards,
Partha
On Tue, May 19, 2020 at 6:59 AM Maxim Solodovnik <so...@gmail.com>
wrote:
> Hello Partha,
>
> It seems I missed the question :( (too much emails :((( )
> TURN server should be able to handle connections for users behind NAT
> Same time KMS should be fully accessible to it
>
> you can set it up on different server, but please ensure it has full
> access to KMS
>
> On Tue, 19 May 2020 at 01:34, Partha Datta <da...@gmail.com> wrote:
>
>> Hello Maxim,
>> I understand, you have been busy. I was waiting to hear back from you.
>> I managed to get cturn for fedora 25. I have a doubt. Do I need to run
>> cturn in the firewall server or I can run the cturn on the server I am
>> running openmeeting? Which is behind the firewall server.
>>
>> Could you send me some reference, which will help me to overcome lockdown
>> situations.
>>
>> Regards,
>> Partha
>>
>> On Thu, May 7, 2020 at 6:37 AM Maxim Solodovnik <so...@gmail.com>
>> wrote:
>>
>>> Hello Partha,
>>>
>>> sorry for keeping silence, I'm a bit overloaded :(
>>>
>>> I have no experience with `reTurnServer`, used only coturn, was sure it
>>> is available for all distros :(
>>> You need to make sure
>>> - TURN is accessible from outside your NTA
>>> - TURN can communicate with KMS
>>>
>>> On Wed, 6 May 2020 at 23:34, Partha Datta <da...@gmail.com> wrote:
>>>
>>>> Hi
>>>> As discussed I have installed turn in a different server.
>>>> [root@demo reTurn]# netstat -npl | grep -i turn
>>>> tcp 0 0 0.0.0.0:3478 0.0.0.0:*
>>>> LISTEN 8770/reTurnServer
>>>> tcp6 0 0 :::3478 :::*
>>>> LISTEN 8770/reTurnServer
>>>> udp 0 0 0.0.0.0:3478 0.0.0.0:*
>>>> 8770/reTurnServer
>>>> udp6 0 0 :::3478 :::*
>>>> 8770/reTurnServer
>>>> I have also edited the file
>>>> /opt/open503/webapps/openmeetings/WEB-INF/classes/applicationContext.xml
>>>> <!-- Kurento -->
>>>> <bean id="kurentoHandler"
>>>> class="org.apache.openmeetings.core.remote.KurentoHandler"
>>>> init-method="init" destroy-method="destroy"
>>>> p:kurentoWsUrl="ws://127.0.0.1:8888/kurento"
>>>> p:checkTimeout="10000"
>>>> p:watchThreadCount="10"
>>>> p:turnUrl="125.85.210.130:3478"
>>>> p:turnUser="kurento"
>>>> p:turnSecret="ab5497d0f532dc7c24336ab0e74d5c"
>>>> p:turnMode="rest"
>>>> p:turnTtl="60"
>>>> p:objCheckTimeout="200"
>>>> />
>>>> But still I cant access it from outside the LAN, Could you help me..
>>>> Regards,
>>>> Partha
>>>>
>>>> On Mon, May 4, 2020 at 10:14 PM Maxim Solodovnik <so...@gmail.com>
>>>> wrote:
>>>>
>>>>> Please check `netstat -npl|grep 8888`
>>>>> When you are starting dockerized KMS for ex. `docker run -v
>>>>> /home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
>>>>> -p 8888:8888 kurento/kurento-media-server`
>>>>> You make it available at `localhost:8888` due to forwarding
>>>>>
>>>>> to make everything workable behind NAT you need to ensure TURN is
>>>>> available outside the NAT
>>>>>
>>>>> On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hello Maxim,
>>>>>> Sorry, if I am not able to explain you properly, so attaching you a
>>>>>> network diagram of my setup. I have referred installation on Fedora 30, it
>>>>>> doesn't talk about TURN installation, however I am installing on Fedora 27,
>>>>>> every thing works good in LAN & VPN but I can not access from PUBLIC
>>>>>> network. Hope I am clear now. Moreover the docker IP is not static. Do the
>>>>>> docker IP has to be in different Subnet? I am also attaching you the NAT
>>>>>> table where OM, Docker & KMS is running.
>>>>>> [image: image.png]
>>>>>> netstat -ntp
>>>>>> [image: image.png]
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hello Partha,
>>>>>>>
>>>>>>> this is something i don't understand :(
>>>>>>> I would expect KMS is accessible on the same IP
>>>>>>>
>>>>>>> Anyway you have to ensure correct KMS address is specified in OM
>>>>>>> config (and it is accessible to OM)
>>>>>>> and also accessible to TURN
>>>>>>>
>>>>>>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com>
>>>>>>> wrote:
>>>>>>>
>>>>>>>> Hello Maxim,
>>>>>>>> My server LAN IP is 192.168.1.16 and the docer is running
>>>>>>>> 172.16.0.1, I have not assigned any IP address to it. Do I need to change
>>>>>>>> it to same subnet or bind with the same IP address? If so can you tell me
>>>>>>>> how to do that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>>>>>>> Regards,
>>>>>>>> Partha
>>>>>>>>
>>>>>>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <
>>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>>
>>>>>>>>> Finally I get to this thread :)
>>>>>>>>>
>>>>>>>>> I would suggest to check which network interfaces do you have
>>>>>>>>> And ensure OM, KMS and coturn are available at external network
>>>>>>>>> interface
>>>>>>>>>
>>>>>>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>> Same at my side. It works as long as I’am in the lan (VPN is also
>>>>>>>>>> in the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>>>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>>>>>>> user@openmeetings.apache.org>
>>>>>>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>>>>>>> *An: *"user@openmeetings.apache.org" <
>>>>>>>>>> user@openmeetings.apache.org>
>>>>>>>>>> *Betreff: *Re: NAT Issue
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Hi Alvaro,
>>>>>>>>>>
>>>>>>>>>> No luck.. Here is my firewall configuration. But very strange..
>>>>>>>>>> it works great when I get connected with VPN client
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> FedoraServer (active)
>>>>>>>>>> target: default
>>>>>>>>>> icmp-block-inversion: no
>>>>>>>>>> interfaces: enp5s10
>>>>>>>>>> sources:
>>>>>>>>>> services: ssh
>>>>>>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>>>> 49152-65535/udp
>>>>>>>>>> protocols:
>>>>>>>>>> masquerade: yes
>>>>>>>>>> forward-ports:
>>>>>>>>>> source-ports:
>>>>>>>>>> icmp-blocks:
>>>>>>>>>> rich rules:
>>>>>>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>>>>>>> FedoraServer (active)
>>>>>>>>>> target: default
>>>>>>>>>> icmp-block-inversion: no
>>>>>>>>>> interfaces: enp5s10
>>>>>>>>>> sources:
>>>>>>>>>> services: ssh
>>>>>>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>>>> 49152-65535/udp
>>>>>>>>>> protocols:
>>>>>>>>>> masquerade: yes
>>>>>>>>>> forward-ports:
>>>>>>>>>> source-ports:
>>>>>>>>>> icmp-blocks:
>>>>>>>>>> rich rules:
>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>> forward-port port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>> forward-port port="3478" protocol="udp" to-port="3478"
>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>> forward-port port="3478" protocol="tcp" to-port="3478"
>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>>
>>>>>>>>>> Partha
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com>
>>>>>>>>>> wrote:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ...Partha, please open in firewalld the ports:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # service firewalld start
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>>>>>>> --permanent
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # service firewalld restart
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ...and to see they are open:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> # firewall-cmd --list-all
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ...and after this would be good stop the servers and reboot
>>>>>>>>>>
>>>>>>>>>> the machine.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ..................
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>>>>>>
>>>>>>>>>> Hello Alvaro,
>>>>>>>>>>
>>>>>>>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>>>>>>>> server running openmeeting I cant access, even from the LAN, so I think it
>>>>>>>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>>>>>>>> mentioned in the document you have sent on the local server . I shall do
>>>>>>>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>>>>>>>> port blocking.
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>>
>>>>>>>>>> Partha
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>> Partha and Julian, is neccesary to open that ports in the
>>>>>>>>>> firewall and
>>>>>>>>>>
>>>>>>>>>> the router (both).
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Try without firewall to test (open ports in router).
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Are you in Ubuntu or Centos?
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ..............
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>>>>>>
>>>>>>>>>> Dear Alvaro,
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> I have opened up all the port mentioned in the document but I
>>>>>>>>>> keep getting the error, stating failed to connect to media server.
>>>>>>>>>>
>>>>>>>>>> Does it need to do any other conficonfiguration.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>>
>>>>>>>>>> Partha
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>>>
>>>>>>>>>> ...that is for Ubuntu 18.04.
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> And this is for Centos 7-8:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ...................
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>>>>>>
>>>>>>>>>> ...take a look:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> ................
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>>>>>>
>>>>>>>>>> Hello,
>>>>>>>>>>
>>>>>>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
>>>>>>>>>> audio & video.
>>>>>>>>>>
>>>>>>>>>> I have Openmeeting server behind a Linux firewall with NAT and
>>>>>>>>>> opened up 5443 & 8888 ports. I can not see or hear the meeting participants
>>>>>>>>>> nor he can see me or hear.
>>>>>>>>>>
>>>>>>>>>> The setup test, I can see my own voice and video.
>>>>>>>>>>
>>>>>>>>>> Here is my nat table
>>>>>>>>>>
>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> public
>>>>>>>>>> target: default
>>>>>>>>>> icmp-block-inversion: no
>>>>>>>>>> interfaces:
>>>>>>>>>> sources:
>>>>>>>>>> services: mdns dhcpv6-client
>>>>>>>>>> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>>>>>>> protocols:
>>>>>>>>>> masquerade: no
>>>>>>>>>> forward-ports:
>>>>>>>>>> source-ports:
>>>>>>>>>> icmp-blocks:
>>>>>>>>>> rich rules:
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Could you please help me
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> Regards,
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>>
>>>>>>>>>> Partha
>>>>>>>>>> M +91-8825608651
>>>>>>>>>> Sent from mobile device
>>>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>>
>>>>>>>>>> --
>>>>>>>>>>
>>>>>>>>>> Partha
>>>>>>>>>> M +91-8825608651
>>>>>>>>>> Sent from mobile device
>>>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>>>
>>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>> Partha
>>>>>>>> M +91-8825608651
>>>>>>>> Sent from mobile device
>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Best regards,
>>>>>>> Maxim
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Partha
>>>>>> M +91-8825608651
>>>>>> Sent from mobile device
>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Best regards,
>>>>> Maxim
>>>>>
>>>>
>>>>
>>>> --
>>>> Partha
>>>> M +91-8825608651
>>>> Sent from mobile device
>>>> "If you worried about falling off the bike, you’d never..."
>>>>
>>>
>>>
>>> --
>>> Best regards,
>>> Maxim
>>>
>>
>>
>> --
>> Partha
>> M +91-8825608651
>> Sent from mobile device
>> "If you worried about falling off the bike, you’d never..."
>>
>
>
> --
> Best regards,
> Maxim
>
--
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."
Re: NAT Issue
Posted by Maxim Solodovnik <so...@gmail.com>.
Hello Partha,
It seems I missed the question :( (too much emails :((( )
TURN server should be able to handle connections for users behind NAT
Same time KMS should be fully accessible to it
you can set it up on different server, but please ensure it has full access
to KMS
On Tue, 19 May 2020 at 01:34, Partha Datta <da...@gmail.com> wrote:
> Hello Maxim,
> I understand, you have been busy. I was waiting to hear back from you.
> I managed to get cturn for fedora 25. I have a doubt. Do I need to run
> cturn in the firewall server or I can run the cturn on the server I am
> running openmeeting? Which is behind the firewall server.
>
> Could you send me some reference, which will help me to overcome lockdown
> situations.
>
> Regards,
> Partha
>
> On Thu, May 7, 2020 at 6:37 AM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>> Hello Partha,
>>
>> sorry for keeping silence, I'm a bit overloaded :(
>>
>> I have no experience with `reTurnServer`, used only coturn, was sure it
>> is available for all distros :(
>> You need to make sure
>> - TURN is accessible from outside your NTA
>> - TURN can communicate with KMS
>>
>> On Wed, 6 May 2020 at 23:34, Partha Datta <da...@gmail.com> wrote:
>>
>>> Hi
>>> As discussed I have installed turn in a different server.
>>> [root@demo reTurn]# netstat -npl | grep -i turn
>>> tcp 0 0 0.0.0.0:3478 0.0.0.0:*
>>> LISTEN 8770/reTurnServer
>>> tcp6 0 0 :::3478 :::*
>>> LISTEN 8770/reTurnServer
>>> udp 0 0 0.0.0.0:3478 0.0.0.0:*
>>> 8770/reTurnServer
>>> udp6 0 0 :::3478 :::*
>>> 8770/reTurnServer
>>> I have also edited the file
>>> /opt/open503/webapps/openmeetings/WEB-INF/classes/applicationContext.xml
>>> <!-- Kurento -->
>>> <bean id="kurentoHandler"
>>> class="org.apache.openmeetings.core.remote.KurentoHandler"
>>> init-method="init" destroy-method="destroy"
>>> p:kurentoWsUrl="ws://127.0.0.1:8888/kurento"
>>> p:checkTimeout="10000"
>>> p:watchThreadCount="10"
>>> p:turnUrl="125.85.210.130:3478"
>>> p:turnUser="kurento"
>>> p:turnSecret="ab5497d0f532dc7c24336ab0e74d5c"
>>> p:turnMode="rest"
>>> p:turnTtl="60"
>>> p:objCheckTimeout="200"
>>> />
>>> But still I cant access it from outside the LAN, Could you help me..
>>> Regards,
>>> Partha
>>>
>>> On Mon, May 4, 2020 at 10:14 PM Maxim Solodovnik <so...@gmail.com>
>>> wrote:
>>>
>>>> Please check `netstat -npl|grep 8888`
>>>> When you are starting dockerized KMS for ex. `docker run -v
>>>> /home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
>>>> -p 8888:8888 kurento/kurento-media-server`
>>>> You make it available at `localhost:8888` due to forwarding
>>>>
>>>> to make everything workable behind NAT you need to ensure TURN is
>>>> available outside the NAT
>>>>
>>>> On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hello Maxim,
>>>>> Sorry, if I am not able to explain you properly, so attaching you a
>>>>> network diagram of my setup. I have referred installation on Fedora 30, it
>>>>> doesn't talk about TURN installation, however I am installing on Fedora 27,
>>>>> every thing works good in LAN & VPN but I can not access from PUBLIC
>>>>> network. Hope I am clear now. Moreover the docker IP is not static. Do the
>>>>> docker IP has to be in different Subnet? I am also attaching you the NAT
>>>>> table where OM, Docker & KMS is running.
>>>>> [image: image.png]
>>>>> netstat -ntp
>>>>> [image: image.png]
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hello Partha,
>>>>>>
>>>>>> this is something i don't understand :(
>>>>>> I would expect KMS is accessible on the same IP
>>>>>>
>>>>>> Anyway you have to ensure correct KMS address is specified in OM
>>>>>> config (and it is accessible to OM)
>>>>>> and also accessible to TURN
>>>>>>
>>>>>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com>
>>>>>> wrote:
>>>>>>
>>>>>>> Hello Maxim,
>>>>>>> My server LAN IP is 192.168.1.16 and the docer is running
>>>>>>> 172.16.0.1, I have not assigned any IP address to it. Do I need to change
>>>>>>> it to same subnet or bind with the same IP address? If so can you tell me
>>>>>>> how to do that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>>>>>> Regards,
>>>>>>> Partha
>>>>>>>
>>>>>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <
>>>>>>> solomax666@gmail.com> wrote:
>>>>>>>
>>>>>>>> Finally I get to this thread :)
>>>>>>>>
>>>>>>>> I would suggest to check which network interfaces do you have
>>>>>>>> And ensure OM, KMS and coturn are available at external network
>>>>>>>> interface
>>>>>>>>
>>>>>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>>>>>>>
>>>>>>>>> Same at my side. It works as long as I’am in the lan (VPN is also
>>>>>>>>> in the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>>>>>> user@openmeetings.apache.org>
>>>>>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>>>>>> *An: *"user@openmeetings.apache.org" <user@openmeetings.apache.org
>>>>>>>>> >
>>>>>>>>> *Betreff: *Re: NAT Issue
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Hi Alvaro,
>>>>>>>>>
>>>>>>>>> No luck.. Here is my firewall configuration. But very strange.. it
>>>>>>>>> works great when I get connected with VPN client
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> FedoraServer (active)
>>>>>>>>> target: default
>>>>>>>>> icmp-block-inversion: no
>>>>>>>>> interfaces: enp5s10
>>>>>>>>> sources:
>>>>>>>>> services: ssh
>>>>>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>>> 49152-65535/udp
>>>>>>>>> protocols:
>>>>>>>>> masquerade: yes
>>>>>>>>> forward-ports:
>>>>>>>>> source-ports:
>>>>>>>>> icmp-blocks:
>>>>>>>>> rich rules:
>>>>>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>>>>>> FedoraServer (active)
>>>>>>>>> target: default
>>>>>>>>> icmp-block-inversion: no
>>>>>>>>> interfaces: enp5s10
>>>>>>>>> sources:
>>>>>>>>> services: ssh
>>>>>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>>> 49152-65535/udp
>>>>>>>>> protocols:
>>>>>>>>> masquerade: yes
>>>>>>>>> forward-ports:
>>>>>>>>> source-ports:
>>>>>>>>> icmp-blocks:
>>>>>>>>> rich rules:
>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>> forward-port port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>> forward-port port="3478" protocol="udp" to-port="3478"
>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>> forward-port port="3478" protocol="tcp" to-port="3478"
>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>>
>>>>>>>>> Partha
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com>
>>>>>>>>> wrote:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ...Partha, please open in firewalld the ports:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # service firewalld start
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>>>>>> --permanent
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # service firewalld restart
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ...and to see they are open:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> # firewall-cmd --list-all
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ...and after this would be good stop the servers and reboot
>>>>>>>>>
>>>>>>>>> the machine.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ..................
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>>>>>
>>>>>>>>> Hello Alvaro,
>>>>>>>>>
>>>>>>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>>>>>>> server running openmeeting I cant access, even from the LAN, so I think it
>>>>>>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>>>>>>> mentioned in the document you have sent on the local server . I shall do
>>>>>>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>>>>>>> port blocking.
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>>
>>>>>>>>> Partha
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>>
>>>>>>>>> Partha and Julian, is neccesary to open that ports in the firewall
>>>>>>>>> and
>>>>>>>>>
>>>>>>>>> the router (both).
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Try without firewall to test (open ports in router).
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Are you in Ubuntu or Centos?
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ..............
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>>>>>
>>>>>>>>> Dear Alvaro,
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> I have opened up all the port mentioned in the document but I keep
>>>>>>>>> getting the error, stating failed to connect to media server.
>>>>>>>>>
>>>>>>>>> Does it need to do any other conficonfiguration.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>>
>>>>>>>>> Partha
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>>
>>>>>>>>> ...that is for Ubuntu 18.04.
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> And this is for Centos 7-8:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ...................
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>>>>>
>>>>>>>>> ...take a look:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> ................
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>>>>>
>>>>>>>>> Hello,
>>>>>>>>>
>>>>>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
>>>>>>>>> audio & video.
>>>>>>>>>
>>>>>>>>> I have Openmeeting server behind a Linux firewall with NAT and
>>>>>>>>> opened up 5443 & 8888 ports. I can not see or hear the meeting participants
>>>>>>>>> nor he can see me or hear.
>>>>>>>>>
>>>>>>>>> The setup test, I can see my own voice and video.
>>>>>>>>>
>>>>>>>>> Here is my nat table
>>>>>>>>>
>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> public
>>>>>>>>> target: default
>>>>>>>>> icmp-block-inversion: no
>>>>>>>>> interfaces:
>>>>>>>>> sources:
>>>>>>>>> services: mdns dhcpv6-client
>>>>>>>>> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>>>>>> protocols:
>>>>>>>>> masquerade: no
>>>>>>>>> forward-ports:
>>>>>>>>> source-ports:
>>>>>>>>> icmp-blocks:
>>>>>>>>> rich rules:
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Could you please help me
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> Regards,
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>>
>>>>>>>>> Partha
>>>>>>>>> M +91-8825608651
>>>>>>>>> Sent from mobile device
>>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>>
>>>>>>>>> --
>>>>>>>>>
>>>>>>>>> Partha
>>>>>>>>> M +91-8825608651
>>>>>>>>> Sent from mobile device
>>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>>
>>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>> Partha
>>>>>>> M +91-8825608651
>>>>>>> Sent from mobile device
>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>> Best regards,
>>>>>> Maxim
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Partha
>>>>> M +91-8825608651
>>>>> Sent from mobile device
>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>
>>>>
>>>>
>>>> --
>>>> Best regards,
>>>> Maxim
>>>>
>>>
>>>
>>> --
>>> Partha
>>> M +91-8825608651
>>> Sent from mobile device
>>> "If you worried about falling off the bike, you’d never..."
>>>
>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
>
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>
--
Best regards,
Maxim
Re: NAT Issue
Posted by Partha Datta <da...@gmail.com>.
Hello Maxim,
I understand, you have been busy. I was waiting to hear back from you.
I managed to get cturn for fedora 25. I have a doubt. Do I need to run
cturn in the firewall server or I can run the cturn on the server I am
running openmeeting? Which is behind the firewall server.
Could you send me some reference, which will help me to overcome lockdown
situations.
Regards,
Partha
On Thu, May 7, 2020 at 6:37 AM Maxim Solodovnik <so...@gmail.com>
wrote:
> Hello Partha,
>
> sorry for keeping silence, I'm a bit overloaded :(
>
> I have no experience with `reTurnServer`, used only coturn, was sure it is
> available for all distros :(
> You need to make sure
> - TURN is accessible from outside your NTA
> - TURN can communicate with KMS
>
> On Wed, 6 May 2020 at 23:34, Partha Datta <da...@gmail.com> wrote:
>
>> Hi
>> As discussed I have installed turn in a different server.
>> [root@demo reTurn]# netstat -npl | grep -i turn
>> tcp 0 0 0.0.0.0:3478 0.0.0.0:*
>> LISTEN 8770/reTurnServer
>> tcp6 0 0 :::3478 :::*
>> LISTEN 8770/reTurnServer
>> udp 0 0 0.0.0.0:3478 0.0.0.0:*
>> 8770/reTurnServer
>> udp6 0 0 :::3478 :::*
>> 8770/reTurnServer
>> I have also edited the file
>> /opt/open503/webapps/openmeetings/WEB-INF/classes/applicationContext.xml
>> <!-- Kurento -->
>> <bean id="kurentoHandler"
>> class="org.apache.openmeetings.core.remote.KurentoHandler"
>> init-method="init" destroy-method="destroy"
>> p:kurentoWsUrl="ws://127.0.0.1:8888/kurento"
>> p:checkTimeout="10000"
>> p:watchThreadCount="10"
>> p:turnUrl="125.85.210.130:3478"
>> p:turnUser="kurento"
>> p:turnSecret="ab5497d0f532dc7c24336ab0e74d5c"
>> p:turnMode="rest"
>> p:turnTtl="60"
>> p:objCheckTimeout="200"
>> />
>> But still I cant access it from outside the LAN, Could you help me..
>> Regards,
>> Partha
>>
>> On Mon, May 4, 2020 at 10:14 PM Maxim Solodovnik <so...@gmail.com>
>> wrote:
>>
>>> Please check `netstat -npl|grep 8888`
>>> When you are starting dockerized KMS for ex. `docker run -v
>>> /home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
>>> -p 8888:8888 kurento/kurento-media-server`
>>> You make it available at `localhost:8888` due to forwarding
>>>
>>> to make everything workable behind NAT you need to ensure TURN is
>>> available outside the NAT
>>>
>>> On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com> wrote:
>>>
>>>> Hello Maxim,
>>>> Sorry, if I am not able to explain you properly, so attaching you a
>>>> network diagram of my setup. I have referred installation on Fedora 30, it
>>>> doesn't talk about TURN installation, however I am installing on Fedora 27,
>>>> every thing works good in LAN & VPN but I can not access from PUBLIC
>>>> network. Hope I am clear now. Moreover the docker IP is not static. Do the
>>>> docker IP has to be in different Subnet? I am also attaching you the NAT
>>>> table where OM, Docker & KMS is running.
>>>> [image: image.png]
>>>> netstat -ntp
>>>> [image: image.png]
>>>>
>>>>
>>>>
>>>>
>>>> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hello Partha,
>>>>>
>>>>> this is something i don't understand :(
>>>>> I would expect KMS is accessible on the same IP
>>>>>
>>>>> Anyway you have to ensure correct KMS address is specified in OM
>>>>> config (and it is accessible to OM)
>>>>> and also accessible to TURN
>>>>>
>>>>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Hello Maxim,
>>>>>> My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1,
>>>>>> I have not assigned any IP address to it. Do I need to change it to same
>>>>>> subnet or bind with the same IP address? If so can you tell me how to do
>>>>>> that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>>>>> Regards,
>>>>>> Partha
>>>>>>
>>>>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <
>>>>>> solomax666@gmail.com> wrote:
>>>>>>
>>>>>>> Finally I get to this thread :)
>>>>>>>
>>>>>>> I would suggest to check which network interfaces do you have
>>>>>>> And ensure OM, KMS and coturn are available at external network
>>>>>>> interface
>>>>>>>
>>>>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>>>>>>
>>>>>>>> Same at my side. It works as long as I’am in the lan (VPN is also
>>>>>>>> in the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>>>>> user@openmeetings.apache.org>
>>>>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>>>>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>>>>>>>> *Betreff: *Re: NAT Issue
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Hi Alvaro,
>>>>>>>>
>>>>>>>> No luck.. Here is my firewall configuration. But very strange.. it
>>>>>>>> works great when I get connected with VPN client
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> FedoraServer (active)
>>>>>>>> target: default
>>>>>>>> icmp-block-inversion: no
>>>>>>>> interfaces: enp5s10
>>>>>>>> sources:
>>>>>>>> services: ssh
>>>>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>> 49152-65535/udp
>>>>>>>> protocols:
>>>>>>>> masquerade: yes
>>>>>>>> forward-ports:
>>>>>>>> source-ports:
>>>>>>>> icmp-blocks:
>>>>>>>> rich rules:
>>>>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>>>>> FedoraServer (active)
>>>>>>>> target: default
>>>>>>>> icmp-block-inversion: no
>>>>>>>> interfaces: enp5s10
>>>>>>>> sources:
>>>>>>>> services: ssh
>>>>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp
>>>>>>>> 49152-65535/udp
>>>>>>>> protocols:
>>>>>>>> masquerade: yes
>>>>>>>> forward-ports:
>>>>>>>> source-ports:
>>>>>>>> icmp-blocks:
>>>>>>>> rich rules:
>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>> to-addr="192.168.110.16"
>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>> to-addr="192.168.110.16"
>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>> forward-port port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>>>>> to-addr="192.168.110.16"
>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>> forward-port port="3478" protocol="udp" to-port="3478"
>>>>>>>> to-addr="192.168.110.16"
>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>> forward-port port="3478" protocol="tcp" to-port="3478"
>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>>
>>>>>>>> Partha
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ...Partha, please open in firewalld the ports:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # service firewalld start
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>>>>> --permanent
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # service firewalld restart
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ...and to see they are open:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> # firewall-cmd --list-all
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ...and after this would be good stop the servers and reboot
>>>>>>>>
>>>>>>>> the machine.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ..................
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>>>>
>>>>>>>> Hello Alvaro,
>>>>>>>>
>>>>>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>>>>>> server running openmeeting I cant access, even from the LAN, so I think it
>>>>>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>>>>>> mentioned in the document you have sent on the local server . I shall do
>>>>>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>>>>>> port blocking.
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>>
>>>>>>>> Partha
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>
>>>>>>>> Partha and Julian, is neccesary to open that ports in the firewall
>>>>>>>> and
>>>>>>>>
>>>>>>>> the router (both).
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Try without firewall to test (open ports in router).
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Are you in Ubuntu or Centos?
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ..............
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>>>>
>>>>>>>> Dear Alvaro,
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> I have opened up all the port mentioned in the document but I keep
>>>>>>>> getting the error, stating failed to connect to media server.
>>>>>>>>
>>>>>>>> Does it need to do any other conficonfiguration.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>>
>>>>>>>> Partha
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>>
>>>>>>>> ...that is for Ubuntu 18.04.
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> And this is for Centos 7-8:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ...................
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>>>>
>>>>>>>> ...take a look:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> ................
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>>>>
>>>>>>>> Hello,
>>>>>>>>
>>>>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
>>>>>>>> audio & video.
>>>>>>>>
>>>>>>>> I have Openmeeting server behind a Linux firewall with NAT and
>>>>>>>> opened up 5443 & 8888 ports. I can not see or hear the meeting participants
>>>>>>>> nor he can see me or hear.
>>>>>>>>
>>>>>>>> The setup test, I can see my own voice and video.
>>>>>>>>
>>>>>>>> Here is my nat table
>>>>>>>>
>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>> forward-port port="5443" protocol="tcp" to-port="5443"
>>>>>>>> to-addr="192.168.110.16"
>>>>>>>> rule family="ipv4" destination address="112.73.210.134"
>>>>>>>> forward-port port="8888" protocol="tcp" to-port="8888"
>>>>>>>> to-addr="192.168.110.16"
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> public
>>>>>>>> target: default
>>>>>>>> icmp-block-inversion: no
>>>>>>>> interfaces:
>>>>>>>> sources:
>>>>>>>> services: mdns dhcpv6-client
>>>>>>>> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>>>>> protocols:
>>>>>>>> masquerade: no
>>>>>>>> forward-ports:
>>>>>>>> source-ports:
>>>>>>>> icmp-blocks:
>>>>>>>> rich rules:
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Could you please help me
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> Regards,
>>>>>>>>
>>>>>>>> --
>>>>>>>>
>>>>>>>> Partha
>>>>>>>> M +91-8825608651
>>>>>>>> Sent from mobile device
>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>>
>>>>>>>> --
>>>>>>>>
>>>>>>>> Partha
>>>>>>>> M +91-8825608651
>>>>>>>> Sent from mobile device
>>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>>
>>>>>>>
>>>>>>
>>>>>> --
>>>>>> Partha
>>>>>> M +91-8825608651
>>>>>> Sent from mobile device
>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>
>>>>>
>>>>>
>>>>> --
>>>>> Best regards,
>>>>> Maxim
>>>>>
>>>>
>>>>
>>>> --
>>>> Partha
>>>> M +91-8825608651
>>>> Sent from mobile device
>>>> "If you worried about falling off the bike, you’d never..."
>>>>
>>>
>>>
>>> --
>>> Best regards,
>>> Maxim
>>>
>>
>>
>> --
>> Partha
>> M +91-8825608651
>> Sent from mobile device
>> "If you worried about falling off the bike, you’d never..."
>>
>
>
> --
> Best regards,
> Maxim
>
--
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."
Re: NAT Issue
Posted by Maxim Solodovnik <so...@gmail.com>.
Hello Partha,
sorry for keeping silence, I'm a bit overloaded :(
I have no experience with `reTurnServer`, used only coturn, was sure it is
available for all distros :(
You need to make sure
- TURN is accessible from outside your NTA
- TURN can communicate with KMS
On Wed, 6 May 2020 at 23:34, Partha Datta <da...@gmail.com> wrote:
> Hi
> As discussed I have installed turn in a different server.
> [root@demo reTurn]# netstat -npl | grep -i turn
> tcp 0 0 0.0.0.0:3478 0.0.0.0:*
> LISTEN 8770/reTurnServer
> tcp6 0 0 :::3478 :::* LISTEN
> 8770/reTurnServer
> udp 0 0 0.0.0.0:3478 0.0.0.0:*
> 8770/reTurnServer
> udp6 0 0 :::3478 :::*
> 8770/reTurnServer
> I have also edited the file
> /opt/open503/webapps/openmeetings/WEB-INF/classes/applicationContext.xml
> <!-- Kurento -->
> <bean id="kurentoHandler"
> class="org.apache.openmeetings.core.remote.KurentoHandler"
> init-method="init" destroy-method="destroy"
> p:kurentoWsUrl="ws://127.0.0.1:8888/kurento"
> p:checkTimeout="10000"
> p:watchThreadCount="10"
> p:turnUrl="125.85.210.130:3478"
> p:turnUser="kurento"
> p:turnSecret="ab5497d0f532dc7c24336ab0e74d5c"
> p:turnMode="rest"
> p:turnTtl="60"
> p:objCheckTimeout="200"
> />
> But still I cant access it from outside the LAN, Could you help me..
> Regards,
> Partha
>
> On Mon, May 4, 2020 at 10:14 PM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>> Please check `netstat -npl|grep 8888`
>> When you are starting dockerized KMS for ex. `docker run -v
>> /home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
>> -p 8888:8888 kurento/kurento-media-server`
>> You make it available at `localhost:8888` due to forwarding
>>
>> to make everything workable behind NAT you need to ensure TURN is
>> available outside the NAT
>>
>> On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com> wrote:
>>
>>> Hello Maxim,
>>> Sorry, if I am not able to explain you properly, so attaching you a
>>> network diagram of my setup. I have referred installation on Fedora 30, it
>>> doesn't talk about TURN installation, however I am installing on Fedora 27,
>>> every thing works good in LAN & VPN but I can not access from PUBLIC
>>> network. Hope I am clear now. Moreover the docker IP is not static. Do the
>>> docker IP has to be in different Subnet? I am also attaching you the NAT
>>> table where OM, Docker & KMS is running.
>>> [image: image.png]
>>> netstat -ntp
>>> [image: image.png]
>>>
>>>
>>>
>>>
>>> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
>>> wrote:
>>>
>>>> Hello Partha,
>>>>
>>>> this is something i don't understand :(
>>>> I would expect KMS is accessible on the same IP
>>>>
>>>> Anyway you have to ensure correct KMS address is specified in OM config
>>>> (and it is accessible to OM)
>>>> and also accessible to TURN
>>>>
>>>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com>
>>>> wrote:
>>>>
>>>>> Hello Maxim,
>>>>> My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1,
>>>>> I have not assigned any IP address to it. Do I need to change it to same
>>>>> subnet or bind with the same IP address? If so can you tell me how to do
>>>>> that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>>>> Regards,
>>>>> Partha
>>>>>
>>>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <so...@gmail.com>
>>>>> wrote:
>>>>>
>>>>>> Finally I get to this thread :)
>>>>>>
>>>>>> I would suggest to check which network interfaces do you have
>>>>>> And ensure OM, KMS and coturn are available at external network
>>>>>> interface
>>>>>>
>>>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>>>>>
>>>>>>> Same at my side. It works as long as I’am in the lan (VPN is also in
>>>>>>> the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>>>> user@openmeetings.apache.org>
>>>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>>>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>>>>>>> *Betreff: *Re: NAT Issue
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Hi Alvaro,
>>>>>>>
>>>>>>> No luck.. Here is my firewall configuration. But very strange.. it
>>>>>>> works great when I get connected with VPN client
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> FedoraServer (active)
>>>>>>> target: default
>>>>>>> icmp-block-inversion: no
>>>>>>> interfaces: enp5s10
>>>>>>> sources:
>>>>>>> services: ssh
>>>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>>>> protocols:
>>>>>>> masquerade: yes
>>>>>>> forward-ports:
>>>>>>> source-ports:
>>>>>>> icmp-blocks:
>>>>>>> rich rules:
>>>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>>>> FedoraServer (active)
>>>>>>> target: default
>>>>>>> icmp-block-inversion: no
>>>>>>> interfaces: enp5s10
>>>>>>> sources:
>>>>>>> services: ssh
>>>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>>>> protocols:
>>>>>>> masquerade: yes
>>>>>>> forward-ports:
>>>>>>> source-ports:
>>>>>>> icmp-blocks:
>>>>>>> rich rules:
>>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>>> port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>>>> to-addr="192.168.110.16"
>>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>>> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
>>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>>> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Regards,
>>>>>>>
>>>>>>> Partha
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ...Partha, please open in firewalld the ports:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # service firewalld start
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>>>> --permanent
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # service firewalld restart
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ...and to see they are open:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> # firewall-cmd --list-all
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ...and after this would be good stop the servers and reboot
>>>>>>>
>>>>>>> the machine.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ..................
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>>>
>>>>>>> Hello Alvaro,
>>>>>>>
>>>>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>>>>> server running openmeeting I cant access, even from the LAN, so I think it
>>>>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>>>>> mentioned in the document you have sent on the local server . I shall do
>>>>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>>>>> port blocking.
>>>>>>>
>>>>>>> Regards,
>>>>>>>
>>>>>>> Partha
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>
>>>>>>> Partha and Julian, is neccesary to open that ports in the firewall
>>>>>>> and
>>>>>>>
>>>>>>> the router (both).
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Try without firewall to test (open ports in router).
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Are you in Ubuntu or Centos?
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ..............
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>>>
>>>>>>> Dear Alvaro,
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> I have opened up all the port mentioned in the document but I keep
>>>>>>> getting the error, stating failed to connect to media server.
>>>>>>>
>>>>>>> Does it need to do any other conficonfiguration.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Regards,
>>>>>>>
>>>>>>> Partha
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>>>
>>>>>>> ...that is for Ubuntu 18.04.
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> And this is for Centos 7-8:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ...................
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>>>
>>>>>>> ...take a look:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> ................
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>>>
>>>>>>> Hello,
>>>>>>>
>>>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
>>>>>>> audio & video.
>>>>>>>
>>>>>>> I have Openmeeting server behind a Linux firewall with NAT and
>>>>>>> opened up 5443 & 8888 ports. I can not see or hear the meeting participants
>>>>>>> nor he can see me or hear.
>>>>>>>
>>>>>>> The setup test, I can see my own voice and video.
>>>>>>>
>>>>>>> Here is my nat table
>>>>>>>
>>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> public
>>>>>>> target: default
>>>>>>> icmp-block-inversion: no
>>>>>>> interfaces:
>>>>>>> sources:
>>>>>>> services: mdns dhcpv6-client
>>>>>>> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>>>> protocols:
>>>>>>> masquerade: no
>>>>>>> forward-ports:
>>>>>>> source-ports:
>>>>>>> icmp-blocks:
>>>>>>> rich rules:
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Could you please help me
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> Regards,
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>> Partha
>>>>>>> M +91-8825608651
>>>>>>> Sent from mobile device
>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>>
>>>>>>> --
>>>>>>>
>>>>>>> Partha
>>>>>>> M +91-8825608651
>>>>>>> Sent from mobile device
>>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>>
>>>>>>
>>>>>
>>>>> --
>>>>> Partha
>>>>> M +91-8825608651
>>>>> Sent from mobile device
>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>
>>>>
>>>>
>>>> --
>>>> Best regards,
>>>> Maxim
>>>>
>>>
>>>
>>> --
>>> Partha
>>> M +91-8825608651
>>> Sent from mobile device
>>> "If you worried about falling off the bike, you’d never..."
>>>
>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
>
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>
--
Best regards,
Maxim
Re: NAT Issue
Posted by Partha Datta <da...@gmail.com>.
Hi
As discussed I have installed turn in a different server.
[root@demo reTurn]# netstat -npl | grep -i turn
tcp 0 0 0.0.0.0:3478 0.0.0.0:* LISTEN
8770/reTurnServer
tcp6 0 0 :::3478 :::* LISTEN
8770/reTurnServer
udp 0 0 0.0.0.0:3478 0.0.0.0:*
8770/reTurnServer
udp6 0 0 :::3478 :::*
8770/reTurnServer
I have also edited the file
/opt/open503/webapps/openmeetings/WEB-INF/classes/applicationContext.xml
<!-- Kurento -->
<bean id="kurentoHandler"
class="org.apache.openmeetings.core.remote.KurentoHandler"
init-method="init" destroy-method="destroy"
p:kurentoWsUrl="ws://127.0.0.1:8888/kurento"
p:checkTimeout="10000"
p:watchThreadCount="10"
p:turnUrl="125.85.210.130:3478"
p:turnUser="kurento"
p:turnSecret="ab5497d0f532dc7c24336ab0e74d5c"
p:turnMode="rest"
p:turnTtl="60"
p:objCheckTimeout="200"
/>
But still I cant access it from outside the LAN, Could you help me..
Regards,
Partha
On Mon, May 4, 2020 at 10:14 PM Maxim Solodovnik <so...@gmail.com>
wrote:
> Please check `netstat -npl|grep 8888`
> When you are starting dockerized KMS for ex. `docker run -v
> /home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
> -p 8888:8888 kurento/kurento-media-server`
> You make it available at `localhost:8888` due to forwarding
>
> to make everything workable behind NAT you need to ensure TURN is
> available outside the NAT
>
> On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com> wrote:
>
>> Hello Maxim,
>> Sorry, if I am not able to explain you properly, so attaching you a
>> network diagram of my setup. I have referred installation on Fedora 30, it
>> doesn't talk about TURN installation, however I am installing on Fedora 27,
>> every thing works good in LAN & VPN but I can not access from PUBLIC
>> network. Hope I am clear now. Moreover the docker IP is not static. Do the
>> docker IP has to be in different Subnet? I am also attaching you the NAT
>> table where OM, Docker & KMS is running.
>> [image: image.png]
>> netstat -ntp
>> [image: image.png]
>>
>>
>>
>>
>> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
>> wrote:
>>
>>> Hello Partha,
>>>
>>> this is something i don't understand :(
>>> I would expect KMS is accessible on the same IP
>>>
>>> Anyway you have to ensure correct KMS address is specified in OM config
>>> (and it is accessible to OM)
>>> and also accessible to TURN
>>>
>>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com> wrote:
>>>
>>>> Hello Maxim,
>>>> My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1, I
>>>> have not assigned any IP address to it. Do I need to change it to same
>>>> subnet or bind with the same IP address? If so can you tell me how to do
>>>> that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>>> Regards,
>>>> Partha
>>>>
>>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <so...@gmail.com>
>>>> wrote:
>>>>
>>>>> Finally I get to this thread :)
>>>>>
>>>>> I would suggest to check which network interfaces do you have
>>>>> And ensure OM, KMS and coturn are available at external network
>>>>> interface
>>>>>
>>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>>>>
>>>>>> Same at my side. It works as long as I’am in the lan (VPN is also in
>>>>>> the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>>>
>>>>>>
>>>>>>
>>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>>> user@openmeetings.apache.org>
>>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>>>>>> *Betreff: *Re: NAT Issue
>>>>>>
>>>>>>
>>>>>>
>>>>>> Hi Alvaro,
>>>>>>
>>>>>> No luck.. Here is my firewall configuration. But very strange.. it
>>>>>> works great when I get connected with VPN client
>>>>>>
>>>>>>
>>>>>>
>>>>>> FedoraServer (active)
>>>>>> target: default
>>>>>> icmp-block-inversion: no
>>>>>> interfaces: enp5s10
>>>>>> sources:
>>>>>> services: ssh
>>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>>> protocols:
>>>>>> masquerade: yes
>>>>>> forward-ports:
>>>>>> source-ports:
>>>>>> icmp-blocks:
>>>>>> rich rules:
>>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>>> FedoraServer (active)
>>>>>> target: default
>>>>>> icmp-block-inversion: no
>>>>>> interfaces: enp5s10
>>>>>> sources:
>>>>>> services: ssh
>>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>>> protocols:
>>>>>> masquerade: yes
>>>>>> forward-ports:
>>>>>> source-ports:
>>>>>> icmp-blocks:
>>>>>> rich rules:
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>>> to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>>>>>>
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Partha
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...Partha, please open in firewalld the ports:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> # service firewalld start
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>>> --permanent
>>>>>>
>>>>>>
>>>>>>
>>>>>> # service firewalld restart
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...and to see they are open:
>>>>>>
>>>>>>
>>>>>>
>>>>>> # firewall-cmd --list-all
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...and after this would be good stop the servers and reboot
>>>>>>
>>>>>> the machine.
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ..................
>>>>>>
>>>>>>
>>>>>>
>>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>>
>>>>>> Hello Alvaro,
>>>>>>
>>>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>>>> server running openmeeting I cant access, even from the LAN, so I think it
>>>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>>>> mentioned in the document you have sent on the local server . I shall do
>>>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>>>> port blocking.
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Partha
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>>
>>>>>> Partha and Julian, is neccesary to open that ports in the firewall and
>>>>>>
>>>>>> the router (both).
>>>>>>
>>>>>>
>>>>>>
>>>>>> Try without firewall to test (open ports in router).
>>>>>>
>>>>>>
>>>>>>
>>>>>> Are you in Ubuntu or Centos?
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ..............
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>>
>>>>>> Dear Alvaro,
>>>>>>
>>>>>>
>>>>>>
>>>>>> I have opened up all the port mentioned in the document but I keep
>>>>>> getting the error, stating failed to connect to media server.
>>>>>>
>>>>>> Does it need to do any other conficonfiguration.
>>>>>>
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> Partha
>>>>>>
>>>>>>
>>>>>>
>>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>>
>>>>>> ...that is for Ubuntu 18.04.
>>>>>>
>>>>>>
>>>>>>
>>>>>> And this is for Centos 7-8:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ...................
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>>
>>>>>> ...take a look:
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> ................
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>>
>>>>>> Hello,
>>>>>>
>>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
>>>>>> audio & video.
>>>>>>
>>>>>> I have Openmeeting server behind a Linux firewall with NAT and
>>>>>> opened up 5443 & 8888 ports. I can not see or hear the meeting participants
>>>>>> nor he can see me or hear.
>>>>>>
>>>>>> The setup test, I can see my own voice and video.
>>>>>>
>>>>>> Here is my nat table
>>>>>>
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>>>
>>>>>>
>>>>>>
>>>>>> public
>>>>>> target: default
>>>>>> icmp-block-inversion: no
>>>>>> interfaces:
>>>>>> sources:
>>>>>> services: mdns dhcpv6-client
>>>>>> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>>> protocols:
>>>>>> masquerade: no
>>>>>> forward-ports:
>>>>>> source-ports:
>>>>>> icmp-blocks:
>>>>>> rich rules:
>>>>>>
>>>>>>
>>>>>>
>>>>>> Could you please help me
>>>>>>
>>>>>>
>>>>>>
>>>>>> Regards,
>>>>>>
>>>>>> --
>>>>>>
>>>>>> Partha
>>>>>> M +91-8825608651
>>>>>> Sent from mobile device
>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>>
>>>>>> --
>>>>>>
>>>>>> Partha
>>>>>> M +91-8825608651
>>>>>> Sent from mobile device
>>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>>
>>>>>
>>>>
>>>> --
>>>> Partha
>>>> M +91-8825608651
>>>> Sent from mobile device
>>>> "If you worried about falling off the bike, you’d never..."
>>>>
>>>
>>>
>>> --
>>> Best regards,
>>> Maxim
>>>
>>
>>
>> --
>> Partha
>> M +91-8825608651
>> Sent from mobile device
>> "If you worried about falling off the bike, you’d never..."
>>
>
>
> --
> Best regards,
> Maxim
>
--
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."
Re: NAT Issue
Posted by Maxim Solodovnik <so...@gmail.com>.
Please check `netstat -npl|grep 8888`
When you are starting dockerized KMS for ex. `docker run -v
/home/solomax/work/openmeetings/data:/home/solomax/work/openmeetings/data
-p 8888:8888 kurento/kurento-media-server`
You make it available at `localhost:8888` due to forwarding
to make everything workable behind NAT you need to ensure TURN is available
outside the NAT
On Mon, 4 May 2020 at 23:36, Partha Datta <da...@gmail.com> wrote:
> Hello Maxim,
> Sorry, if I am not able to explain you properly, so attaching you a
> network diagram of my setup. I have referred installation on Fedora 30, it
> doesn't talk about TURN installation, however I am installing on Fedora 27,
> every thing works good in LAN & VPN but I can not access from PUBLIC
> network. Hope I am clear now. Moreover the docker IP is not static. Do the
> docker IP has to be in different Subnet? I am also attaching you the NAT
> table where OM, Docker & KMS is running.
> [image: image.png]
> netstat -ntp
> [image: image.png]
>
>
>
>
> On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>> Hello Partha,
>>
>> this is something i don't understand :(
>> I would expect KMS is accessible on the same IP
>>
>> Anyway you have to ensure correct KMS address is specified in OM config
>> (and it is accessible to OM)
>> and also accessible to TURN
>>
>> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com> wrote:
>>
>>> Hello Maxim,
>>> My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1, I
>>> have not assigned any IP address to it. Do I need to change it to same
>>> subnet or bind with the same IP address? If so can you tell me how to do
>>> that. I am using docker-ce-18.09.0-3.fc27.x86_64
>>> Regards,
>>> Partha
>>>
>>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <so...@gmail.com>
>>> wrote:
>>>
>>>> Finally I get to this thread :)
>>>>
>>>> I would suggest to check which network interfaces do you have
>>>> And ensure OM, KMS and coturn are available at external network
>>>> interface
>>>>
>>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>>>
>>>>> Same at my side. It works as long as I’am in the lan (VPN is also in
>>>>> the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>>
>>>>>
>>>>>
>>>>> *Von: *Partha Datta <da...@gmail.com>
>>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>>> user@openmeetings.apache.org>
>>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>>>>> *Betreff: *Re: NAT Issue
>>>>>
>>>>>
>>>>>
>>>>> Hi Alvaro,
>>>>>
>>>>> No luck.. Here is my firewall configuration. But very strange.. it
>>>>> works great when I get connected with VPN client
>>>>>
>>>>>
>>>>>
>>>>> FedoraServer (active)
>>>>> target: default
>>>>> icmp-block-inversion: no
>>>>> interfaces: enp5s10
>>>>> sources:
>>>>> services: ssh
>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>> protocols:
>>>>> masquerade: yes
>>>>> forward-ports:
>>>>> source-ports:
>>>>> icmp-blocks:
>>>>> rich rules:
>>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>>> FedoraServer (active)
>>>>> target: default
>>>>> icmp-block-inversion: no
>>>>> interfaces: enp5s10
>>>>> sources:
>>>>> services: ssh
>>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>>> protocols:
>>>>> masquerade: yes
>>>>> forward-ports:
>>>>> source-ports:
>>>>> icmp-blocks:
>>>>> rich rules:
>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>> port="49152-65535" protocol="udp" to-port="49152-65535"
>>>>> to-addr="192.168.110.16"
>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>>>>>
>>>>>
>>>>>
>>>>> Regards,
>>>>>
>>>>> Partha
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>>>>
>>>>>
>>>>>
>>>>> ...Partha, please open in firewalld the ports:
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> # service firewalld start
>>>>>
>>>>>
>>>>>
>>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>>
>>>>>
>>>>>
>>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>>
>>>>>
>>>>>
>>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>>
>>>>>
>>>>>
>>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>>
>>>>>
>>>>>
>>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp
>>>>> --permanent
>>>>>
>>>>>
>>>>>
>>>>> # service firewalld restart
>>>>>
>>>>>
>>>>>
>>>>> ...and to see they are open:
>>>>>
>>>>>
>>>>>
>>>>> # firewall-cmd --list-all
>>>>>
>>>>>
>>>>>
>>>>> ...and after this would be good stop the servers and reboot
>>>>>
>>>>> the machine.
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ..................
>>>>>
>>>>>
>>>>>
>>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>>
>>>>> Hello Alvaro,
>>>>>
>>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>>> server running openmeeting I cant access, even from the LAN, so I think it
>>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>>> mentioned in the document you have sent on the local server . I shall do
>>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>>> port blocking.
>>>>>
>>>>> Regards,
>>>>>
>>>>> Partha
>>>>>
>>>>>
>>>>>
>>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>>
>>>>> Partha and Julian, is neccesary to open that ports in the firewall and
>>>>>
>>>>> the router (both).
>>>>>
>>>>>
>>>>>
>>>>> Try without firewall to test (open ports in router).
>>>>>
>>>>>
>>>>>
>>>>> Are you in Ubuntu or Centos?
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ..............
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>>
>>>>> Dear Alvaro,
>>>>>
>>>>>
>>>>>
>>>>> I have opened up all the port mentioned in the document but I keep
>>>>> getting the error, stating failed to connect to media server.
>>>>>
>>>>> Does it need to do any other conficonfiguration.
>>>>>
>>>>>
>>>>>
>>>>> Regards,
>>>>>
>>>>> Partha
>>>>>
>>>>>
>>>>>
>>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>>
>>>>> ...that is for Ubuntu 18.04.
>>>>>
>>>>>
>>>>>
>>>>> And this is for Centos 7-8:
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ...................
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>>
>>>>> ...take a look:
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> ................
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>>
>>>>> Hello,
>>>>>
>>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
>>>>> audio & video.
>>>>>
>>>>> I have Openmeeting server behind a Linux firewall with NAT and opened
>>>>> up 5443 & 8888 ports. I can not see or hear the meeting participants nor he
>>>>> can see me or hear.
>>>>>
>>>>> The setup test, I can see my own voice and video.
>>>>>
>>>>> Here is my nat table
>>>>>
>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>>
>>>>>
>>>>>
>>>>> public
>>>>> target: default
>>>>> icmp-block-inversion: no
>>>>> interfaces:
>>>>> sources:
>>>>> services: mdns dhcpv6-client
>>>>> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>>> protocols:
>>>>> masquerade: no
>>>>> forward-ports:
>>>>> source-ports:
>>>>> icmp-blocks:
>>>>> rich rules:
>>>>>
>>>>>
>>>>>
>>>>> Could you please help me
>>>>>
>>>>>
>>>>>
>>>>> Regards,
>>>>>
>>>>> --
>>>>>
>>>>> Partha
>>>>> M +91-8825608651
>>>>> Sent from mobile device
>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>>
>>>>> --
>>>>>
>>>>> Partha
>>>>> M +91-8825608651
>>>>> Sent from mobile device
>>>>> "If you worried about falling off the bike, you’d never..."
>>>>>
>>>>
>>>
>>> --
>>> Partha
>>> M +91-8825608651
>>> Sent from mobile device
>>> "If you worried about falling off the bike, you’d never..."
>>>
>>
>>
>> --
>> Best regards,
>> Maxim
>>
>
>
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>
--
Best regards,
Maxim
Re: NAT Issue
Posted by Partha Datta <da...@gmail.com>.
Hello Maxim,
Sorry, if I am not able to explain you properly, so attaching you a network
diagram of my setup. I have referred installation on Fedora 30, it doesn't
talk about TURN installation, however I am installing on Fedora 27, every
thing works good in LAN & VPN but I can not access from PUBLIC network.
Hope I am clear now. Moreover the docker IP is not static. Do the docker IP
has to be in different Subnet? I am also attaching you the NAT table where
OM, Docker & KMS is running.
[image: image.png]
netstat -ntp
[image: image.png]
On Mon, May 4, 2020 at 8:15 PM Maxim Solodovnik <so...@gmail.com>
wrote:
> Hello Partha,
>
> this is something i don't understand :(
> I would expect KMS is accessible on the same IP
>
> Anyway you have to ensure correct KMS address is specified in OM config
> (and it is accessible to OM)
> and also accessible to TURN
>
> On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com> wrote:
>
>> Hello Maxim,
>> My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1, I
>> have not assigned any IP address to it. Do I need to change it to same
>> subnet or bind with the same IP address? If so can you tell me how to do
>> that. I am using docker-ce-18.09.0-3.fc27.x86_64
>> Regards,
>> Partha
>>
>> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <so...@gmail.com>
>> wrote:
>>
>>> Finally I get to this thread :)
>>>
>>> I would suggest to check which network interfaces do you have
>>> And ensure OM, KMS and coturn are available at external network interface
>>>
>>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>>
>>>> Same at my side. It works as long as I’am in the lan (VPN is also in
>>>> the lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>>
>>>>
>>>>
>>>> *Von: *Partha Datta <da...@gmail.com>
>>>> *Antworten an: *"user@openmeetings.apache.org" <
>>>> user@openmeetings.apache.org>
>>>> *Datum: *Montag, 27. April 2020 um 22:14
>>>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>>>> *Betreff: *Re: NAT Issue
>>>>
>>>>
>>>>
>>>> Hi Alvaro,
>>>>
>>>> No luck.. Here is my firewall configuration. But very strange.. it
>>>> works great when I get connected with VPN client
>>>>
>>>>
>>>>
>>>> FedoraServer (active)
>>>> target: default
>>>> icmp-block-inversion: no
>>>> interfaces: enp5s10
>>>> sources:
>>>> services: ssh
>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>> protocols:
>>>> masquerade: yes
>>>> forward-ports:
>>>> source-ports:
>>>> icmp-blocks:
>>>> rich rules:
>>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>>> FedoraServer (active)
>>>> target: default
>>>> icmp-block-inversion: no
>>>> interfaces: enp5s10
>>>> sources:
>>>> services: ssh
>>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>>> protocols:
>>>> masquerade: yes
>>>> forward-ports:
>>>> source-ports:
>>>> icmp-blocks:
>>>> rich rules:
>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>> port="49152-65535" protocol="udp" to-port="49152-65535"
>>>> to-addr="192.168.110.16"
>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>>>>
>>>>
>>>>
>>>> Regards,
>>>>
>>>> Partha
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>>>
>>>>
>>>>
>>>> ...Partha, please open in firewalld the ports:
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> # service firewalld start
>>>>
>>>>
>>>>
>>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>>
>>>>
>>>>
>>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>>
>>>>
>>>>
>>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>>
>>>>
>>>>
>>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>>
>>>>
>>>>
>>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp --permanent
>>>>
>>>>
>>>>
>>>> # service firewalld restart
>>>>
>>>>
>>>>
>>>> ...and to see they are open:
>>>>
>>>>
>>>>
>>>> # firewall-cmd --list-all
>>>>
>>>>
>>>>
>>>> ...and after this would be good stop the servers and reboot
>>>>
>>>> the machine.
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ..................
>>>>
>>>>
>>>>
>>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>>
>>>> Hello Alvaro,
>>>>
>>>> I am running in Fedora 27. When I enable Firewalld service in the
>>>> server running openmeeting I cant access, even from the LAN, so I think it
>>>> is some thing to do with fire wall, I have not checked opening up the ports
>>>> mentioned in the document you have sent on the local server . I shall do
>>>> that today, and update you, to confirm if that is the issue with NAT or
>>>> port blocking.
>>>>
>>>> Regards,
>>>>
>>>> Partha
>>>>
>>>>
>>>>
>>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>>
>>>> Partha and Julian, is neccesary to open that ports in the firewall and
>>>>
>>>> the router (both).
>>>>
>>>>
>>>>
>>>> Try without firewall to test (open ports in router).
>>>>
>>>>
>>>>
>>>> Are you in Ubuntu or Centos?
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ..............
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>>
>>>> Dear Alvaro,
>>>>
>>>>
>>>>
>>>> I have opened up all the port mentioned in the document but I keep
>>>> getting the error, stating failed to connect to media server.
>>>>
>>>> Does it need to do any other conficonfiguration.
>>>>
>>>>
>>>>
>>>> Regards,
>>>>
>>>> Partha
>>>>
>>>>
>>>>
>>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>>
>>>> ...that is for Ubuntu 18.04.
>>>>
>>>>
>>>>
>>>> And this is for Centos 7-8:
>>>>
>>>>
>>>>
>>>>
>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ...................
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>>
>>>> ...take a look:
>>>>
>>>>
>>>>
>>>>
>>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> ................
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>>
>>>> Hello,
>>>>
>>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio
>>>> & video.
>>>>
>>>> I have Openmeeting server behind a Linux firewall with NAT and opened
>>>> up 5443 & 8888 ports. I can not see or hear the meeting participants nor he
>>>> can see me or hear.
>>>>
>>>> The setup test, I can see my own voice and video.
>>>>
>>>> Here is my nat table
>>>>
>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>>
>>>>
>>>>
>>>> public
>>>> target: default
>>>> icmp-block-inversion: no
>>>> interfaces:
>>>> sources:
>>>> services: mdns dhcpv6-client
>>>> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>>> protocols:
>>>> masquerade: no
>>>> forward-ports:
>>>> source-ports:
>>>> icmp-blocks:
>>>> rich rules:
>>>>
>>>>
>>>>
>>>> Could you please help me
>>>>
>>>>
>>>>
>>>> Regards,
>>>>
>>>> --
>>>>
>>>> Partha
>>>> M +91-8825608651
>>>> Sent from mobile device
>>>> "If you worried about falling off the bike, you’d never..."
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>>
>>>> --
>>>>
>>>> Partha
>>>> M +91-8825608651
>>>> Sent from mobile device
>>>> "If you worried about falling off the bike, you’d never..."
>>>>
>>>
>>
>> --
>> Partha
>> M +91-8825608651
>> Sent from mobile device
>> "If you worried about falling off the bike, you’d never..."
>>
>
>
> --
> Best regards,
> Maxim
>
--
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."
Re: NAT Issue
Posted by Maxim Solodovnik <so...@gmail.com>.
Hello Partha,
this is something i don't understand :(
I would expect KMS is accessible on the same IP
Anyway you have to ensure correct KMS address is specified in OM config
(and it is accessible to OM)
and also accessible to TURN
On Mon, 4 May 2020 at 03:23, Partha Datta <da...@gmail.com> wrote:
> Hello Maxim,
> My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1, I
> have not assigned any IP address to it. Do I need to change it to same
> subnet or bind with the same IP address? If so can you tell me how to do
> that. I am using docker-ce-18.09.0-3.fc27.x86_64
> Regards,
> Partha
>
> On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <so...@gmail.com>
> wrote:
>
>> Finally I get to this thread :)
>>
>> I would suggest to check which network interfaces do you have
>> And ensure OM, KMS and coturn are available at external network interface
>>
>> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>>
>>> Same at my side. It works as long as I’am in the lan (VPN is also in the
>>> lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>>
>>>
>>>
>>> *Von: *Partha Datta <da...@gmail.com>
>>> *Antworten an: *"user@openmeetings.apache.org" <
>>> user@openmeetings.apache.org>
>>> *Datum: *Montag, 27. April 2020 um 22:14
>>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>>> *Betreff: *Re: NAT Issue
>>>
>>>
>>>
>>> Hi Alvaro,
>>>
>>> No luck.. Here is my firewall configuration. But very strange.. it works
>>> great when I get connected with VPN client
>>>
>>>
>>>
>>> FedoraServer (active)
>>> target: default
>>> icmp-block-inversion: no
>>> interfaces: enp5s10
>>> sources:
>>> services: ssh
>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>> protocols:
>>> masquerade: yes
>>> forward-ports:
>>> source-ports:
>>> icmp-blocks:
>>> rich rules:
>>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>>> FedoraServer (active)
>>> target: default
>>> icmp-block-inversion: no
>>> interfaces: enp5s10
>>> sources:
>>> services: ssh
>>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>>> protocols:
>>> masquerade: yes
>>> forward-ports:
>>> source-ports:
>>> icmp-blocks:
>>> rich rules:
>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>> port="49152-65535" protocol="udp" to-port="49152-65535"
>>> to-addr="192.168.110.16"
>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>>>
>>>
>>>
>>> Regards,
>>>
>>> Partha
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>>
>>>
>>>
>>> ...Partha, please open in firewalld the ports:
>>>
>>>
>>>
>>>
>>>
>>> # service firewalld start
>>>
>>>
>>>
>>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>>
>>>
>>>
>>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>>
>>>
>>>
>>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>>
>>>
>>>
>>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>>
>>>
>>>
>>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp --permanent
>>>
>>>
>>>
>>> # service firewalld restart
>>>
>>>
>>>
>>> ...and to see they are open:
>>>
>>>
>>>
>>> # firewall-cmd --list-all
>>>
>>>
>>>
>>> ...and after this would be good stop the servers and reboot
>>>
>>> the machine.
>>>
>>>
>>>
>>>
>>>
>>> ..................
>>>
>>>
>>>
>>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>>
>>> Hello Alvaro,
>>>
>>> I am running in Fedora 27. When I enable Firewalld service in the server
>>> running openmeeting I cant access, even from the LAN, so I think it is
>>> some thing to do with fire wall, I have not checked opening up the ports
>>> mentioned in the document you have sent on the local server . I shall do
>>> that today, and update you, to confirm if that is the issue with NAT or
>>> port blocking.
>>>
>>> Regards,
>>>
>>> Partha
>>>
>>>
>>>
>>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>>
>>> Partha and Julian, is neccesary to open that ports in the firewall and
>>>
>>> the router (both).
>>>
>>>
>>>
>>> Try without firewall to test (open ports in router).
>>>
>>>
>>>
>>> Are you in Ubuntu or Centos?
>>>
>>>
>>>
>>>
>>>
>>> ..............
>>>
>>>
>>>
>>>
>>>
>>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>>
>>> Dear Alvaro,
>>>
>>>
>>>
>>> I have opened up all the port mentioned in the document but I keep
>>> getting the error, stating failed to connect to media server.
>>>
>>> Does it need to do any other conficonfiguration.
>>>
>>>
>>>
>>> Regards,
>>>
>>> Partha
>>>
>>>
>>>
>>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>>
>>> ...that is for Ubuntu 18.04.
>>>
>>>
>>>
>>> And this is for Centos 7-8:
>>>
>>>
>>>
>>>
>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> ...................
>>>
>>>
>>>
>>>
>>>
>>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>>
>>> ...take a look:
>>>
>>>
>>>
>>>
>>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>>
>>>
>>>
>>>
>>>
>>> ................
>>>
>>>
>>>
>>>
>>>
>>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>>
>>> Hello,
>>>
>>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio
>>> & video.
>>>
>>> I have Openmeeting server behind a Linux firewall with NAT and opened
>>> up 5443 & 8888 ports. I can not see or hear the meeting participants nor he
>>> can see me or hear.
>>>
>>> The setup test, I can see my own voice and video.
>>>
>>> Here is my nat table
>>>
>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>>> rule family="ipv4" destination address="112.73.210.134" forward-port
>>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>>
>>>
>>>
>>> public
>>> target: default
>>> icmp-block-inversion: no
>>> interfaces:
>>> sources:
>>> services: mdns dhcpv6-client
>>> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>>> protocols:
>>> masquerade: no
>>> forward-ports:
>>> source-ports:
>>> icmp-blocks:
>>> rich rules:
>>>
>>>
>>>
>>> Could you please help me
>>>
>>>
>>>
>>> Regards,
>>>
>>> --
>>>
>>> Partha
>>> M +91-8825608651
>>> Sent from mobile device
>>> "If you worried about falling off the bike, you’d never..."
>>>
>>>
>>>
>>>
>>>
>>>
>>>
>>> --
>>>
>>> Partha
>>> M +91-8825608651
>>> Sent from mobile device
>>> "If you worried about falling off the bike, you’d never..."
>>>
>>
>
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>
--
Best regards,
Maxim
Re: NAT Issue
Posted by Partha Datta <da...@gmail.com>.
Hello Maxim,
My server LAN IP is 192.168.1.16 and the docer is running 172.16.0.1, I
have not assigned any IP address to it. Do I need to change it to same
subnet or bind with the same IP address? If so can you tell me how to do
that. I am using docker-ce-18.09.0-3.fc27.x86_64
Regards,
Partha
On Tue, Apr 28, 2020 at 7:11 PM Maxim Solodovnik <so...@gmail.com>
wrote:
> Finally I get to this thread :)
>
> I would suggest to check which network interfaces do you have
> And ensure OM, KMS and coturn are available at external network interface
>
> On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
>
>> Same at my side. It works as long as I’am in the lan (VPN is also in the
>> lan) it works. Whe it comes to use the coturn server it doesn’t work.
>>
>>
>>
>> *Von: *Partha Datta <da...@gmail.com>
>> *Antworten an: *"user@openmeetings.apache.org" <
>> user@openmeetings.apache.org>
>> *Datum: *Montag, 27. April 2020 um 22:14
>> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
>> *Betreff: *Re: NAT Issue
>>
>>
>>
>> Hi Alvaro,
>>
>> No luck.. Here is my firewall configuration. But very strange.. it works
>> great when I get connected with VPN client
>>
>>
>>
>> FedoraServer (active)
>> target: default
>> icmp-block-inversion: no
>> interfaces: enp5s10
>> sources:
>> services: ssh
>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>> protocols:
>> masquerade: yes
>> forward-ports:
>> source-ports:
>> icmp-blocks:
>> rich rules:
>> [root@hepi3 ~]# firewall-cmd --list-all-zones
>> FedoraServer (active)
>> target: default
>> icmp-block-inversion: no
>> interfaces: enp5s10
>> sources:
>> services: ssh
>> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
>> protocols:
>> masquerade: yes
>> forward-ports:
>> source-ports:
>> icmp-blocks:
>> rich rules:
>> rule family="ipv4" destination address="112.73.210.134" forward-port
>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>> rule family="ipv4" destination address="112.73.210.134" forward-port
>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>> rule family="ipv4" destination address="112.73.210.134" forward-port
>> port="49152-65535" protocol="udp" to-port="49152-65535"
>> to-addr="192.168.110.16"
>> rule family="ipv4" destination address="112.73.210.134" forward-port
>> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
>> rule family="ipv4" destination address="112.73.210.134" forward-port
>> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>>
>>
>>
>> Regards,
>>
>> Partha
>>
>>
>>
>>
>>
>>
>>
>> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>>
>>
>>
>> ...Partha, please open in firewalld the ports:
>>
>>
>>
>>
>>
>> # service firewalld start
>>
>>
>>
>> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>>
>>
>>
>> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>>
>>
>>
>> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>>
>>
>>
>> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>>
>>
>>
>> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp --permanent
>>
>>
>>
>> # service firewalld restart
>>
>>
>>
>> ...and to see they are open:
>>
>>
>>
>> # firewall-cmd --list-all
>>
>>
>>
>> ...and after this would be good stop the servers and reboot
>>
>> the machine.
>>
>>
>>
>>
>>
>> ..................
>>
>>
>>
>> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>>
>> Hello Alvaro,
>>
>> I am running in Fedora 27. When I enable Firewalld service in the server
>> running openmeeting I cant access, even from the LAN, so I think it is
>> some thing to do with fire wall, I have not checked opening up the ports
>> mentioned in the document you have sent on the local server . I shall do
>> that today, and update you, to confirm if that is the issue with NAT or
>> port blocking.
>>
>> Regards,
>>
>> Partha
>>
>>
>>
>> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>>
>> Partha and Julian, is neccesary to open that ports in the firewall and
>>
>> the router (both).
>>
>>
>>
>> Try without firewall to test (open ports in router).
>>
>>
>>
>> Are you in Ubuntu or Centos?
>>
>>
>>
>>
>>
>> ..............
>>
>>
>>
>>
>>
>> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>>
>> Dear Alvaro,
>>
>>
>>
>> I have opened up all the port mentioned in the document but I keep
>> getting the error, stating failed to connect to media server.
>>
>> Does it need to do any other conficonfiguration.
>>
>>
>>
>> Regards,
>>
>> Partha
>>
>>
>>
>> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>>
>> ...that is for Ubuntu 18.04.
>>
>>
>>
>> And this is for Centos 7-8:
>>
>>
>>
>>
>> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>
>>
>>
>>
>>
>>
>>
>> ...................
>>
>>
>>
>>
>>
>> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>>
>> ...take a look:
>>
>>
>>
>>
>> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
>> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>>
>>
>>
>>
>>
>> ................
>>
>>
>>
>>
>>
>> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>>
>> Hello,
>>
>> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
>> video.
>>
>> I have Openmeeting server behind a Linux firewall with NAT and opened up
>> 5443 & 8888 ports. I can not see or hear the meeting participants nor he
>> can see me or hear.
>>
>> The setup test, I can see my own voice and video.
>>
>> Here is my nat table
>>
>> rule family="ipv4" destination address="112.73.210.134" forward-port
>> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
>> rule family="ipv4" destination address="112.73.210.134" forward-port
>> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>>
>>
>>
>> public
>> target: default
>> icmp-block-inversion: no
>> interfaces:
>> sources:
>> services: mdns dhcpv6-client
>> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
>> protocols:
>> masquerade: no
>> forward-ports:
>> source-ports:
>> icmp-blocks:
>> rich rules:
>>
>>
>>
>> Could you please help me
>>
>>
>>
>> Regards,
>>
>> --
>>
>> Partha
>> M +91-8825608651
>> Sent from mobile device
>> "If you worried about falling off the bike, you’d never..."
>>
>>
>>
>>
>>
>>
>>
>> --
>>
>> Partha
>> M +91-8825608651
>> Sent from mobile device
>> "If you worried about falling off the bike, you’d never..."
>>
>
--
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."
Re: NAT Issue
Posted by Maxim Solodovnik <so...@gmail.com>.
Finally I get to this thread :)
I would suggest to check which network interfaces do you have
And ensure OM, KMS and coturn are available at external network interface
On Tue, Apr 28, 2020, 11:42 Julian Weiß <ju...@ch-weiss.de> wrote:
> Same at my side. It works as long as I’am in the lan (VPN is also in the
> lan) it works. Whe it comes to use the coturn server it doesn’t work.
>
>
>
> *Von: *Partha Datta <da...@gmail.com>
> *Antworten an: *"user@openmeetings.apache.org" <
> user@openmeetings.apache.org>
> *Datum: *Montag, 27. April 2020 um 22:14
> *An: *"user@openmeetings.apache.org" <us...@openmeetings.apache.org>
> *Betreff: *Re: NAT Issue
>
>
>
> Hi Alvaro,
>
> No luck.. Here is my firewall configuration. But very strange.. it works
> great when I get connected with VPN client
>
>
>
> FedoraServer (active)
> target: default
> icmp-block-inversion: no
> interfaces: enp5s10
> sources:
> services: ssh
> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
> protocols:
> masquerade: yes
> forward-ports:
> source-ports:
> icmp-blocks:
> rich rules:
> [root@hepi3 ~]# firewall-cmd --list-all-zones
> FedoraServer (active)
> target: default
> icmp-block-inversion: no
> interfaces: enp5s10
> sources:
> services: ssh
> ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
> protocols:
> masquerade: yes
> forward-ports:
> source-ports:
> icmp-blocks:
> rich rules:
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="49152-65535" protocol="udp" to-port="49152-65535"
> to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
>
>
>
> Regards,
>
> Partha
>
>
>
>
>
>
>
> On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>
>
>
> ...Partha, please open in firewalld the ports:
>
>
>
>
>
> # service firewalld start
>
>
>
> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>
>
>
> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>
>
>
> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>
>
>
> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>
>
>
> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp --permanent
>
>
>
> # service firewalld restart
>
>
>
> ...and to see they are open:
>
>
>
> # firewall-cmd --list-all
>
>
>
> ...and after this would be good stop the servers and reboot
>
> the machine.
>
>
>
>
>
> ..................
>
>
>
> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>
> Hello Alvaro,
>
> I am running in Fedora 27. When I enable Firewalld service in the server
> running openmeeting I cant access, even from the LAN, so I think it is
> some thing to do with fire wall, I have not checked opening up the ports
> mentioned in the document you have sent on the local server . I shall do
> that today, and update you, to confirm if that is the issue with NAT or
> port blocking.
>
> Regards,
>
> Partha
>
>
>
> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>
> Partha and Julian, is neccesary to open that ports in the firewall and
>
> the router (both).
>
>
>
> Try without firewall to test (open ports in router).
>
>
>
> Are you in Ubuntu or Centos?
>
>
>
>
>
> ..............
>
>
>
>
>
> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>
> Dear Alvaro,
>
>
>
> I have opened up all the port mentioned in the document but I keep getting
> the error, stating failed to connect to media server.
>
> Does it need to do any other conficonfiguration.
>
>
>
> Regards,
>
> Partha
>
>
>
> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>
> ...that is for Ubuntu 18.04.
>
>
>
> And this is for Centos 7-8:
>
>
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
>
>
>
>
>
> ...................
>
>
>
>
>
> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>
> ...take a look:
>
>
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
>
>
>
> ................
>
>
>
>
>
> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>
> Hello,
>
> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
> video.
>
> I have Openmeeting server behind a Linux firewall with NAT and opened up
> 5443 & 8888 ports. I can not see or hear the meeting participants nor he
> can see me or hear.
>
> The setup test, I can see my own voice and video.
>
> Here is my nat table
>
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>
>
>
> public
> target: default
> icmp-block-inversion: no
> interfaces:
> sources:
> services: mdns dhcpv6-client
> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> protocols:
> masquerade: no
> forward-ports:
> source-ports:
> icmp-blocks:
> rich rules:
>
>
>
> Could you please help me
>
>
>
> Regards,
>
> --
>
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>
>
>
>
>
>
>
> --
>
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>
Re: NAT Issue
Posted by Julian Weiß <ju...@ch-weiss.de>.
Same at my side. It works as long as I’am in the lan (VPN is also in the lan) it works. Whe it comes to use the coturn server it doesn’t work.
Von: Partha Datta <da...@gmail.com>
Antworten an: "user@openmeetings.apache.org" <us...@openmeetings.apache.org>
Datum: Montag, 27. April 2020 um 22:14
An: "user@openmeetings.apache.org" <us...@openmeetings.apache.org>
Betreff: Re: NAT Issue
Hi Alvaro,
No luck.. Here is my firewall configuration. But very strange.. it works great when I get connected with VPN client
FedoraServer (active)
target: default
icmp-block-inversion: no
interfaces: enp5s10
sources:
services: ssh
ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
protocols:
masquerade: yes
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@hepi3 ~]# firewall-cmd --list-all-zones
FedoraServer (active)
target: default
icmp-block-inversion: no
interfaces: enp5s10
sources:
services: ssh
ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
protocols:
masquerade: yes
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" destination address="112.73.210.134" forward-port port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port port="49152-65535" protocol="udp" to-port="49152-65535" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
Regards,
Partha
On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
...Partha, please open in firewalld the ports:
# service firewalld start
# sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
# sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
# sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
# sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
# sudo firewall-cmd --zone=public --add-port=49152-65535/udp --permanent
# service firewalld restart
...and to see they are open:
# firewall-cmd --list-all
...and after this would be good stop the servers and reboot
the machine.
..................
El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
Hello Alvaro,
I am running in Fedora 27. When I enable Firewalld service in the server running openmeeting I cant access, even from the LAN, so I think it is some thing to do with fire wall, I have not checked opening up the ports mentioned in the document you have sent on the local server . I shall do that today, and update you, to confirm if that is the issue with NAT or port blocking.
Regards,
Partha
On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
Partha and Julian, is neccesary to open that ports in the firewall and
the router (both).
Try without firewall to test (open ports in router).
Are you in Ubuntu or Centos?
..............
El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
Dear Alvaro,
I have opened up all the port mentioned in the document but I keep getting the error, stating failed to connect to media server.
Does it need to do any other conficonfiguration.
Regards,
Partha
On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
...that is for Ubuntu 18.04.
And this is for Centos 7-8:
https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
...................
El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
...take a look:
https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
................
El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
Hello,
I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio & video.
I have Openmeeting server behind a Linux firewall with NAT and opened up 5443 & 8888 ports. I can not see or hear the meeting participants nor he can see me or hear.
The setup test, I can see my own voice and video.
Here is my nat table
rule family="ipv4" destination address="112.73.210.134" forward-port port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
public
target: default
icmp-block-inversion: no
interfaces:
sources:
services: mdns dhcpv6-client
ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Could you please help me
Regards,
--
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."
--
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."
Re: NAT Issue
Posted by Partha Datta <da...@gmail.com>.
Hi Alvaro,
No luck.. Here is my firewall configuration. But very strange.. it works
great when I get connected with VPN client
FedoraServer (active)
target: default
icmp-block-inversion: no
interfaces: enp5s10
sources:
services: ssh
ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
protocols:
masquerade: yes
forward-ports:
source-ports:
icmp-blocks:
rich rules:
[root@hepi3 ~]# firewall-cmd --list-all-zones
FedoraServer (active)
target: default
icmp-block-inversion: no
interfaces: enp5s10
sources:
services: ssh
ports: 5904/tcp 3478/tcp 3478/udp 5443/tcp 8888/tcp 49152-65535/udp
protocols:
masquerade: yes
forward-ports:
source-ports:
icmp-blocks:
rich rules:
rule family="ipv4" destination address="112.73.210.134" forward-port
port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port
port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port
port="49152-65535" protocol="udp" to-port="49152-65535"
to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port
port="3478" protocol="udp" to-port="3478" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port
port="3478" protocol="tcp" to-port="3478" to-addr="192.168.110.16"
Regards,
Partha
On Mon, Apr 27, 2020 at 12:09 PM Alvaro <zu...@gmail.com> wrote:
>
> ...Partha, please open in firewalld the ports:
>
>
> # service firewalld start
>
> # sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
>
> # sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
>
> # sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
>
> # sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
>
> # sudo firewall-cmd --zone=public --add-port=49152-65535/udp --permanent
>
> # service firewalld restart
>
> ...and to see they are open:
>
> # firewall-cmd --list-all
>
> ...and after this would be good stop the servers and reboot
> the machine.
>
>
> ..................
>
> El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
>
> Hello Alvaro,
> I am running in Fedora 27. When I enable Firewalld service in the server
> running openmeeting I cant access, even from the LAN, so I think it is
> some thing to do with fire wall, I have not checked opening up the ports
> mentioned in the document you have sent on the local server . I shall do
> that today, and update you, to confirm if that is the issue with NAT or
> port blocking.
> Regards,
> Partha
>
> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
>
> Partha and Julian, is neccesary to open that ports in the firewall and
> the router (both).
>
> Try without firewall to test (open ports in router).
>
> Are you in Ubuntu or Centos?
>
>
> ..............
>
>
> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>
> Dear Alvaro,
>
> I have opened up all the port mentioned in the document but I keep getting
> the error, stating failed to connect to media server.
> Does it need to do any other conficonfiguration.
>
> Regards,
> Partha
>
> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>
> ...that is for Ubuntu 18.04.
>
> And this is for Centos 7-8:
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
>
> ...................
>
>
> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>
> ...take a look:
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
> ................
>
>
> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>
> Hello,
> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
> video.
> I have Openmeeting server behind a Linux firewall with NAT and opened up
> 5443 & 8888 ports. I can not see or hear the meeting participants nor he
> can see me or hear.
> The setup test, I can see my own voice and video.
> Here is my nat table
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>
> public
> target: default
> icmp-block-inversion: no
> interfaces:
> sources:
> services: mdns dhcpv6-client
> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> protocols:
> masquerade: no
> forward-ports:
> source-ports:
> icmp-blocks:
> rich rules:
>
> Could you please help me
>
> Regards,
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>
>
>
>
--
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."
Re: NAT Issue
Posted by Alvaro <zu...@gmail.com>.
...Partha, please open in firewalld the ports:
# service firewalld start
# sudo firewall-cmd --zone=public --add-port=3478/tcp --permanent
# sudo firewall-cmd --zone=public --add-port=3478/udp --permanent
# sudo firewall-cmd --zone=public --add-port=5443/tcp --permanent
# sudo firewall-cmd --zone=public --add-port=8888/tcp --permanent
# sudo firewall-cmd --zone=public --add-port=49152-65535/udp --
permanent
# service firewalld restart
...and to see they are open:
# firewall-cmd --list-all
...and after this would be good stop the servers and rebootthe machine.
..................
El lun, 27-04-2020 a las 05:23 +0530, Partha Datta escribió:
> Hello Alvaro,I am running in Fedora 27. When I enable Firewalld
> service in the server running openmeeting I cant access, even from
> the LAN, so I think it is some thing to do with fire wall, I have
> not checked opening up the ports mentioned in the document you have
> sent on the local server . I shall do that today, and update you, to
> confirm if that is the issue with NAT or port blocking.
> Regards,
> Partha
> On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
> > Partha and Julian, is neccesary to open that ports in the firewall
> > andthe router (both).
> > Try without firewall to test (open ports in router).
> > Are you in Ubuntu or Centos?
> >
> > ..............
> >
> > El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
> > > Dear Alvaro,
> > > I have opened up all the port mentioned in the document but I
> > > keep getting the error, stating failed to connect to media
> > > server.
> > > Does it need to do any other conficonfiguration.
> > >
> > > Regards,
> > > Partha
> > > On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
> > > > ...that is for Ubuntu 18.04.
> > > > And this is for Centos 7-8:
> > > > https://cwiki.apache.org/confluence/download/attachments/278382
> > > > 16/Centos%207-
> > > > 8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20Op
> > > > enMeetings%205.0.0-M3.pdf
> > > >
> > > >
> > > > ...................
> > > >
> > > > El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
> > > > > ...take a look:
> > > > > https://cwiki.apache.org/confluence/download/attachments/2783
> > > > > 8216/Installation%20SSL%20certificates%20and%20Coturn%20for%2
> > > > > 0OpenMeetings%205.0.0-M3.pdf
> > > > >
> > > > > ................
> > > > >
> > > > > El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
> > > > > > Hello,
> > > > > > I have installed OpenMeetings 5.0.0-M3. It is working in
> > > > > > LAN both audio & video.
> > > > > > I have Openmeeting server behind a Linux firewall with
> > > > > > NAT and opened up 5443 & 8888 ports. I can not see or hear
> > > > > > the meeting participants nor he can see me or hear.
> > > > > > The setup test, I can see my own voice and video.
> > > > > > Here is my nat table
> > > > > > rule family="ipv4" destination address="112.73.210.134"
> > > > > > forward-port port="5443" protocol="tcp" to-port="5443" to-
> > > > > > addr="192.168.110.16"
> > > > > > rule family="ipv4" destination address="112.73.210.134"
> > > > > > forward-port port="8888" protocol="tcp" to-port="8888" to-
> > > > > > addr="192.168.110.16"
> > > > > >
> > > > > > public
> > > > > > target: default
> > > > > > icmp-block-inversion: no
> > > > > > interfaces:
> > > > > > sources:
> > > > > > services: mdns dhcpv6-client
> > > > > > ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> > > > > > protocols:
> > > > > > masquerade: no
> > > > > > forward-ports:
> > > > > > source-ports:
> > > > > > icmp-blocks:
> > > > > > rich rules:
> > > > > >
> > > > > > Could you please help me
> > > > > >
> > > > > > Regards,
> > > > > > --
> > > > > >
> > > > > > Partha
> > > > > > M +91-8825608651
> > > > > > Sent from mobile device
> > > > > > "If you worried about falling off the bike, you’d never..."
> > > > > >
Re: NAT Issue
Posted by Partha Datta <da...@gmail.com>.
Hello Alvaro,
I am running in Fedora 27. When I enable Firewalld service in the server
running openmeeting I cant access, even from the LAN, so I think it is
some thing to do with fire wall, I have not checked opening up the ports
mentioned in the document you have sent on the local server . I shall do
that today, and update you, to confirm if that is the issue with NAT or
port blocking.
Regards,
Partha
On Mon, 27 Apr 2020, 00:40 Alvaro, <zu...@gmail.com> wrote:
> Partha and Julian, is neccesary to open that ports in the firewall and
> the router (both).
>
> Try without firewall to test (open ports in router).
>
> Are you in Ubuntu or Centos?
>
>
> ..............
>
>
> El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
>
> Dear Alvaro,
>
> I have opened up all the port mentioned in the document but I keep getting
> the error, stating failed to connect to media server.
> Does it need to do any other conficonfiguration.
>
> Regards,
> Partha
>
> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
>
> ...that is for Ubuntu 18.04.
>
> And this is for Centos 7-8:
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
>
> ...................
>
>
> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>
> ...take a look:
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
> ................
>
>
> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>
> Hello,
> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
> video.
> I have Openmeeting server behind a Linux firewall with NAT and opened up
> 5443 & 8888 ports. I can not see or hear the meeting participants nor he
> can see me or hear.
> The setup test, I can see my own voice and video.
> Here is my nat table
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>
> public
> target: default
> icmp-block-inversion: no
> interfaces:
> sources:
> services: mdns dhcpv6-client
> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> protocols:
> masquerade: no
> forward-ports:
> source-ports:
> icmp-blocks:
> rich rules:
>
> Could you please help me
>
> Regards,
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>
>
>
Re: NAT Issue
Posted by Alvaro <zu...@gmail.com>.
Partha and Julian, is neccesary to open that ports in the firewall
andthe router (both).
Try without firewall to test (open ports in router).
Are you in Ubuntu or Centos?
..............
El dom, 26-04-2020 a las 23:52 +0530, Partha Datta escribió:
> Dear Alvaro,
> I have opened up all the port mentioned in the document but I keep
> getting the error, stating failed to connect to media server.
> Does it need to do any other conficonfiguration.
>
> Regards,
> Partha
> On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
> > ...that is for Ubuntu 18.04.
> > And this is for Centos 7-8:
> > https://cwiki.apache.org/confluence/download/attachments/27838216/C
> > entos%207-
> > 8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMe
> > etings%205.0.0-M3.pdf
> >
> >
> > ...................
> >
> > El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
> > > ...take a look:
> > > https://cwiki.apache.org/confluence/download/attachments/27838216
> > > /Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMee
> > > tings%205.0.0-M3.pdf
> > >
> > > ................
> > >
> > > El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
> > > > Hello,
> > > > I have installed OpenMeetings 5.0.0-M3. It is working in LAN
> > > > both audio & video.
> > > > I have Openmeeting server behind a Linux firewall with NAT
> > > > and opened up 5443 & 8888 ports. I can not see or hear the
> > > > meeting participants nor he can see me or hear.
> > > > The setup test, I can see my own voice and video.
> > > > Here is my nat table
> > > > rule family="ipv4" destination address="112.73.210.134"
> > > > forward-port port="5443" protocol="tcp" to-port="5443" to-
> > > > addr="192.168.110.16"
> > > > rule family="ipv4" destination address="112.73.210.134"
> > > > forward-port port="8888" protocol="tcp" to-port="8888" to-
> > > > addr="192.168.110.16"
> > > >
> > > > public
> > > > target: default
> > > > icmp-block-inversion: no
> > > > interfaces:
> > > > sources:
> > > > services: mdns dhcpv6-client
> > > > ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> > > > protocols:
> > > > masquerade: no
> > > > forward-ports:
> > > > source-ports:
> > > > icmp-blocks:
> > > > rich rules:
> > > >
> > > > Could you please help me
> > > >
> > > > Regards,
> > > > --
> > > >
> > > > Partha
> > > > M +91-8825608651
> > > > Sent from mobile device
> > > > "If you worried about falling off the bike, you’d never..."
> > > >
Re: NAT Issue
Posted by Julian Weiß <ju...@ch-weiss.de>.
So am i. I can report the same Problem. Andy Ideas. Hey Partha do you have any Errorlogs from coturn.
... von unterwegs gesendet... daher etwas kurz in der Formulierung!...
________________________________
Von: Partha Datta <da...@gmail.com>
Gesendet: Sunday, April 26, 2020 8:22:14 PM
An: user@openmeetings.apache.org <us...@openmeetings.apache.org>
Betreff: Re: NAT Issue
Dear Alvaro,
I have opened up all the port mentioned in the document but I keep getting the error, stating failed to connect to media server.
Does it need to do any other conficonfiguration.
Regards,
Partha
On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com>> wrote:
...that is for Ubuntu 18.04.
And this is for Centos 7-8:
https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf<https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
...................
El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
...take a look:
https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf<https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
................
El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
Hello,
I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio & video.
I have Openmeeting server behind a Linux firewall with NAT and opened up 5443 & 8888 ports. I can not see or hear the meeting participants nor he can see me or hear.
The setup test, I can see my own voice and video.
Here is my nat table
rule family="ipv4" destination address="112.73.210.134" forward-port port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
rule family="ipv4" destination address="112.73.210.134" forward-port port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
public
target: default
icmp-block-inversion: no
interfaces:
sources:
services: mdns dhcpv6-client
ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
protocols:
masquerade: no
forward-ports:
source-ports:
icmp-blocks:
rich rules:
Could you please help me
Regards,
--
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."
Re: NAT Issue
Posted by Partha Datta <da...@gmail.com>.
Dear Alvaro,
I have opened up all the port mentioned in the document but I keep getting
the error, stating failed to connect to media server.
Does it need to do any other conficonfiguration.
Regards,
Partha
On Fri, 24 Apr 2020, 02:06 Alvaro, <zu...@gmail.com> wrote:
> ...that is for Ubuntu 18.04.
>
> And this is for Centos 7-8:
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Centos%207-8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
>
> ...................
>
>
> El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
>
> ...take a look:
>
>
> https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf
> <https://cwiki.apache.org/confluence/download/attachments/27838216/Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.0-M3.pdf?api=v2>
>
>
> ................
>
>
> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
>
> Hello,
> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
> video.
> I have Openmeeting server behind a Linux firewall with NAT and opened up
> 5443 & 8888 ports. I can not see or hear the meeting participants nor he
> can see me or hear.
> The setup test, I can see my own voice and video.
> Here is my nat table
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>
> public
> target: default
> icmp-block-inversion: no
> interfaces:
> sources:
> services: mdns dhcpv6-client
> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> protocols:
> masquerade: no
> forward-ports:
> source-ports:
> icmp-blocks:
> rich rules:
>
> Could you please help me
>
> Regards,
> --
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>
>
Re: NAT Issue
Posted by Alvaro <zu...@gmail.com>.
...that is for Ubuntu 18.04.
And this is for Centos 7-8:
https://cwiki.apache.org/confluence/download/attachments/27838216/Cento
s%207-
8%20Installation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetin
gs%205.0.0-M3.pdf
...................
El jue, 23-04-2020 a las 22:11 +0200, Alvaro escribió:
> ...take a look:
> https://cwiki.apache.org/confluence/download/attachments/27838216/Ins
> tallation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%20
> 5.0.0-M3.pdf
>
> ................
>
> El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
> > Hello,
> > I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
> > audio & video.
> > I have Openmeeting server behind a Linux firewall with NAT and
> > opened up 5443 & 8888 ports. I can not see or hear the meeting
> > participants nor he can see me or hear.
> > The setup test, I can see my own voice and video.
> > Here is my nat table
> > rule family="ipv4" destination address="112.73.210.134" forward-
> > port port="5443" protocol="tcp" to-port="5443" to-
> > addr="192.168.110.16"
> > rule family="ipv4" destination address="112.73.210.134"
> > forward-port port="8888" protocol="tcp" to-port="8888" to-
> > addr="192.168.110.16"
> >
> > public
> > target: default
> > icmp-block-inversion: no
> > interfaces:
> > sources:
> > services: mdns dhcpv6-client
> > ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> > protocols:
> > masquerade: no
> > forward-ports:
> > source-ports:
> > icmp-blocks:
> > rich rules:
> >
> > Could you please help me
> >
> > Regards,
> > --
> >
> > Partha
> > M +91-8825608651
> > Sent from mobile device
> > "If you worried about falling off the bike, you’d never..."
> >
Re: NAT Issue
Posted by Alvaro <zu...@gmail.com>.
...take a look:
https://cwiki.apache.org/confluence/download/attachments/27838216/Insta
llation%20SSL%20certificates%20and%20Coturn%20for%20OpenMeetings%205.0.
0-M3.pdf
................
El vie, 24-04-2020 a las 00:34 +0530, Partha Datta escribió:
> Hello,
> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both
> audio & video.
> I have Openmeeting server behind a Linux firewall with NAT and
> opened up 5443 & 8888 ports. I can not see or hear the meeting
> participants nor he can see me or hear.
> The setup test, I can see my own voice and video.
> Here is my nat table
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134"
> forward-port port="8888" protocol="tcp" to-port="8888" to-
> addr="192.168.110.16"
>
> public
> target: default
> icmp-block-inversion: no
> interfaces:
> sources:
> services: mdns dhcpv6-client
> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> protocols:
> masquerade: no
> forward-ports:
> source-ports:
> icmp-blocks:
> rich rules:
>
> Could you please help me
>
> Regards,
> --
>
> Partha
> M +91-8825608651
> Sent from mobile device
> "If you worried about falling off the bike, you’d never..."
>
Re: NAT Issue
Posted by ratatouille <ra...@bitclusive.de>.
Julian Weiß <ju...@ch-weiss.de> schrieb am 27.04.20 um 11:29:23 Uhr:
> I’m using UBUNTU 18LTS
You are not very familiar with Linuxsystems, are you?
> Yes I edited the application Context xml file
>
> Any Ideas how to get the turnserver running is it a problem that only sudo can see that it is working. As long as I type in turnserver I just get the information of a binding problem.
>
> Any Ideas might it be a right conflicti
This is because there is an instance of the turnserver already running.
Why don't you execute a netstat -pantu |grep turn in a terminal to
see if it is running?
Where is the problem to start the turnserver via systemctl start turnserver
or what ever turnserver you are running?
If you don't provide details of what you are doing nobody can help you.
Andreas
Re: NAT Issue
Posted by Julian Weiß <ju...@ch-weiss.de>.
Hey Partha,
I’m using UBUNTU 18LTS
Yes I edited the application Context xml file
Any Ideas how to get the turnserver running is it a problem that only sudo can see that it is working. As long as I type in turnserver I just get the information of a binding problem.
Any Ideas might it be a right conflicti
Von: Partha Datta <da...@gmail.com>
Antworten an: "user@openmeetings.apache.org" <us...@openmeetings.apache.org>
Datum: Montag, 27. April 2020 um 07:05
An: "user@openmeetings.apache.org" <us...@openmeetings.apache.org>
Betreff: Re: NAT Issue
Hello Julian,
Which OS are you running? Have you edited .../WEB-INF/classes/applicationContext.xml file?
Regards,
Partha
On Mon, Apr 27, 2020 at 2:08 AM Julian Weiß <ju...@ch-weiss.de> wrote:
Hello,
I'M using a NAT-Router but all ports are open. Openmeetings is already reachable with https.
Am 26.04.20, 22:35 schrieb "ratatouille" <ra...@bitclusive.de>:
Hello!
Julian Weiß <ju...@ch-weiss.de> schrieb am 26.04.20 um 20:22:27 Uhr:
> Hey there thanks for your reply. Tried it but no results Audio and video is still missing.
> The turnserver is working but only under sudo rights --- is that OK?
netstat -pantu |grep turn
What kind of firewall are you using and how does your network-structure look like?
> And I found the log..
> WARNING: cannot find certificate file: turn_server_cert.pem (1)
> 0: WARNING: cannot start TLS and DTLS listeners because certificate file is not set properly
> 0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
> 0: WARNING: cannot start TLS and DTLS listeners because private key file is not set properly
> Might it be possible, that this is the reason I can't get any audio or video.
No, as far as I understand openmeetings uses a selfsigned certificate if you didn't configure
it to use yours. Is openmeetings reachable with https?
> I've tried letsencrypt but there themes to be a broken package so that I can't create a ssl certificate any other ideas how to create certs?
> Thanks a lot for all your great help you all doing such a great job
>
> Am 26.04.20, 21:25 schrieb "ratatouille" <ra...@bitclusive.de>:
>
> Hello!
>
> Partha Datta <da...@gmail.com> schrieb am 24.04.20 um 00:34:14 Uhr:
>
> > I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
> > video.
> > I have Openmeeting server behind a Linux firewall with NAT and opened up
> > 5443 & 8888 ports. I can not see or hear the meeting participants nor he
> > can see me or hear.
>
> Is this firewall running on the same host like openmeetings? Is this firewalld?
> What does iptables -nL say on the firewall host?
>
> > The setup test, I can see my own voice and video.
> > Here is my nat table
> > rule family="ipv4" destination address="112.73.210.134" forward-port
> > port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> > rule family="ipv4" destination address="112.73.210.134" forward-port
> > port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
> >
> > public
> > target: default
> > icmp-block-inversion: no
> > interfaces:
> > sources:
> > services: mdns dhcpv6-client
> > ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> > protocols:
> > masquerade: no
> > forward-ports:
> > source-ports:
> > icmp-blocks:
> > rich rules:
>
> Andreas
--
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."
Re: NAT Issue
Posted by Partha Datta <da...@gmail.com>.
Hello Julian,
Which OS are you running? Have you edited
.../WEB-INF/classes/applicationContext.xml file?
Regards,
Partha
On Mon, Apr 27, 2020 at 2:08 AM Julian Weiß <ju...@ch-weiss.de> wrote:
> Hello,
> I'M using a NAT-Router but all ports are open. Openmeetings is already
> reachable with https.
>
> Am 26.04.20, 22:35 schrieb "ratatouille" <ra...@bitclusive.de>:
>
> Hello!
>
> Julian Weiß <ju...@ch-weiss.de> schrieb am 26.04.20 um 20:22:27 Uhr:
>
> > Hey there thanks for your reply. Tried it but no results Audio and
> video is still missing.
> > The turnserver is working but only under sudo rights --- is that OK?
>
> netstat -pantu |grep turn
>
> What kind of firewall are you using and how does your
> network-structure look like?
>
> > And I found the log..
> > WARNING: cannot find certificate file: turn_server_cert.pem (1)
> > 0: WARNING: cannot start TLS and DTLS listeners because certificate
> file is not set properly
> > 0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
> > 0: WARNING: cannot start TLS and DTLS listeners because private key
> file is not set properly
> > Might it be possible, that this is the reason I can't get any audio
> or video.
>
> No, as far as I understand openmeetings uses a selfsigned certificate
> if you didn't configure
> it to use yours. Is openmeetings reachable with https?
>
> > I've tried letsencrypt but there themes to be a broken package so
> that I can't create a ssl certificate any other ideas how to create certs?
> > Thanks a lot for all your great help you all doing such a great job
> >
> > Am 26.04.20, 21:25 schrieb "ratatouille" <ratatouille@bitclusive.de
> >:
> >
> > Hello!
> >
> > Partha Datta <da...@gmail.com> schrieb am 24.04.20 um
> 00:34:14 Uhr:
> >
> > > I have installed OpenMeetings 5.0.0-M3. It is working in LAN
> both audio &
> > > video.
> > > I have Openmeeting server behind a Linux firewall with NAT
> and opened up
> > > 5443 & 8888 ports. I can not see or hear the meeting
> participants nor he
> > > can see me or hear.
> >
> > Is this firewall running on the same host like openmeetings? Is
> this firewalld?
> > What does iptables -nL say on the firewall host?
> >
> > > The setup test, I can see my own voice and video.
> > > Here is my nat table
> > > rule family="ipv4" destination address="112.73.210.134"
> forward-port
> > > port="5443" protocol="tcp" to-port="5443"
> to-addr="192.168.110.16"
> > > rule family="ipv4" destination address="112.73.210.134"
> forward-port
> > > port="8888" protocol="tcp" to-port="8888"
> to-addr="192.168.110.16"
> > >
> > > public
> > > target: default
> > > icmp-block-inversion: no
> > > interfaces:
> > > sources:
> > > services: mdns dhcpv6-client
> > > ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> > > protocols:
> > > masquerade: no
> > > forward-ports:
> > > source-ports:
> > > icmp-blocks:
> > > rich rules:
> >
> > Andreas
>
>
--
Partha
M +91-8825608651
Sent from mobile device
"If you worried about falling off the bike, you’d never..."
Re: NAT Issue
Posted by ratatouille <ra...@bitclusive.de>.
Now what does this commands say?
netstat -pantu |grep turn
netstat -pantu |grep 8888
Andreas
Julian Weiß <ju...@ch-weiss.de> schrieb am 26.04.20 um 20:38:25 Uhr:
> Hello,
> I'M using a NAT-Router but all ports are open. Openmeetings is already reachable with https.
>
> Am 26.04.20, 22:35 schrieb "ratatouille" <ra...@bitclusive.de>:
>
> Hello!
>
> Julian Weiß <ju...@ch-weiss.de> schrieb am 26.04.20 um 20:22:27 Uhr:
>
> > Hey there thanks for your reply. Tried it but no results Audio and video is still missing.
> > The turnserver is working but only under sudo rights --- is that OK?
>
> netstat -pantu |grep turn
>
> What kind of firewall are you using and how does your network-structure look like?
>
> > And I found the log..
> > WARNING: cannot find certificate file: turn_server_cert.pem (1)
> > 0: WARNING: cannot start TLS and DTLS listeners because certificate file is not set properly
> > 0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
> > 0: WARNING: cannot start TLS and DTLS listeners because private key file is not set properly
> > Might it be possible, that this is the reason I can't get any audio or video.
>
> No, as far as I understand openmeetings uses a selfsigned certificate if you didn't configure
> it to use yours. Is openmeetings reachable with https?
>
> > I've tried letsencrypt but there themes to be a broken package so that I can't create a ssl certificate any other ideas how to create certs?
> > Thanks a lot for all your great help you all doing such a great job
> >
> > Am 26.04.20, 21:25 schrieb "ratatouille" <ra...@bitclusive.de>:
> >
> > Hello!
> >
> > Partha Datta <da...@gmail.com> schrieb am 24.04.20 um 00:34:14 Uhr:
> >
> > > I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
> > > video.
> > > I have Openmeeting server behind a Linux firewall with NAT and opened up
> > > 5443 & 8888 ports. I can not see or hear the meeting participants nor he
> > > can see me or hear.
> >
> > Is this firewall running on the same host like openmeetings? Is this firewalld?
> > What does iptables -nL say on the firewall host?
> >
> > > The setup test, I can see my own voice and video.
> > > Here is my nat table
> > > rule family="ipv4" destination address="112.73.210.134" forward-port
> > > port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> > > rule family="ipv4" destination address="112.73.210.134" forward-port
> > > port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
> > >
> > > public
> > > target: default
> > > icmp-block-inversion: no
> > > interfaces:
> > > sources:
> > > services: mdns dhcpv6-client
> > > ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> > > protocols:
> > > masquerade: no
> > > forward-ports:
> > > source-ports:
> > > icmp-blocks:
> > > rich rules:
> >
> > Andreas
>
Re: NAT Issue
Posted by Julian Weiß <ju...@ch-weiss.de>.
Hello,
I'M using a NAT-Router but all ports are open. Openmeetings is already reachable with https.
Am 26.04.20, 22:35 schrieb "ratatouille" <ra...@bitclusive.de>:
Hello!
Julian Weiß <ju...@ch-weiss.de> schrieb am 26.04.20 um 20:22:27 Uhr:
> Hey there thanks for your reply. Tried it but no results Audio and video is still missing.
> The turnserver is working but only under sudo rights --- is that OK?
netstat -pantu |grep turn
What kind of firewall are you using and how does your network-structure look like?
> And I found the log..
> WARNING: cannot find certificate file: turn_server_cert.pem (1)
> 0: WARNING: cannot start TLS and DTLS listeners because certificate file is not set properly
> 0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
> 0: WARNING: cannot start TLS and DTLS listeners because private key file is not set properly
> Might it be possible, that this is the reason I can't get any audio or video.
No, as far as I understand openmeetings uses a selfsigned certificate if you didn't configure
it to use yours. Is openmeetings reachable with https?
> I've tried letsencrypt but there themes to be a broken package so that I can't create a ssl certificate any other ideas how to create certs?
> Thanks a lot for all your great help you all doing such a great job
>
> Am 26.04.20, 21:25 schrieb "ratatouille" <ra...@bitclusive.de>:
>
> Hello!
>
> Partha Datta <da...@gmail.com> schrieb am 24.04.20 um 00:34:14 Uhr:
>
> > I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
> > video.
> > I have Openmeeting server behind a Linux firewall with NAT and opened up
> > 5443 & 8888 ports. I can not see or hear the meeting participants nor he
> > can see me or hear.
>
> Is this firewall running on the same host like openmeetings? Is this firewalld?
> What does iptables -nL say on the firewall host?
>
> > The setup test, I can see my own voice and video.
> > Here is my nat table
> > rule family="ipv4" destination address="112.73.210.134" forward-port
> > port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> > rule family="ipv4" destination address="112.73.210.134" forward-port
> > port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
> >
> > public
> > target: default
> > icmp-block-inversion: no
> > interfaces:
> > sources:
> > services: mdns dhcpv6-client
> > ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> > protocols:
> > masquerade: no
> > forward-ports:
> > source-ports:
> > icmp-blocks:
> > rich rules:
>
> Andreas
Re: NAT Issue
Posted by ratatouille <ra...@bitclusive.de>.
Hello!
Julian Weiß <ju...@ch-weiss.de> schrieb am 26.04.20 um 20:22:27 Uhr:
> Hey there thanks for your reply. Tried it but no results Audio and video is still missing.
> The turnserver is working but only under sudo rights --- is that OK?
netstat -pantu |grep turn
What kind of firewall are you using and how does your network-structure look like?
> And I found the log..
> WARNING: cannot find certificate file: turn_server_cert.pem (1)
> 0: WARNING: cannot start TLS and DTLS listeners because certificate file is not set properly
> 0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
> 0: WARNING: cannot start TLS and DTLS listeners because private key file is not set properly
> Might it be possible, that this is the reason I can't get any audio or video.
No, as far as I understand openmeetings uses a selfsigned certificate if you didn't configure
it to use yours. Is openmeetings reachable with https?
> I've tried letsencrypt but there themes to be a broken package so that I can't create a ssl certificate any other ideas how to create certs?
> Thanks a lot for all your great help you all doing such a great job
>
> Am 26.04.20, 21:25 schrieb "ratatouille" <ra...@bitclusive.de>:
>
> Hello!
>
> Partha Datta <da...@gmail.com> schrieb am 24.04.20 um 00:34:14 Uhr:
>
> > I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
> > video.
> > I have Openmeeting server behind a Linux firewall with NAT and opened up
> > 5443 & 8888 ports. I can not see or hear the meeting participants nor he
> > can see me or hear.
>
> Is this firewall running on the same host like openmeetings? Is this firewalld?
> What does iptables -nL say on the firewall host?
>
> > The setup test, I can see my own voice and video.
> > Here is my nat table
> > rule family="ipv4" destination address="112.73.210.134" forward-port
> > port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> > rule family="ipv4" destination address="112.73.210.134" forward-port
> > port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
> >
> > public
> > target: default
> > icmp-block-inversion: no
> > interfaces:
> > sources:
> > services: mdns dhcpv6-client
> > ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> > protocols:
> > masquerade: no
> > forward-ports:
> > source-ports:
> > icmp-blocks:
> > rich rules:
>
> Andreas
Re: NAT Issue
Posted by Julian Weiß <ju...@ch-weiss.de>.
Hey there thanks for your reply. Tried it but no results Audio and video is still missing.
The turnserver is working but only under sudo rights --- is that OK?
And I found the log..
WARNING: cannot find certificate file: turn_server_cert.pem (1)
0: WARNING: cannot start TLS and DTLS listeners because certificate file is not set properly
0: WARNING: cannot find private key file: turn_server_pkey.pem (1)
0: WARNING: cannot start TLS and DTLS listeners because private key file is not set properly
Might it be possible, that this is the reason I can't get any audio or video.
I've tried letsencrypt but there themes to be a broken package so that I can't create a ssl certificate any other ideas how to create certs?
Thanks a lot for all your great help you all doing such a great job
Am 26.04.20, 21:25 schrieb "ratatouille" <ra...@bitclusive.de>:
Hello!
Partha Datta <da...@gmail.com> schrieb am 24.04.20 um 00:34:14 Uhr:
> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
> video.
> I have Openmeeting server behind a Linux firewall with NAT and opened up
> 5443 & 8888 ports. I can not see or hear the meeting participants nor he
> can see me or hear.
Is this firewall running on the same host like openmeetings? Is this firewalld?
What does iptables -nL say on the firewall host?
> The setup test, I can see my own voice and video.
> Here is my nat table
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>
> public
> target: default
> icmp-block-inversion: no
> interfaces:
> sources:
> services: mdns dhcpv6-client
> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> protocols:
> masquerade: no
> forward-ports:
> source-ports:
> icmp-blocks:
> rich rules:
Andreas
Re: NAT Issue
Posted by ratatouille <ra...@bitclusive.de>.
Hello!
Partha Datta <da...@gmail.com> schrieb am 24.04.20 um 00:34:14 Uhr:
> I have installed OpenMeetings 5.0.0-M3. It is working in LAN both audio &
> video.
> I have Openmeeting server behind a Linux firewall with NAT and opened up
> 5443 & 8888 ports. I can not see or hear the meeting participants nor he
> can see me or hear.
Is this firewall running on the same host like openmeetings? Is this firewalld?
What does iptables -nL say on the firewall host?
> The setup test, I can see my own voice and video.
> Here is my nat table
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="5443" protocol="tcp" to-port="5443" to-addr="192.168.110.16"
> rule family="ipv4" destination address="112.73.210.134" forward-port
> port="8888" protocol="tcp" to-port="8888" to-addr="192.168.110.16"
>
> public
> target: default
> icmp-block-inversion: no
> interfaces:
> sources:
> services: mdns dhcpv6-client
> ports: 53/udp 5080/tcp 1935/tcp 5443/tcp
> protocols:
> masquerade: no
> forward-ports:
> source-ports:
> icmp-blocks:
> rich rules:
Andreas