Re: Problem: OM5 - Coturn - NAT: my Solution
Thanks for sharing :))) On Tue, 3 Sep 2019 at 19:46, René Scholz wrote: > Hello, > > since yesterday my "Server with NAT" working. > > Many thanks at Juan and Maxim helping me a lot. > > If anybody have the same problems like me - here are my further steps > after installation from Alavaros fantastic manual. > It's possible that I forget something I modified - I tried a lot of ways. > Feel free to correct me. > > 1.) It's important for me to use https. > I use LetsEncrypt for this so I got LetsEncrypt certificates for my > subdomain (named: "subdomain.domain.xxx") and configurate the IP of this > subdomain in the DNS of my provider to the external IP-address. > > 2a.) Install coturn: > apt-get install coturn > > 2b.) edit /etc/turnserver.conf > my config: > > verbose > fingerprint > use-auth-secret > static-auth-secret=SECRETSECRET > realm=subdomain.domain.xxx > simple-log > log-file=/var/log/turn.log > min-port=49152 > max-port=55000 > > 3.) Config firewall > Open and forward ports to IP of your OM-server > 5443 > 3478 > 49152-55000 > (When you put your OM-Server in a DMZ (like me) don't forget to forward to > port 22 for SSH-access.) > > 4.) Edit section " "/opt/openmeetings/conf/server.xml" > > ... > SSLEnabled="true"> > > * certificateFile="/etc/letsencrypt/live/subdomain.domain.xxx/cert.pem"* > * > certificateKeyFile="/etc/letsencrypt/live/subdomain.domain.xxx/privkey.pem"* > * > certificateChainFile="/etc/letsencrypt/live/subdomain.domain.xxx/fullchain.pem" > />* > > > ... > > 5.) Edit > "/opt/openmeetings/webapps/openmeetings/WEB-INF/classes/applicationContext.xml" > In my Example: "123.456.789.123:3478", replace it with your own external IP > > at the end of this file edit the last section: > ... > class="org.apache.openmeetings.core.remote.KurentoHandler" > init-method="init" destroy-method="destroy" > p:kurentoWsUrl="ws://127.0.0.1:/kurento" > p:checkTimeout="1" > p:watchThreadCount="10" > *p:turnUrl="123.456.789.123:3478"* > p:turnUser="" > *p:turnSecret="SECRETSECRET"* > p:turnMode="rest" > p:turnTtl="60" > p:objCheckTimeout="200" > /> > > With best regards, > > René > > -- WBR Maxim aka solomax
Re: Problem: OM5 - Coturn - NAT: my Solution
Hi all. That is almost exactly my configuration except that I use port 443 for https. That way, I don't need to put the port number explicitly in the url. To achieve this I change line 57 to redirectPort = "443" /> and line 84 to Hello, since yesterday my "Server with NAT" working. Many thanks at Juan and Maxim helping me a lot. If anybody have the same problems like me - here are my further steps after installation from Alavaros fantastic manual. It's possible that I forget something I modified - I tried a lot of ways. Feel free to correct me. 1.) It's important for me to use https. I use LetsEncrypt for this so I got LetsEncrypt certificates for my subdomain (named: "subdomain.domain.xxx") and configurate the IP of this subdomain in the DNS of my provider to the external IP-address. 2a.) Install coturn: apt-get install coturn 2b.) edit /etc/turnserver.conf my config: verbose fingerprint use-auth-secret static-auth-secret=SECRETSECRET realm=subdomain.domain.xxx simple-log log-file=/var/log/turn.log min-port=49152 max-port=55000 3.) Config firewall Open and forward ports to IP of your OM-server 5443 3478 49152-55000 (When you put your OM-Server in a DMZ (like me) don't forget to forward to port 22 for SSH-access.) 4.) Edit section ""/opt/openmeetings/conf/server.xml" ... / certificateFile="/etc/letsencrypt/live/subdomain.domain.xxx/cert.pem"// //certificateKeyFile="/etc/letsencrypt/live/subdomain.domain.xxx/privkey.pem"// //certificateChainFile="/etc/letsencrypt/live/subdomain.domain.xxx/fullchain.pem" />// /// ... 5.) Edit "/opt/openmeetings/webapps/openmeetings/WEB-INF/classes/applicationContext.xml" In my Example: "123.456.789.123:3478", replace it with your own external IP at the end of this file edit the last section: ... class="org.apache.openmeetings.core.remote.KurentoHandler" init-method="init" destroy-method="destroy" p:kurentoWsUrl="ws://127.0.0.1:/kurento" p:checkTimeout="1" p:watchThreadCount="10" /p:turnUrl="123.456.789.123:3478"/ p:turnUser="" /p:turnSecret="SECRETSECRET"/ p:turnMode="rest" p:turnTtl="60" p:objCheckTimeout="200" /> With best regards, René
Re: Problem: OM5 - Coturn - NAT: my Solution
yes, this config is almost identical to what i'm using ... On Wed, 25 Mar 2020 at 23:40, Daniel Baker wrote: > Maxim you mean this set up for TURN : > > > Forwarded Message > Subject: Problem: OM5 - Coturn - NAT: my Solution > Date: Tue, 3 Sep 2019 14:46:43 +0200 > From: René Scholz > > Reply-To: user@openmeetings.apache.org > To: user@openmeetings.apache.org > > Hello, > > since yesterday my "Server with NAT" working. > > Many thanks at Juan and Maxim helping me a lot. > > If anybody have the same problems like me - here are my further steps > after installation from Alavaros fantastic manual. > It's possible that I forget something I modified - I tried a lot of ways. > Feel free to correct me. > > 1.) It's important for me to use https. > I use LetsEncrypt for this so I got LetsEncrypt certificates for my > subdomain (named: "subdomain.domain.xxx") and configurate the IP of this > subdomain in the DNS of my provider to the external IP-address. > > 2a.) Install coturn: > apt-get install coturn > > 2b.) edit /etc/turnserver.conf > my config: > > verbose > fingerprint > use-auth-secret > static-auth-secret=SECRETSECRET > realm=subdomain.domain.xxx > simple-log > log-file=/var/log/turn.log > min-port=49152 > max-port=55000 > > 3.) Config firewall > Open and forward ports to IP of your OM-server > 5443 > 3478 > 49152-55000 > (When you put your OM-Server in a DMZ (like me) don't forget to forward to > port 22 for SSH-access.) > > 4.) Edit section " "/opt/openmeetings/conf/server.xml" > > ... > SSLEnabled="true"> > > * certificateFile="/etc/letsencrypt/live/subdomain.domain.xxx/cert.pem"* > * > certificateKeyFile="/etc/letsencrypt/live/subdomain.domain.xxx/privkey.pem"* > * > certificateChainFile="/etc/letsencrypt/live/subdomain.domain.xxx/fullchain.pem" > />* > > > ... > > 5.) Edit > "/opt/openmeetings/webapps/openmeetings/WEB-INF/classes/applicationContext.xml" > In my Example: "123.456.789.123:3478", replace it with your own external IP > > at the end of this file edit the last section: > ... > class="org.apache.openmeetings.core.remote.KurentoHandler" > init-method="init" destroy-method="destroy" > p:kurentoWsUrl="ws://127.0.0.1:/kurento" > p:checkTimeout="1" > p:watchThreadCount="10" > *p:turnUrl="123.456.789.123:3478"* > p:turnUser="" > *p:turnSecret="SECRETSECRET"* > p:turnMode="rest" > p:turnTtl="60" > p:objCheckTimeout="200" > /> > > With best regards, > > René > > -- WBR Maxim aka solomax
