Fwd: Problem: OM5 - Coturn - NAT: my Solution

Wed, 25 Mar 2020 09:40:18 -0700 

Maxim  you mean  this  set up  for  TURN  :



-------- Forwarded Message --------
Subject:        Problem: OM5 - Coturn - NAT: my Solution
Date:   Tue, 3 Sep 2019 14:46:43 +0200
From:   René Scholz <rene.sch...@abakus-edv-systems.de>
Reply-To:       user@openmeetings.apache.org
To:     user@openmeetings.apache.org



Hello,

since yesterday my "Server with NAT" working.

Many thanks at Juan and Maxim helping me a lot.
If anybody have the same problems like me - here are my further steps after installation from Alavaros fantastic manual. It's possible that I forget something I modified - I tried a lot of ways. Feel free to correct me. 

1.) It's important for me to use https.
I use LetsEncrypt for this so I got LetsEncrypt certificates for my subdomain (named: "subdomain.domain.xxx") and configurate the IP of this subdomain in the DNS of my provider to the external IP-address. 

2a.) Install coturn:
apt-get install coturn

2b.) edit /etc/turnserver.conf
my config:

verbose
fingerprint
use-auth-secret
static-auth-secret=SECRETSECRET
realm=subdomain.domain.xxx
simple-log
log-file=/var/log/turn.log
min-port=49152
max-port=55000

3.) Config firewall
Open and forward ports to IP of your OM-server
5443
3478
49152-55000
(When you put your OM-Server in a DMZ (like me) don't forget to forward to port 22 for SSH-access.)
4.) Edit section "<Connector port="5443"" in the "/opt/openmeetings/conf/server.xml" 

...
<Connector port="5443".
SSLEnabled="true">
  <SSLHostConfig>
/    <Certificate certificateFile="/etc/letsencrypt/live/subdomain.domain.xxx/cert.pem"// 
//certificateKeyFile="/etc/letsencrypt/live/subdomain.domain.xxx/privkey.pem"//
//certificateChainFile="/etc/letsencrypt/live/subdomain.domain.xxx/fullchain.pem" />// 
///  </SSLHostConfig>
</Connector>
...
5.) Edit "/opt/openmeetings/webapps/openmeetings/WEB-INF/classes/applicationContext.xml" 
In my Example: "123.456.789.123:3478", replace it with your own external IP

at the end of this file edit the last section:
...
<bean id="kurentoHandler" class="org.apache.openmeetings.core.remote.KurentoHandler" init-method="init" destroy-method="destroy" 
p:kurentoWsUrl="ws://127.0.0.1:8888/kurento"
p:checkTimeout="10000"
p:watchThreadCount="10"
/p:turnUrl="123.456.789.123:3478"/
p:turnUser=""
/p:turnSecret="SECRETSECRET"/
p:turnMode="rest"
p:turnTtl="60"
p:objCheckTimeout="200"
/>

With best regards,

René

Reply via email to