Hi, I have implemented and tested a script to install Galene and a TURN that works behind a Router, even a domestic one. You can doowload it here : https://gitlab.inria.fr/rouillie/visio/-/tree/master/galene It works only for Ubuntu 20.04 or Debian buster for the moment, mainly because I am lazy :-) but it opens the door to an very easy deployment on a cloud or simply at home. Cheers, Fabrice ------------------------- Fabrice Rouillier fabrice@rouillier.fr Bureau virtuel : https://www.rouillier .fr/visio/fabrice > Le 10 avr. 2021 à 16:41, Fabrice Rouillier a écrit : > > Hi Juliusz, > > Thanks for your help. > See below for a simple setting that works with our external coturn. > >> The problem is probably that your NAT doesn't implement hairpinning, so >> Galène and the TURN server cannot communicate. >> Coturn is probably >> connecting over IPv6, which the built-in server doesn't handle. > > I have deactivated the IPV6 everywhere and double checked (inspecting about:websocket ) in Firefox that it does not use IPV6. > >> Could you please check Galène's log for mentions of a relay test? If the >> server-side relay test (the one in Galène's log) fails, that's probably >> indicative of a problem with hairpinning. > > Server side : the relay-test do not fails. > > Client side : > - using the builtin turn, the relay test fails , > - using coturn (on the same server) it works. > >> Fabrice — if your instance of Galène is behind NAT, then I strongly >> recommend running an instance of coturn on a host that is not behind NAT. > > The following works : > > - port forwarding from my router (Freebox) to a Linux 20.04 VM (virtual box) : > > 49152-65535 (UDP/TCP) > 3478 (UDP/TCP) > 8443 (UDP/TCP) > > - coturn on the VM with the following configuration > > listening-port=3478 > fingerprint > lt-cred-mech > user=: > server-name= > realm= > > - galene on the VM launched with the option -turn auto > and data/ice-servers.json with the following contents > > [ > { > "Urls": [ > "turn::3478", > « turn::3478?transport=tcp" > ], > "username": "", > "credential": "" > } > ] >