Reputation: 58
TURN server installation on AWS EC2 free-tier instance
I enabled all necessary ports for coturn server on my instance from security group. I also configure the turnserver.conf file correctly, but still when I added my turn server on trickleICE, it shows error 701.
Here is my turnserver.conf:
listening-port=3478
# and 5349 for TLS (secure)
tls-listening-port=5349
#alt-listening-port=80
# Require authentication
fingerprint
lt-cred-mech
# Specify the server name and the realm that will be used
# if is your first time configuring, just use the domain as name
server-name=mydomain.com
realm=mydomain.com
# Important:
# Create a test user if you want
# You can remove this user after testing
user=<myusername>:<mypassword>
#min-port=705
#max-port=1000
total-quota=100
stale-nonce=600
external-ip=<my public ip>/<my private ip>
listening-ip=<my private ip>
relay-ip=<my public ip>
Screenshot of ec2 inbound security group: security-groups
Screenshot of: TRICLE ICE RESPONSE
Can someone help me with this? When I entered the command
sudo systemctl status coturn
The status is active screenshot of coturn status
Upvotes: 1
Views: 1903
Answers (2)
Reputation: 99
There may be two parts from your config file that needs to be modified.
- set the
relay-ipto your private ip address.
external-ip=<my public ip>/<my private ip>
listening-ip=<my private ip>
relay-ip=<my private ip>
- In your ec2's security group settings, you have set the inbound rules for IPv6 addresses. You should add
0.0.0.0/0(for IPv4) to the CIDR blocks field in the inbound rules.
Upvotes: 1
Reputation: 1008
My suggestion is to gather more information on the reasons of the failure.
I'm assuming you're configuring the Trickle ICE application with a turn:IP:port server URL, which allows for unencrypted exchanges with TURN.
This means you can trace on your machine, e.g. using Wireshark, and verify whether the STUN binding requests and TURN Allocate requests are being sent out to the expected TURN server's public IP and port, and whether there are responses to them being received by the browser.
Additional checks you can do is on the TURN server side. With something like netstat -tunapl you can verify that coturn is not only running but also listening on the expected port (which should be 3478 since you left it unspecified).
If all looks as expected, then run a trace on coturn's host while you trigger a "Gather candidates" from the Trickle ICE application. You could use something like ngrep -d any -lqtW byline port 3478 to see the activity and content exchanged.
If coturn doesn't receive anything, then check again the EC2 instance Security Group and ensure you're allowing traffic to port 3478 UDP (and TCP). Double check the EC2 instance's public IP address is what you're using in the Trickle ICE application.
If instead you have more than one network interface assigned to that EC2 instance, then ensure you have a listening-ip configuration item set to the correct private IP address, and an external-ip directive which includes PUBLIC_IP:PRIVATE_IP, where the public IP is the one you're trying to use and the private IP is the one coturn is listening on.
e.g.:
listening-ip: 172.10.10.10
external-ip: 30.30.30.30/172.10.10.10
Then try again. Anyway the information you can gather this way can be used to improve the initial question and get more useful answers.
Upvotes: 2
Related Questions
- How to launch the web server on Amazon Web Services?
- How to run custom setup for AWS EC2 instance?
- How to a Setup TURN server on Amazon Web Services EC2 instance
- How to create stun turn server instance using AWS EC2
- How to work on amazon aws ec2 reserved instance?
- Finding a TURN server VM image
- AWS create vpc and launch instance
- How to run EC2 reserved instance
- install magento on AWS EC2 instance
- Deploying to Amazon EC2