Is there way to use web call server over firewall?

Scott

New Member
We are going to deploy a video chat application. Can we serve our users behind a corporate firewall?
My concern is webrtc connection won't work behind a firewall.
Is there workaround for this?
 

Max

Administrator
Staff member
Hello
Please take a look at our firewall traversal example:
https://wcs5-eu.flashphoner.com/demo2/firewall-traversal-streaming
This example uses our turn server turn.flashphoner.com
You can install and deploy your own TURN server that will relay all WebRTC traffic over HTTPS 443 port.
You can test our example:
1) Setup local firewall and close all traffic excepting HTTPS 443 and DNS (You can do this in built-in firewall on Mac or Windows)
2) Test this example.
As a result all traffic will be passed through server turn.flashphoner.com:443 and then through WCS.
To implement this, you have to pass iceServers array into Flashphoner.createSession() API method
Code:
Flashphoner.createSession({
urlServer: url,
mediaOptions: {
"iceServers": [
{
'url': $('#urlTurnServer').val(),
'username': $('#usernameTurnServer').val(),
'credential': $('#credentialTurnServer').val()
}
]
}
}).on(SESSION_STATUS.ESTABLISHED, function (session) {
setStatus("#connectStatus", session.status());
onConnected(session);
}).on(SESSION_STATUS.DISCONNECTED, function () {
setStatus("#connectStatus", SESSION_STATUS.DISCONNECTED);
onDisconnected();
}).on(SESSION_STATUS.FAILED, function () {
setStatus("#connectStatus", SESSION_STATUS.FAILED);
onDisconnected();
});
see also firewall-traversal-streaming.js
 

Max

Administrator
Staff member
To get this working you have to configure
1) TURN server on port 443 with valid SSL certificates
2) HA Proxy on port 443 with valid SSL certificates for balancing between WCS ports 9091 (http) and 8080 (websocket).
You can also configure WCS directly use 443 port in server.properties file
Code:
wss.port =443
Main idea is to use 443 port everywhere because this only port that generally open on corporate firewalls.
Links:
How to configure TURN-server
How to configure HA proxy
 
Top