Failed by ICE timeout - Server behind NAT

Intergon

New Member
Hello,
I moved our testing server behind NAT and installed newest version, I redirected ports on router, and opened ports on firewall.
And now I am getting "Failed by ICE timeout"

I am sending a few logs, could you help with it?

Best regards, Damian.
 

Intergon

New Member
UDP ports are reachable.
Iptables output:
iptables -L
Chain INPUT (policy ACCEPT)
target prot opt source destination
ACCEPT all -- localhost anywhere
ACCEPT all -- anywhere anywhere state RELATED,ESTABLISHED
ACCEPT tcp -- anywhere anywhere tcp dpt:domain
ACCEPT udp -- anywhere anywhere udp dpt:domain
ACCEPT tcp -- anywhere anywhere tcp dpt:5999
ACCEPT icmp -- anywhere anywhere icmp any
ACCEPT tcp -- anywhere anywhere tcp dpt:8444
ACCEPT tcp -- anywhere anywhere tcp dpt:8888
ACCEPT tcp -- anywhere anywhere tcp dpt:8443
ACCEPT tcp -- anywhere anywhere tcp dpt:1935
ACCEPT tcp -- anywhere anywhere multiport dports 30000:33000
ACCEPT udp -- anywhere anywhere multiport dports 30000:33000
REJECT all -- anywhere anywhere reject-with icmp-port-unreachable

Chain FORWARD (policy ACCEPT)
target prot opt source destination

Chain OUTPUT (policy ACCEPT)
target prot opt source destination
Above ports are also forwarded on router.
 
Last edited:

Max

Administrator
Staff member
Please chek your ip and ip_local settings in flashphoner.properties.
ip should be set to external IP address, and ip_local should be set to WCS server LAN IP address, for example
Code:
ip=172.24.223.11
ip_local=192.168.1.5
 

Intergon

New Member
Yes, that was the problem. I have dynamic DNS, and in IP field I set dyndns host, not external IP.. When I set external IP it works. Could you support dynamic hosts in this configuration field?
 

Max

Administrator
Staff member
Good day.
We have checked if latest builds from this page work with dynamic DNS hostname in ip field. It works, you can set ip=hostname.dyndns.com. But there can be issues when external IP address or something else is changing in DNS records, in this case either WSS connection cannot be established or publishing can fail or so on until record changes are deployed over all the DNS servers.
 

Intergon

New Member
Yeah, so it will be better to make shell script to periodically check public IP, and when it changes, update ip in config file and automatically restart server..
 

Max

Administrator
Staff member
It's no so good for production, so we recommend to use static white IP for production server.
 

Dani

Member
in 2 way streaming - if one of the parties is behind NAT it can happen as well. any idea how to fix it ?
 
Top