#StackBounty: #amazon-web-services #amazon-ec2 #load-balancing #nat #lets-encrypt How to work Stun/Turn Server (COturn) Under Aws Netwo…

Bounty: 50

I have just setup a coturn server, it works perfectly fine when using the ip or teh domain without loadbalancer, it was tested using this online tool :

https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/

The problem is when i use a network loadbalancer, rerouting tcp_udp works on port 80, but when trying to use tls for port 443, it doesn’t work.

I configured the Network load balancer to route tls traffic for port 443 to the target group under port 443 also.
I’m using letsencrypt certificate for domain.com and *.domain.com from letsencrypt in my network load balancer.
Same certificates are added in the config file the turnserver.conf.

And this is my config :

external-ip=1.2.3.4
listening-port=80
min-port=10000
max-port=20000
log-file=/var/log/turnserver.log
verbose
tls-listening-port=443
lt-cred-mech
server-name=domain.com realm=domain.com
user=tester:12345678
total-quota=100
stale-nonce=600
cert=/opt/coturn/fullchain.pem
pkey=/opt/coturn/privkey.pem
cipher-list="ECDH+AESGCM:ECDH+CHACHA20:DH+AESGCM:ECDH+AES256:DH+AES256:ECDH+AES128:DH+AES:RSA+AESGCM:RSA+AES:!aNULL:!MD5:!DSS"

log-file=/var/log/coturn.log


# Specify the process user and group
proc-user=turnserver
proc-group=turnserver

And this is what i get from the log :

3170: IPv4. tcp or tls connected to: 9.8.7.6:34274
3170: session 001000000000003730: TCP socket closed remotely 9.8.7.6:34274
3170: session 001000000000003730: closed (2nd stage), user <> realm <domain.com> origin <>, local 0.0.0.0:443, remote 9.8.7.6:34274, reason: TCP connection closed by client (callback)

And btw, I always get 701 error from the online tool.

Thank you,


Get this bounty!!!

Leave a Reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.