Mediasoup Server Behind Strict Firewall

Hi,

We want to run mediasoup server that accessible from internet.
We have a corporate firewall that does not allow port ranges to be opened. (security reason)

Is such a configuration possible that only four ports opened?

Thanks…

You need a turn server running in one of the allowed ports.

1 Like

Is there any further steps required to connect TURN to mediasoup ?!

Thanks for your reply.
Are you see any problem with the configuration that showed in the image?

  • Only four ports open on the firewall/router. No media ports exposed the internet.

If the ports coturn (in turn mode) are available from the outside everything should be ok. There’s a flag you can set to force turn on the client to test it, can’t remember right know what it is.

You probably need coturn running on stun mode, not sure what you are using for that.

Correct tks :+1:

Is the relationship between TURN server (coTURN for example) and mediasoup enabled backend server one to one ?!

On AWS, I was able to use a network load balancer to route data to a TURN server which has UDP relay endpoints as (40000-49999). Now since my coTURN and mediasoup were on the same system this configuration worked.

However, if we bring in the concept scaling where mediasoup backend servers scale up each with its port range of (40000-49999), how would a single TURN server could possible server/relay the increasing number of ports then ?! (which makes me feel whether the relationship is then one to one between them)

Please feel free to share your thoughts or point any shortcomings in my understanding.
Thanks