Nextcloud talk not working outside our lan

Hello Team,

I’m running the latest version of Nethserver (7.7) and the latest version of Nextcloud (18) on my Nethserver.

I’ve added the Nextcloud Talk app. This works very well inside our lan. But I’ve begun testing on some Android phones outside our lan and I’m encountering problems with it working. I can login to our Nextcloud from outside our office, I can start conversations and I can see contacts on my Nextcloud. But I see a spinning blue circle and my chat, talk and video does not work.

I asked on the Nextcloud forum and was suggested that install a stun server. I don’t like installing anything non Nethserver native on my Nethserver so I’m inquiring here to see if anyone is using Talk on Nextcloud Hub (18) and have installed a stun server on the Nethserver?

Thank you.

Maybe we should make a howto out of it…please test it

1 Like

Hello @mrmarkuz,

Before I test this I wanted to comment on something a friend has discovered on his Nextcloud. His Nextcloud is not on Nethserver and was installed on Centos 7 standalone. He had issues accessing OnlyOffice and Talk from his Nextcloud from outside his network (all worked from within). I suggested he use a Turn server like you suggested to me. What he tried first though was to disable SELinux on his CentOS 7 box running Nextcloud. As soon as he did that his Nextcloud Talk and his Nextcloud OnlyOffice worked from outside his lan with no issues. He did not need to install a Turn server?

I’ve check my Nethserver and my ‘getenforce’ shows disabled.

Thank you.

Also, the link you’ve provided for me seems to suggest at the end of it that I don’t need to install a Turn server? The comment at the end says:

“i should have known that in the first place.
Now i am wondering why i bothered to install the TUN and STURN server
then should focus on integrating jitsi as a self hosted solution for Matrix/synapse @mrmarkuz

What does this comment mean? I don’t need to install Turn on my Nethserver?

Thank you.

That’s a default setting on Nethserver.

If your Nethserver uses a public IP you don’t need it.

But as it’s not working outside lan I think you need it.

From https://help.nextcloud.com/t/installing-stun-turn-server/25549

But calls that cross over into other networks just don’t connect - the spinner just keeps spinning forever.
This must be because firewalls / NATs are getting in the way of making a peer-to-peer connection.
Thus, I need to run a STUN / TURN server.

Here we got the same problem.

Sorry @mrmarkuz, I’m not following you here. My Nextcloud runs locally on our lan and we have an A record at our provider to point to our static IP. On our router we have a port forward rule pointing to our internal nethserver. So I guess we don’t have a public IP.

So what are you saying I need to do in order to make this work? Do I need to install a Turn Server on Nethserver…or do I need to install Matrix/synapse? and is there an application on Nethserver to install Matrix/synapse?

I still don’t understand why my friends Talk works now from his Nextcloud when he turned off his SELinux. As you said Nethserver does not have SELinux…but is there something else running on Nethserver that is blocking me?

Thank you.

No, matrix/synapse is in this context just another talk app like Nextcloud Talk. It has the same problem when sitting behind a firewall with NAT.

We’re working on it but it’s a long way.

No. it’s not about Nethserver. A video/voice/pbx server in local LAN needs TURN.

I assume his Nextcloud has a public IP.

@mrmarkuz

Hi

This is not quite correct:

As in the earlier link:

I do run several PBXs for clients, in all cases, the PBX only uses Port forwarding and does NOT use a “real” IP.
And it works…

But then eg SIP is a “Well known Port” and is standardized.

Ports fpr video conferences - and so called SIP-RTS (The actual “voice” data) aren’t standardized, these need to be adapted in a case by case.

For example German Telecom is very good in providing the correct information for VoIP, including these Ports. The whole Range, common is say 10000-20000 UDP needs to be forwarded, and some form of “persistant UDP” set - usually in firewall advanced settings.
Our Swisscom keep this information as a top secret thing, it’s almost impossible to use their VoIP without ending up with an old analog handset (That they provide)…

Excerpt of a “Client connection” from German Telecom:

Note that this SIP-RTS Port Range must correspond also in the PBX, or only some calls will work, some may drop off… (Very hard to find error!). That means, the PBX SIP connection must be adapted to what your provider states in their docu…

Could it be that this Port Range is somewhere “forgotten” or dropped?

My 2 cents
Andy

Well I’m still confused, my friend insists he isn’t using a Public IP and uses a setup similar to mine so we both can’t figure out what his works and my Nextcloud Talk doesn’t. I’m going to do some more testing perhaps before I install anything non-native on my Nethserver. I’m always wary to add something to Nethserver that Nethserver doesn’t have in it’s list of applications. :slight_smile:

Hello,

Does a Turn server need to be installed on my Nethserver in order for my Nextcloud Talk to work…or can this be installed on a separate server instead? Or is it easier to keep Nextcloud and this Turn server application on the same server?

I’ve decided to spin up a new Nethserver and test using a STUN/TURN server on it to help me use Talk outside our Lan.

Will there be any issues to installing this on my Nethserver and future Nethserver upgrades?

I’ve tried to use the link you’ve provided in Nethserver but the version of turnserver is now 4.5.1.1 and it does not come with a CentOS version anymore.

So I’m trying to use this link from Nextcloud:

But I’m receiving dependency errors:

[root@nethserver ~]# rpm -Uvh http://download-ib01.fedoraproject.org/pub/epel/7/x86_64/Packages/c/coturn-4.5.1.1-1.el7.x86_64.rpm
Retrieving http://download-ib01.fedoraproject.org/pub/epel/7/x86_64/Packages/c/coturn-4.5.1.1-1.el7.x86_64.rpm
error: Failed dependencies:
libhiredis.so.0.12()(64bit) is needed by coturn-4.5.1.1-1.el7.x86_64
telnet is needed by coturn-4.5.1.1-1.el7.x86_64

If I could ask for help on how I can install coturn 4.5.1.1-1 on my Nethserver 7.7 and what dependencies I need then perhaps this can be saved on the Nethserver Wiki so that future posts can be helped with this install procedure.

If using coturn on our Nethserver is something that may be needed for Nextcloud Talk to work…could this be installed as a Nethserver module?

Thanks!

Hello @support_team, would you be able to assist with how I can resolve these dependencies when installing coturn on my Nethserver? Do I need to enable epel repo? I’d like to use the latest version of coturn. The link provided to me from another Nethserver post references an older version of coturn.

Thank you.

Now coturn package can be found in EPEL repo, so it should be easier to install. Part of the older instructions will no longer apply.

1 Like

Thank you @dnutan for this quick reply. Very much appreciate your support!

If you could assist please with the following specifics to my post:

  1. Could you provide for me the command to use epel library on my Nethserver?
  2. Do you know the dependencies I need to install before installing the coturn rpm file or will once epel is installed on my Nethserver the coturn rpm command will automatically download and install the needed dependencies?
  3. It seems that I can’t use Nextcloud Talk on my Nextcloud (hosted on Nethserver). Is it advisable to install coturn on my Nethserver? I typically don’t like installing anything on my Nethserver that isn’t provided in the regular updates.
  4. Or should I install coturn on a separate server instead? And if I do how hard is it to use my Nethserver certificate for my coturn server?

Thank you.

yum install coturn

or if you have epel disabled:

yum --enablerepo=epel install coturn

Dependencies should be resolved without problems.

1 Like

Thanks @dnutan, I’m backing up my Nethserver now before I try the install.

Do you think Nethserver will ever support the install of coturn on Nethserver? For those of us who want to use Talk and can’t get it working without coturn installed?

Thanks.

I don’t know. If requested by many people or someone chips in with developer hand-work…

About question 3 and 4, read these posts were they comment why/when a TURN server could be needed:


Also, would you have any input for me on what might be stopping my Talk from working without Coturn installed?

My friend has Nextcloud installed on his own CentOS 7 server. He does not use Nextcloud in Nethserver. But he is setup similar to my setup in that he has a port forward rule on his router so that outside access to his Nextcloud uses his domains A record to point to his router and be directed to his Nextcloud Talk App. He had issues at first with Talk but found that disabling SELinux solved his problem.

Nethserver doesn’t have SELinux used so looking at his setup and mine I would say we are setup the same…albeit he is not using Nethserver.

I’ve confirmed from my security router that I can access the stun server from my security router - stun.nextcloud.com:443.

Is there a check or command you could suggest to me to confirm if the path for using Nextcloud Talk is working or being blocked somewhere? Could my Nethserver be blocking access for Talk without me realizing it?

Thank you for the comments on adding coturn to nethserver. I wish I was a developer as I would definitely want to help out. Sadly all I can help with is testing.

Here are some tests:
https://webrtc.github.io/samples/src/content/peerconnection/trickle-ice/
https://test.webrtc.org/