Hi folks my question is multi stranded so im happy to rephrase it subsequent to this question. I wanted to setup a video conference capability and have gone with apache open meetings. After usual struggles with various tutorials i found a qcow image on the apache site which is up and running on my proxmox host (yey!). i deliberately didnt install it on nethserver but noted that there is a guide to doing this within this community
my first question regards how i make the openmeetings server available via the public ip address that my nethserver is using (currently i just vpn onto my internet router which not adequate - i could spend weeks looking at port forwarding/nat/reverse proxies/firewall etc and be no wiser!). A step by step approach to this would be really useful and has broader use than just OM
secondly, has anyone else tried a similar project and integrated OM with Nethserver - ldap? anything else?
thanks in advance for your thoughts on this
Cheers
ALex
Did you ever have a look at Big Blue Button as conferencing tool? It is often used in educational environments and seamlessly fits into applications like Moodle.
thanks Markuz i just dont seem to be able to access the open meetings host from internet (via nethserver at least - i can vpn onto my internet router and access it from there via 192.168.1.20 - an interface i generally disable)
Nethserver red interface (192.168.1.16) is connected to an internet router and is a DMZ host of the router with a public IP
Nethserver green interface (192.168.10.16) is connected to a private network - open meetings server is 192.168.10.20 and has gateway of 192.168.10.16
Ive setup port forwarding 5080 => 5080; 1935 => 1935 for the open meetings server object I created
I was hoping this would work but the firewall seems to drop packets
May 2 13:16:50 cwprod11v04 kernel: Shorewall:net2loc:DROP:IN=eth0 OUT=eth1 MAC=b6:96:b0:f3:ae:10:00:1d:aa:5d:b4:f8:08:00 SRC=<my_ip> DST=192.168.10.20 LEN=52 TOS=0x00 PREC=0x00 TTL=112 ID=7136 DF PROTO=TCP SPT=20718 DPT=5080 WINDOW=64240 RES=0x00 SYN URGP=0
ive played with the firewall also - opening up RED=>OPEN_MEETINGS but had no luck with various configs and deleted for security
I’m really having no luck here - its crossed my mind that i should have setup a DMZ network for the hosts im trying to access from internet (i will do this next time im on site) but docs seem to indicate that this should work on green network (i think)
a port scan from nmap on my PC does not show the 5080 or 1935 ports open
Hi Robb i wondered if you had managed to get BigBlueButton running behind Nethserver firewall. The documentation mentions the following ports need to be forwarded:
TCP ports 80, 443, 1935, and 7443
UDP ports in the range 16384 - 32768
I’m slightly challenged with the UDP port range - unless i have made a mistake!
Are there port forwards or other firewall rules on your internet router because they are handled before the forwarding to the DMZ host, in your case the Nethserver?
Can you see the other open ports? Can you port forward from your internet router to some internal webserver just to check if your provider blocks some ports?
Hi Markuz, the router has allocated the public IP as a “DMZ host” - i believe it therefore doesnt apply any firewall rules to it but i will check tomorrow… I have ports open on nethserver as below. If I create a firewall rule to allow ALL RED=>GREEN then i see the NGINX front page that the BigBlue Button server presents (on port 80). Ive disabled that rule now!
oops i was a bit tired there! the logs show the nethserver firewall dropping packets - does that not indicate that the firewall is preventing access as opposed to the downstream server. I seem to get a similar result with BigBlueButton and OpenMeetings on 2 seperate servers (both on green network)
You mean port forward is not working to openmeetings and is not working to bigbluebutton? Does it work when you apply the “ALL RED=>GREEN” again just for a short test? Maybe it’s a firewall issue on the instances of OM or BBB?
In this case a wrong source port (20718 instead of 5080) is used so it’s dropped.