05-11-2017 12:03 PM - edited 03-18-2019 01:06 PM
Hi all ,
i'm trying to setup a lap with Cisco CMS and right now i'm stuck with the turn server configuration , here is a scenario
CMS Server with single deployment
int a , 192.168.0.1
int b , 10.0.0.1
guest account URI both from inside and outside will be use " https://join.test.com " which i put this URI in " Guest account client URI " and " Web Bridge URI " on webadmin page.
callbridge , xmpp and webbridge are enable and working fine from inside.
right now what i'm stuck is a turn server i look at document and configure accordingly , this is what i did.
- turn credentials turn cisco test.com
- for certification i use selfsigned cert the same that callbridge use.
- turn listen on port b with 443
- on webadmin page i configure " Turn server address (CMS) " using ip 10.0.0.1
- leave CMA to blank since in the test environment i want to use 10.0.0.1 as public ip address
- username and password use the same that i configure in command line
right now i configure dns to solve https://join.test.com to 10.0.0.1 and try browsing with URI and it show only blank page and when i browse with ip address ( 10.0.0.1 ) it's said something like i'm unable to reach that page.
would anyone had any experience troubleshooting these kind of problems ? or any suggestion would a big help for me.
Thanks
Solved! Go to Solution.
05-15-2017 09:32 AM
Either way will work but at one point I was chatting with Cisco support about other topics and asked their recommendation on this subject and they mentioned sticking with one interface for TURN and webbridge with a different port for the TURN TCP (447 for example) to keep it simpler.
Steve
05-11-2017 04:36 PM
what interface is the webbridge on? If you have the TURN server using 443 then it can't be on the same interface of the webbridge. You https://join.test.com is for the webbridge, the TURN server just comes into play to manage NAT\STUN\ICE type connectvity for the clients. Does that make sense?
Steve
05-11-2017 08:30 PM
Hi Stephen ,
Turn is on interface b so it wouldnt have a problem.
About turn server so the question is
from outside what ip address the URI join.test.com should resolve ? Turn ip or webbridge ip address ? And if in real depolyment which involve NAT what ip address i should map from outside to inside , is it webbridge ip or turn ip?
the same thing with h323 video call from outside should i call with ip address of callbridge or turn server ?
thanks
05-11-2017 08:41 PM
join.test.com should resolve to the Web Bridge.
TURN and Web Bridge should be resolvable externally if you want external guests to connect.
05-11-2017 09:39 PM
Hi Patrick ,
So in real environment if i have NAT and want external endpoint to call to CMS Space and use web conference , could you verify my setting as below ?
External
public ip : 1.1.1.1 NAT to inside IP address of webbridge
DNS should resolve https://join.test.com to 1.1.1.1
Internal
Turn server with IP 10.0.0.1 , webbridge IP : 192.168.0.1
DNS resolve https://join.test.com to 192.168.0.1
if this is correct when external endpoint call with h323 do they call with IP 1.1.1.1 to reach a space in Cisco CMS ? and if turn server is use a public ip such as 1.1.1.1 without NAT so which IP address should https://join.test.com resolve ?
Thank you
05-11-2017 11:04 PM
Endpoints will call the IP address that the Call Bridge is configured to use, or the SIP Edge if deployed, because you reference 1.1.1.1 for the Web Bridge and Call Bridge, I assume they're listening on the same interface.
As long as the Web Bridge and TURN both don't use the same 443 port, they can reside on the same interface, however if they are on separate interfaces, both will need to be accessible from the external network.
Take a look at the diagram in Chapter 2 of the CMS 2.1 SIngle Combined Deployment Guide, as well as the list of ports in Appendix B.
05-12-2017 01:12 AM
Hi Patrick ,
Thanks for help clarifying from what you just explain meaning that Turn server will operate on itself when there are conference call or web conference to CMS am i right ?
when user want to web conference or conference call from outside i need to NAT to Callbridge IP Address directly is it correct ?
so here the question , are there any different between using second interface for turn server or use the the first interface but different port in term of how user access to web conference or using endpoint call from external network.
05-15-2017 09:32 AM
Either way will work but at one point I was chatting with Cisco support about other topics and asked their recommendation on this subject and they mentioned sticking with one interface for TURN and webbridge with a different port for the TURN TCP (447 for example) to keep it simpler.
Steve
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide