Did you configure CMS to use the Expressway for TURN services?
Make sure your certificates are correct as well, that the web bridge trusts the call bridge's certificate.
Given that it says "Unauthorized", maybe your TURN credentials either on CMS or the Expressway?
Other than that, I would highly suggest getting the firewall people involved. If you have access to a VM or switch in the same network segment as the Expressway-E's external interface, you could try joining from there so that the firewall wasn't in the way...
I have a same issue on same deployment model, and get same error too,
I know the documentation is tell if that error appear we must check the Turn credentials either on CMS or Expressway, i have already make sure and the credentials should be match.
in my case, Webrtc (internal) works fine, however, when remote user through expressway E (WebRTC from internet) join a meeting, a remote user was kicked after some time..
i have already adjust video rate to very low quality still no luck.
Please advice about what steps are being used to resolve this issues
Gilang, do you get video and subsequently get kicked, or do you get no video at all? If you do have video, does it look like you have packet loss?
If you get good quality video then get kicked, I would suggest firewall, possibly a timeout issue.
If you get poor quality video and later get kicked, it's probably packet loss, this can be an issue even in low bandwidth calls.
If you never get any video, it's likely firewall or TURN server configuration, see my posts above.
This sounds like the same issue I had: https://supportforums.cisco.com/discussion/13307211/issues-getting-cms-webrtc-work-expressway
A few things to check;
The TAC re-added my TURN server via API, using IP address instead of FQDN (not sure if this was actually required or not). In addition, I was missing some ports on my firewall (TCP/UDP 3478) - I would suggest writing down the public IP address of the computer you are trying to connect from, then searching for drops to and from that address on your firewall.
I have same problem with you but our system is
- Expressway 8.10.3 (duel NIC)
- CMS 2.5.1
- Didn't enable NAT Reflection on Firewall side.
My problem is cannot establish connection to space. Same error with you. So how you to resolved this case? It may came from NAT Reflection?