No problem then :) You can set up both OM<->world and OM<->Apache<->world (latter configuration will use more "natural" 443 port + TURN ports only)
On Tue, 7 Apr 2020 at 10:37, Kirkham, George <[email protected]> wrote: > Hi, > > Thanks for the replies. > > I have no issue opening UDP ports 40000-60000, nor is it an issue for me > to use extra TCP or UDP ports other than port 443. That is using ports 80, > 443, 2443, 3443, 5070, 50-70, 5443, 8080, 8443, etc. > > People who would be connected to my OpenMeetings server should not be > behind restrictive firewalls, so I would not need to excursively use just > port 443. > > Thus if my Apache web server was using port 443, I do not mind using port > 5443, 5080, and UDP ports 40000-60000 for OpenMeetings, if this is possible? > > Are there other ports that need to be opened? > > FYI: My firewall has never had issues forwarding UDP ports in the past. > > https://openmeetings.apache.org/PortSettings.html > *Port settings* > Default Configuration > *Port 5443:* HTTPS (For web interface) > *Port 5080:* HTTP (For unsecured web interface, useful if SSL proxy > is being used) > > Configure alternative ports > You need to change $OM_HOME/conf/server.xml file, OpenMeetings server need > to be restarted so that changes are online. > Preventing Firewall issues > > A common way of bypassing the firewall is to change HTTP port to 80 > > On Tuesday, 07-04-2020 at 11:03 Maxim Solodovnik wrote: > > The problem here: TURN required UDP in range: 40000-60000 and it seems to > be impossible to pass all these connections via 443 > > On Tue, 7 Apr 2020 at 02:31, Zenon Panoussis <[email protected]> > wrote: > >> >> > I believe while you can redirect port 80 traffic to another >> > server, because port 443 traffic is encrypted, it cannot be >> > redirected. >> >> It can, as long as it is done transparently. If you have, say, >> serviceA on internalhostA:443 and serviceB on internalhostB:443, >> you can tell the router something like >> >> incoming on port 2443 -> hostA:443 >> incoming on port 3443 -> hostB:443 >> >> If the router is running linux, the above is very simple: >> >> iptables -A PREROUTING -t nat -i wan0 -p tcp --dport 2443 -j DNAT --to >> 192.168.1.10:443 >> iptables -A PREROUTING -t nat -i wan0 -p tcp --dport 3443 -j DNAT --to >> 192.168.1.20:443 >> iptables -A FORWARD -p tcp --dport 443 -j ACCEPT >> >> Cheers, >> >> Z >> >> >> > > -- > Best regards, > Maxim > > -- Best regards, Maxim
