Dear List, i gathered more information:
1) I talked to my provider. They promised, that there is no other firewall between my VPS and the Internet. 2) Did some more port testing. On my server i issued (netcat): ls | nc -l -u -p 49152 that means pipe ls output to nc listening in udp mode on 49152 On my client side: sudo nmap -sU -p 49152 myserver The answer was: PORT STATE SERVICE 49152/udp open unknown Without the pipe through netcat nmap shows me a closed port for 49152 ... (coturn) even though coturn is up and running .... Did i misconfigure my coturn or is coturn opening up the port only if needed ? Greeting, kaffeesurrogat On 10/07/2020 07:28, kaffeesurrogat wrote: > Dear List, > > I followed the thread "RE: InvalidStateError: Failed to set remote > answer sdp: Called in wrong state: kStable". > Alain DEVILLE talked about this problem he had with opening up ports > 49152:65535/udp for incoming and outgoing traffic. > > On Ubuntu 18.04 LTS I installed ufw to set up a firewall. > > > ufw status verbose gives: > > > 22 ALLOW IN Anywhere > 3478/tcp ALLOW IN Anywhere > 3478/udp ALLOW IN Anywhere > 5443/tcp ALLOW IN Anywhere > 8888/tcp ALLOW IN Anywhere > 49152:65535/udp ALLOW IN Anywhere > 22 (v6) ALLOW IN Anywhere (v6) > 3478/tcp (v6) ALLOW IN Anywhere (v6) > 3478/udp (v6) ALLOW IN Anywhere (v6) > 5443/tcp (v6) ALLOW IN Anywhere (v6) > 8888/tcp (v6) ALLOW IN Anywhere (v6) > 49152:65535/udp (v6) ALLOW IN Anywhere (v6) > > 49152:65535/udp ALLOW OUT Anywhere > 49152:65535/udp (v6) ALLOW OUT Anywhere (v6) > > So I believe they are open. > > Using telnet myserver 49152 gives a "trying myserver" until there is a > timeout. > > Disabling ufw and telneting again says: > > > Trying myserver... > telnet: connect to address myserver: Connection refused > > > Thus the firewall rules make a difference. > > Using sudo nmap -sU -p 49152 myserver > > > PORT STATE SERVICE > 49152/udp closed unknown > > > even if I enabled ufw firewall > > This contradicts the telnet result doesn't it ? > > > The "kStable ....." error still shows up from time to time .... > > > My questions: > > > 1) How can I test for open ports49152:65535 and be sure about the result? > 2) My Provider is Strato. Do I have to contact the provider to open up > the ports for incoming and outgoing udp packages ? > 3) Are my firewall rules correct? > I did not manage to find instructions on installing the pure iptables > alternative on ubuntu 18.04. I've tried to implement the stuff from the > ALVARO-manual about SSL. This time using ufw. > > Many thanks .... > > kaffeesurrogat .... > > >
