BigBlueButton WebRTC not working if client behind proxy with SSL Decryption
18 views
Skip to first unread message
Vincent Verbeke
Nov 30, 2025, 6:07:20 AM (3 days ago) Nov 30
to BigBlueButton-Setup
Hi all, I hope that someone can point me in the right direction. We currently have a fine working set-up consisting of Scalelite, 2 separate TURN Servers, pool of 30 BBB vm's. We run it in Azure and have a splendid performance. We only have 1 remaining issue. Clients which are in an Enterprise Network and using a proxy with SSL Decryption cannot connect or cannot connect audio. From what we understand the issue is WSS, but we might be wrong. We have tried all different configurations, our customers internal IT is refusing to bypass the proxy for our hosts and the stringe thing is, on some other BigBlueButton environments they can connect and from all the testing we did, we cannot discover the differences. So it must be a configuration topic as it can work apparently. Any ideas?
Vincent Verbeke
Nov 30, 2025, 10:01:38 AM (3 days ago) Nov 30
to BigBlueButton-Setup
Some extra info: bbb15admin@bbb15:~$ sudo bbb-conf --check
BigBlueButton Server 3.0.16 (3080)
Kernel version: 6.8.0-1041-azure
Distribution: Ubuntu 22.04.5 LTS (64-bit)
Memory: 16327 MB
CPU cores: 4
/etc/bigbluebutton/bbb-web.properties (override for bbb-web)
/usr/share/bbb-web/WEB-INF/classes/bigbluebutton.properties (bbb-web)
bigbluebutton.web.serverURL: https://bbb15.vantage.ch
defaultGuestPolicy: ALWAYS_ACCEPT
defaultMeetingLayout: CUSTOM_LAYOUT
/etc/nginx/sites-available/bigbluebutton (nginx)
server_name: bbb15.vantage.ch
port: 80, [::]:80127.0.0.1:82 http2 proxy_protocol, [::1]:82 http2127.0.0.1:81 proxy_protocol, [::1]:81
/opt/freeswitch/etc/freeswitch/vars.xml (FreeSWITCH)
local_ip_v4: 172.18.0.8
external_rtp_ip: 20.199.136.208
external_sip_ip: 20.199.136.208
/opt/freeswitch/etc/freeswitch/sip_profiles/external.xml (FreeSWITCH)
ext-rtp-ip: $${external_rtp_ip}
ext-sip-ip: $${external_sip_ip}
ws-binding: 20.199.136.208:5066
wss-binding: 20.199.136.208:7443
UDP port ranges
FreeSWITCH: 16384-24576
bbb-webrtc-sfu: 24577-32768
bbb-webrtc-recorder: 24577-32768
/usr/local/bigbluebutton/core/scripts/bigbluebutton.yml (record and playback)
playback_host: bbb15.vantage.ch
playback_protocol: https
ffmpeg: 4.4.2-0ubuntu0.22.04.1
/usr/share/bigbluebutton/nginx/sip.nginx (sip.nginx)
proxy_pass: 20.199.136.208
protocol: https
/usr/local/bigbluebutton/bbb-webrtc-sfu/config/default.yml (bbb-webrtc-sfu)
/etc/bigbluebutton/bbb-webrtc-sfu/production.yml (bbb-webrtc-sfu - override)
mediasoup.webrtc.*.announcedIp: 20.199.136.208
mediasoup.plainRtp.*.announcedIp: 20.199.136.208
freeswitch.sip_ip: 20.199.136.208
recordingAdapter: bbb-webrtc-recorder
recordScreenSharing: true
recordWebcams: true
codec_video_main: VP8
codec_video_content: VP8
/etc/bbb-webrtc-recorder/bbb-webrtc-recorder.yml (bbb-webrtc-recorder)
/etc/bigbluebutton/bbb-webrtc-recorder.yml (bbb-webrtc-recorder - override)
debug: null
recorder.directory: /var/lib/bbb-webrtc-recorder
/usr/share/bigbluebutton/html5-client/private/config/settings.yml (HTML5 client)
/etc/bigbluebutton/bbb-html5.yml (HTML5 client config override)
build: 1507
kurentoUrl: wss://bbb15.vantage.ch/bbb-webrtc-sfu
defaultFullAudioBridge: fullaudio
defaultListenOnlyBridge: fullaudio
sipjsHackViaWs: false
# Potential problems described below
# Warning: The setting of 20.199.136.208 for proxy_pass in
#
# /usr/share/bigbluebutton/nginx/sip.nginx
#
# does not match the local IP address (172.18.0.8).
# (This is OK if you've manually changed the values)
BigBlueButton Server 3.0.16 (3080)
Kernel version: 6.8.0-1041-azure
Distribution: Ubuntu 22.04.5 LTS (64-bit)
Memory: 16327 MB
CPU cores: 4
/etc/bigbluebutton/bbb-web.properties (override for bbb-web)
/usr/share/bbb-web/WEB-INF/classes/bigbluebutton.properties (bbb-web)
bigbluebutton.web.serverURL: https://bbb15.vantage.ch
defaultGuestPolicy: ALWAYS_ACCEPT
defaultMeetingLayout: CUSTOM_LAYOUT
/etc/nginx/sites-available/bigbluebutton (nginx)
server_name: bbb15.vantage.ch
port: 80, [::]:80127.0.0.1:82 http2 proxy_protocol, [::1]:82 http2127.0.0.1:81 proxy_protocol, [::1]:81
/opt/freeswitch/etc/freeswitch/vars.xml (FreeSWITCH)
local_ip_v4: 172.18.0.8
external_rtp_ip: 20.199.136.208
external_sip_ip: 20.199.136.208
/opt/freeswitch/etc/freeswitch/sip_profiles/external.xml (FreeSWITCH)
ext-rtp-ip: $${external_rtp_ip}
ext-sip-ip: $${external_sip_ip}
ws-binding: 20.199.136.208:5066
wss-binding: 20.199.136.208:7443
UDP port ranges
FreeSWITCH: 16384-24576
bbb-webrtc-sfu: 24577-32768
bbb-webrtc-recorder: 24577-32768
/usr/local/bigbluebutton/core/scripts/bigbluebutton.yml (record and playback)
playback_host: bbb15.vantage.ch
playback_protocol: https
ffmpeg: 4.4.2-0ubuntu0.22.04.1
/usr/share/bigbluebutton/nginx/sip.nginx (sip.nginx)
proxy_pass: 20.199.136.208
protocol: https
/usr/local/bigbluebutton/bbb-webrtc-sfu/config/default.yml (bbb-webrtc-sfu)
/etc/bigbluebutton/bbb-webrtc-sfu/production.yml (bbb-webrtc-sfu - override)
mediasoup.webrtc.*.announcedIp: 20.199.136.208
mediasoup.plainRtp.*.announcedIp: 20.199.136.208
freeswitch.sip_ip: 20.199.136.208
recordingAdapter: bbb-webrtc-recorder
recordScreenSharing: true
recordWebcams: true
codec_video_main: VP8
codec_video_content: VP8
/etc/bbb-webrtc-recorder/bbb-webrtc-recorder.yml (bbb-webrtc-recorder)
/etc/bigbluebutton/bbb-webrtc-recorder.yml (bbb-webrtc-recorder - override)
debug: null
recorder.directory: /var/lib/bbb-webrtc-recorder
/usr/share/bigbluebutton/html5-client/private/config/settings.yml (HTML5 client)
/etc/bigbluebutton/bbb-html5.yml (HTML5 client config override)
build: 1507
kurentoUrl: wss://bbb15.vantage.ch/bbb-webrtc-sfu
defaultFullAudioBridge: fullaudio
defaultListenOnlyBridge: fullaudio
sipjsHackViaWs: false
# Potential problems described below
# Warning: The setting of 20.199.136.208 for proxy_pass in
#
# /usr/share/bigbluebutton/nginx/sip.nginx
#
# does not match the local IP address (172.18.0.8).
# (This is OK if you've manually changed the values)
we tried disabling HAProxy and so on but nothing helps
Reply all
Reply to author
Forward
0 new messages