Why prefer port 80 over 3478 in TURN server
209 views
Skip to first unread message
Ankit -
Feb 6, 2018, 12:21:31 PM2/6/18
to TURN Server (Open-Source project)
I have read that it is recommended to listen on port 80/443 instead of 3478 for strict firewalls. Given, that OS assigns the port on client side and corporate firewalls restricts client not server. How listening on port 80/443 is going to benefit?
Thanks
Thanks
Lee Sylvester
Feb 6, 2018, 1:44:33 PM2/6/18
to Ankit -, TURN Server (Open-Source project)
Hi Ankit,
Some networks only allow traffic, specifically UDP, over port 80 / 443. Thus, providing that option improves connectivity chances. It is best to offer both 80/443 as well as the standard STUN ports.
Some networks only allow traffic, specifically UDP, over port 80 / 443. Thus, providing that option improves connectivity chances. It is best to offer both 80/443 as well as the standard STUN ports.
Lee
I have read that it is recommended to listen on port 80/443 instead of 3478 for strict firewalls. Given, that OS assigns the port on client side and corporate firewalls restricts client not server. How listening on port 80/443 is going to benefit?
Thanks
--
You received this message because you are subscribed to the Google Groups "TURN Server (Open-Source project)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to turn-server-project-rfc57...@googlegroups.com.
To post to this group, send email to turn-server-project...@googlegroups.com.
Visit this group at https://groups.google.com/group/turn-server-project-rfc5766-turn-server.
For more options, visit https://groups.google.com/d/optout.
Ankit -
Feb 6, 2018, 1:50:49 PM2/6/18
to TURN Server (Open-Source project)
Hello!
So you mean if the TURN server is listening on port 80 then client's OS will also use port 80 for making that connection. If you are talking about blocking on TURN server, then my TURN server is on Digital Ocean which has not blocked any of the ports.
So you mean if the TURN server is listening on port 80 then client's OS will also use port 80 for making that connection. If you are talking about blocking on TURN server, then my TURN server is on Digital Ocean which has not blocked any of the ports.
On Wednesday, February 7, 2018 at 12:14:33 AM UTC+5:30, Lee Sylvester wrote:
Hi Ankit,
Some networks only allow traffic, specifically UDP, over port 80 / 443. Thus, providing that option improves connectivity chances. It is best to offer both 80/443 as well as the standard STUN ports.
I have read that it is recommended to listen on port 80/443 instead of 3478 for strict firewalls. Given, that OS assigns the port on client side and corporate firewalls restricts client not server. How listening on port 80/443 is going to benefit?--
Thanks
You received this message because you are subscribed to the Google Groups "TURN Server (Open-Source project)" group.
To unsubscribe from this group and stop receiving emails from it, send an email to turn-server-project-rfc5766-turn-server+unsubscribe@googlegroups.com.
To post to this group, send email to turn-server-project-rfc5766-turn-...@googlegroups.com.
Warren McDonald
Feb 7, 2018, 3:28:05 AM2/7/18
to TURN Server (Open-Source project)
This issue is egress rules. Most corporate firewalls block almost all outgoing traffic from desktops except for web traffic going to ports 80/443. Some block that too and only allow outgoing via a web proxy server.
So if you are using just 3478 as a target port, it may not ever make it out of the users network.
Using 443 is good as it also supports outgoing tunneling proxy connections to TURN. Most proxies don't support this on non SSL designated ports like 80.
The final catch is that some firewalls also drop non SSL/TLS traffic going out to 443, so you should specify turns: protocol on 443 as well.
Reply all
Reply to author
Forward
0 new messages