From b8d58293e5289a0b252b1f2cd74d873527982bad Mon Sep 17 00:00:00 2001 From: basisbit Date: Sun, 19 Apr 2020 00:38:51 +0200 Subject: [PATCH 1/2] update FAQ required open tcp ports fixes https://github.com/bigbluebutton/bigbluebutton/issues/9132 --- _posts/2015-04-05-faq.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/_posts/2015-04-05-faq.md b/_posts/2015-04-05-faq.md index a8733c8c..1e498aa0 100755 --- a/_posts/2015-04-05-faq.md +++ b/_posts/2015-04-05-faq.md @@ -471,7 +471,7 @@ For the above reasons, we recommend you setup BigBlueButton on a dedicated serve ### What ports must be open for external users to connect to BigBlueButton -For TCP ports, clients must be able to connect to the BigBlueButton server on port 80/443 (HTTP/HTTPS), 7443 (audio), and 1935 (RTMP). +For TCP ports, clients must be able to connect to the BigBlueButton server on port 80/443 (HTTP/HTTPS). For UDP ports, clients must be able to connect on a port within the range 16384-32767 for WebRTC-based audio. From 762a11e7a43ef66e7122bee2dfc149e0acf0c594 Mon Sep 17 00:00:00 2001 From: basisbit Date: Wed, 22 Apr 2020 12:32:27 +0200 Subject: [PATCH 2/2] remove tcp7443 and tcp1935 mentions from firewall testing instructions --- _posts/2019-02-14-configure-firewall.md | 14 +++++++------- 1 file changed, 7 insertions(+), 7 deletions(-) diff --git a/_posts/2019-02-14-configure-firewall.md b/_posts/2019-02-14-configure-firewall.md index 98846403..05585983 100644 --- a/_posts/2019-02-14-configure-firewall.md +++ b/_posts/2019-02-14-configure-firewall.md @@ -78,29 +78,29 @@ $ sudo apt-get install netcat Next, stop BigBlueButton with the command `sudo bbb-conf --stop`. This frees up the ports we want to test. We can now run `netcat` to listen on ports and try connecting from an external computer. As root, run the following command: ```bash -$ netcat -l 7443 +$ netcat -l 443 ``` -`netcat` is now going to echo to the terminal any text it receives on port 7443 (you can quit the command later using Ctrl-c). +`netcat` is now going to echo to the terminal any text it receives on port 443 (you can quit the command later using Ctrl-c). Next, on a second computer that is external to the firewall -- that is, it must go through the firewall to access the BigBlueButton server -- install `netcat` as well. Replace `EXTERNAL_HOST_NAME` with the hostname of your firewall, run the following command ```bash -$ netcat EXTERNAL_HOST_NAME 7443 +$ netcat EXTERNAL_HOST_NAME 443 ``` and type type the word 'test' and press ENTER. -If the firewall is forwarding incoming connections on port 7443 to the internal BigBlueButton server, you should see the word 'test' appear after the `netcat -l 7443` command, as in +If the firewall is forwarding incoming connections on port 443 to the internal BigBlueButton server, you should see the word 'test' appear after the `netcat -l 443` command, as in ```bash -$ netcat -l 7443 +$ netcat -l 443 test ``` -If the word `test` does not appear, double-check the firewall configuration to ensure its forwarding connections on port 7443 and then test again. You want to see the word `test` appear before proceeding to the installation BigBlueButton. +If the word `test` does not appear, double-check the firewall configuration to ensure its forwarding connections on port 443 and then test again. You want to see the word `test` appear before proceeding to the installation BigBlueButton. -Repeat these tests with ports 80, 443, and 1935. +Repeat these tests with port 80. That covers the TCP/IP ports. Next, we need to test that UDP connections in the range 16384-32768 are forwarded as well. On your BigBlueButton server, run the following `netcat` command to listen for incoming data via UDP on port 17000 (here, we're picking a port in the range 16384-32768).