如何在公司代理后面使用stun.l.google.com?

How to use stun.l.google.com behind a corporate proxy?

我想配置

的本地副本

https://github.com/mattermost/mattermost-webrtc/blob/master/vagrant/janus/config/janus.cfg

启用video calls for test purposes in Mattermost。一部分是:

[nat]
stun_server = stun.l.google.com
stun_port = 19302

如何在公司代理后面使用 stun.l.google.com

我试过了

proxytunnel -p corporate-proxy:7123 -d stun.l.google.com:19302 -a 3098

并将第一部分替换为

[nat]
stun_server = localhost
stun_port = 3098

这导致

$ docker run -it webrtc_blah_2
Janus commit: ad2c131617ac989df1a1bbd601272a5e448cbb3e
Compiled on:  Mon Jul 24 13:04:22 UTC 2017

---------------------------------------------------
  Starting Meetecho Janus (WebRTC Gateway) v0.2.4
---------------------------------------------------

Checking command line arguments...
Debug/log level is 4
Debug/log timestamps are disabled
Debug/log colors are enabled
Adding 'vmnet' to the ICE ignore list...
Using X.17.0.2 as local IP...
Token based authentication enabled
Initializing recorder code
Initializing ICE stuff (Full mode, ICE-TCP candidates disabled, IPv6 support disabled)
STUN server to use: localhost:3098
ICE handles watchdog started
Testing STUN server: message is of 20 bytes
[FATAL] [ice.c:janus_ice_set_stun_server:808] No response to our STUN BINDING test
[FATAL] [janus.c:main:3667] Invalid STUN address localhost:3098

与默认配置类似(见最后两行):

[FATAL] [ice.c:janus_ice_set_stun_server:808] No response to our STUN BINDING test
[FATAL] [janus.c:main:3667] Invalid STUN address stun.l.google.com:19302

1.STUN 和 TURN 两个服务器都在各自的 RFC 中定义,只能在 Public IPs

上设置

2.Stun 服务器用于提供您的防火墙的 public IP,如果您在防火墙中配置,您的 STUN 绑定请求(SBR)将没有响应,因为没有外部服务器从您的防火墙配置。

3.On STUN 服务器的一项非常肤浅的工作是从源接收 SBR 并检查来自传输层的 IP 地址,return 同样的响应加上找到一个端口,它将敞开心扉去接触源头。

4.Later 在同一端口上打孔,使用 STUN 绑定指示使其在整个会话期间打开。

关键是不应在防火墙内配置 STUN 或 TURN,因为这没有用。