coturn

OS : Debian10

Objectif : Installer un serveur TURN UDP en TLS only.

1) Installation

apt install coturn

2) Configuration

vi /etc/turnserver.conf

#PERSO
#external-ip=176.158.236.102
server-name=turn.underworld.fr
realm=turn.underworld.fr
no-tcp-relay
no-tcp
no-udp
# denied-peer-ip=192.168.0.0-192.168.255.255
# allowed-peer-ip=192.168.210.35
fingerprint
use-auth-secret
static-auth-secret=monsecretsecretsecret
cert=/usr/local/etc/turn_server_cert.pem
pkey=/usr/local/etc/turn_server_pkey.pem
dh-file=/usr/local/etc/turn_server_dhparam.pem
#user-quota=4
#verbose

3) Génération des certificats

openssl req -new -x509 -newkey rsa:4096 -days 3650 -keyout privkey.pem -out server.pem

openssl rsa -in privkey.pem -out privkey.pem

openssl dhparam -out dhparam.pem 4096

mv privkey.pem /usr/local/etc/turn_server_pkey.pem

mv server.pem /usr/local/etc/turn_server_cert.pem

mv dhparam.pem /usr/local/etc/turn_server_dhparam.pem

chown turnserver:turnserver -R /usr/local/etc/turn*

4) Activation au démarrage

vi /etc/default/coturn

TURNSERVER_ENABLED=1

5) Prise en compte des modifications

service coturn restart

6) Vérification dans la log

vi /var/log/syslog

8) Firewall

Ouvrir le port 5349 sur le firewall

Previous Post Next Post