vMix Forums
»
General
»
vMix Call
»
VMix Call troubleshooting - Use of vmix call in corporate network with restrictive firewall rules
Rank: Newbie
Groups: Registered
Joined: 8/29/2020(UTC) Posts: 2 Location: Madrid
|
Hi colleagues.
I am encountering problems using Vmix call in corporate network with restricted firewall rules.
Considering below requirements, we are only allowing outbound connection using 10349 TCP port but no inbound traffic is allowed for now as for us it is risky from security standpoint.
NETWORK REQUIREMENTS INCLUDED IN Vmix documentation: TURN/STUN: Port 10349 UDP/TCP Video/Audio Streams: Dynamic Port Allocation UDP - 49152-65535
My questions are the following: - Is it possible to make vmix call work in a corporate network with restrictive firewall rules? - Is there any way for vmix to work without having to open a huge number of inbound traffic ports? - Is it possible to distinguish between legitimate traffic from vmix servers and illicit traffic somehow? By using tcp/udp headers data? We want to filter traffic by using application control in firewall with specific signatures if possible as it is not possible to limit IPs/FQDNs at firewall level. - We are testing only with outbound traffic connection and allowing 10349 TCP port but vmix is using 443 port instead. Is the information provided by vmix in the documentation accurate? - What is the difference between Point-to-point connection and not P2P in terms of network requirements? Are the requirements the same?
Thanks collegues for your help. Regards.
|
|
|
|
Rank: Advanced Member
Groups: Registered
Joined: 4/28/2020(UTC) Posts: 40 Location: San Francisco Was thanked: 6 time(s) in 5 post(s)
|
vmixcall.com (the webpage itself) uses port 443 (HTTPS). The connect of the call within it uses 10349 (if p2p isn't available)
I'd try opening up UDP on 10349 as well and see if it helps.
Our normal firewalls absolutely block inbound ports, but no issues w/ 10349 TCP/UDP outbound being opened up.
DT
|
|
|
|
Rank: Advanced Member
Groups: Registered
Joined: 4/23/2017(UTC) Posts: 1,231 Location: Germany Thanks: 3 times Was thanked: 168 time(s) in 150 post(s)
|
Is it possible to make vmix call work in a corporate network with restrictive firewall rules? YES
Is there any way for vmix to work without having to open a huge number of inbound traffic ports? YES, vmixcall (webRTC) is working with a signaling server to make the two partners IP addresses available. If a direct P2P connection is not possible (firewall/proxy/nat) it will use the TURN server.
Is it possible to distinguish between legitimate traffic from vmix servers and illicit traffic somehow? You can use Wireshark to analyse the packets.
What is the difference between Point-to-point connection and not P2P in terms of network requirements? Are the requirements the same? P2P needs open UDP ports on both sides to be successful. The fallback is TURN. There, both sides just have traffic with the TURN server.
|
|
|
|
vMix Forums
»
General
»
vMix Call
»
VMix Call troubleshooting - Use of vmix call in corporate network with restrictive firewall rules
Forum Jump
You cannot post new topics in this forum.
You cannot reply to topics in this forum.
You cannot delete your posts in this forum.
You cannot edit your posts in this forum.
You cannot create polls in this forum.
You cannot vote in polls in this forum.
Important Information:
The vMix Forums uses cookies. By continuing to browse this site, you are agreeing to our use of cookies.
More Details
Close