iceConnectionState is disconnected (when used over the internet)

Question

This question has been asked before, but I have not found an answer yet. I'm basically having the same problem as described here and here.

I'm trying to set up a webRTC connection using PeerJS. It works flawlessly in LAN but I can't get it to work over the internet. I'm using coturn as TURN server, but so far this has not solved the problem.The Chromium console prints out the following:

PeerJS:  Added ICE candidate for: client1
peer.js:1476 PeerJS:  Set remoteDescription: ANSWER for: client1
peer.js:1476 PeerJS:  Set remoteDescription: OFFER for: client1
peer.js:1476 PeerJS:  Set remoteDescription: ANSWER for: client1
peer.js:1476 PeerJS:  Received remote stream
peer.js:1476 PeerJS:  Receiving stream MediaStream
peer.js:1476 PeerJS:  Created answer.
peer.js:1476 PeerJS:  Set localDescription: answer for: client1
3peer.js:1476 PeerJS:  Received ICE candidates for: client1
3peer.js:1476 PeerJS:  Added ICE candidate for: client1
peer.js:1476 PeerJS:  iceConnectionState is disconnected, closing connections to client1
peer.js:1476 PeerJS:  Cleaning up PeerConnection to client1
2peer.js:1476 PeerJS:  iceConnectionState is disconnected, closing connections to client1

The peer object I'm using looks like that:

var peer = new Peer(
    GetURLParameter('id'),
    { key: peerKey, debug: peerDebug},
    {config:
        { 'iceServers': [
            { url: 'stun:[server ip here]:3478'},
            { url: 'turn:[server ip here]:3478'}
        ]}
    }
);

coturn, upon starting the turnserver with turnserver -L [server ip], prints out the following:

0: Relay address to use: [server ip here]
0: pid file created: /var/run/turnserver.pid
0: IO method (main listener thread): epoll (with changelist)
0: WARNING: I cannot support STUN CHANGE_REQUEST functionality because only one IP address is provided
0: Wait for relay ports initialization...
0:   relay [server ip here] initialization...
0:   relay [server ip here] initialization done
0: Relay ports initialization done
0: IO method (general relay thread): epoll (with changelist)
0: turn server id=0 created
0: IPv4. UDP listener opened on: [server ip here]:3478
0: IPv4. TCP listener opened on : [server ip here]:3478
0: Total UDP servers: 1
0: Total General servers: 1
0: IO method (cli thread): epoll (with changelist)
0: IPv4. CLI listener opened on : 127.0.0.1:5766
0: IO method (auth thread): epoll (with changelist)

And finally since I guess this could be a security issue, my iptables configuration currently looks like that:

Chain INPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:3478
ACCEPT     udp  --  anywhere             anywhere             udp dpt:3478

Chain FORWARD (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:3478
ACCEPT     udp  --  anywhere             anywhere             udp dpt:3478

Chain OUTPUT (policy ACCEPT)
target     prot opt source               destination         
ACCEPT     tcp  --  anywhere             anywhere             tcp dpt:3478
ACCEPT     udp  --  anywhere             anywhere             udp dpt:3478

Anyone got an idea how to get this thing working? Any help would be greatly appreciated!

EDIT: It turns out my JSON for the TURN config was messy. My new peer object now looks like that:

var peer = new Peer(
    GetURLParameter('id'), {
        key: peerKey,
        debug: peerDebug,
        config: {
            'iceServers': [
                { url: 'stun:[server ip]:3478'},
                { url: 'turn:[server ip]:3478'}
            ]
        }
    }
);

This gives me a lot more feedback on the TURN server (so I guess I'm heading in the right direction) - but the problem persists nonetheless.

---

EDIT2: Well, it gets rather strange. It seems to be some kind of cross browser compatiblity issue. Using the TURN server test tool that mido suggested, I get different results in Firefox than in Chromium. I intend to use Chromium because it's kiosk mode would come in very handy for my application. But back to the turn server. In Firefox, when using user accounts, everything seems to work fine: The output of the github test page:

0.004   1   host    0   UDP 192.168.178.28  39919   126 | 32512 | 255
0.005   2   host    0   UDP 192.168.178.28  56123   126 | 32512 | 254
0.076   1   srflx   1   UDP 178.39.74.108   39919   100 | 32543 | 255
0.077   1   relay   2   UDP [Server IP ]    52147   5 | 32543 | 255
0.098   2   srflx   1   UDP 178.39.74.108   56123   100 | 32543 | 254
0.099   2   relay   2   UDP [Server IP ]    60002   5 | 32543 | 254
0.099   Done

However, allowing anonymous access to the TURN server and trying to log in without username and password, absolutely nothing happens.

Different story in Chromium: With username and password supplied, the following happens:

0.002   1   host    138421141   udp 192.168.178.28  42343   126 | 30 | 255
0.002   2   host    138421141   udp 192.168.178.28  49001   126 | 30 | 254
0.028   1   srflx   842163049   udp 178.39.74.108   42343   100 | 30 | 255
0.049   2   srflx   842163049   udp 178.39.74.108   49001   100 | 30 | 254

...while the terminal on the TURN server is printing out 401 error messages over and over. It seems to me that the credentials never reach the server when using chromium. The 401 error message states an empty username.

I could really use Chromium for that thing. Does anyone has an idea on how to get that working?

Answer 1

please check firewall setting at your turn server.