No TURN TLS/443
This can cause connection failures in restrictive networks where UDP and non-standard TCP ports are blocked (where only HTTPS traffic is allowed). Consider adding one to improve connectivity where only HTTPS traffic is allowed.
Description
Not having a TURN server with TLS on port 443 can cause connection failures in restrictive networks where UDP and non-standard TCP ports are blocked. This is because some IT managers will configure their networks to block all traffic, but will still allow traffic on port 443, because it is needed for regular web browsing. Using TURN with TLS on port 443 may use that as a “loophole” to work in such environments.
What do we do here?
We look into every peer-connections iceServers parameter to detect if we find a configuration where there is no TURN server configured with an URL starting with “turns:” and with port 443.
Our suggestions
- If you get complaints about connectivity, they might be related. Try adding a TURN/TLS server to your iceServers configuration and check if it works better using port 443 with your user base