powered by Jive Software

Jingle, Firewalls, and ports

Hey we have the voice call working on the lan in the office and we are using ver 2.5.1. But when we try to connect to the other office, we are not able to connect. I guess the problem is opening ports on the firewall. Which ports need to be opened?

I’‘m having a similar problem as well. It works fine inside our firewall but anyone outside the firewall the call gets disconnected. I’'m assuming certain ports need to be opened up.

We’'re attempting to work this out.

From what I’'ve seen, clients talk to each other directly by default (on a random UDP port)

If that doesn’'t work, they should attempt to use a media proxy.

For that to work, you need to open UDP ports 10-20k to the media proxy server.

However, we’'ve not got as far as testing that yet.


I downloaded spark 2.5.1 and could not find any way to initiate a call.

Could you tell me where to find this feature so that I can experiment with it.


When 2 ver 2.5.1 clients are messaging each other, you will see a telephone Icon in the upper right corner. Click it and the rest is automatic.

I’‘m not expert as I just installed the client but have been testing this and the first few times my coworker and I logged in we did not have the icon. Suddenly it appeared for him after he logged in again. So, I logged out and back in and sure enough I had the phone icon as well although we can’'t connect because of the firewall issues mentioned earlier in this thread.


Has anyone figured out how to make Jingle work over an Internet connection yet? What ports to I need open on my firewall to talk to someone else?


Put simply - no me!

I can make it work in a limited set of circumstances.

Here’'s what I do know;

  1. All things being equal, voice chats are done client to client using XMPP for setup.

  2. The clients will talk on random UDP ports

  3. If you use NAT, the clients probably will not work.

So, if you have a non NAT’'d client to client connection and open up all high UDP ports on both firewalls it will work.

That’‘s extremely unlikely to you’'ll probably want to use the media proxy (UDP ports 10k to 20k by default) and possibly STUN (running out of info here, but STUN supposedly helps NAT traversal for jingle).


I’'m not really sure what a media proxy is, nor do I know what STUN is.

The Media Proxy is a service which runs on an Openfire server and is designed to ‘‘help’’ clients communicate with each other where direct communication is not possible.

It’'s simple to configure in the web UI - just enable it, and specify the ports range it can use. Then, in theory all you have to do is enable that port range through the firewall.

One caveat though, if your clients cannot resolve your openfire domain name in DNS then it won’'t work.

i.e. your clients will attempt to talk to xmppdomain.com on those UDP ports. If you’‘re using A records for locating your openfire server then you should be ok with that. If that’‘s not possible (as with my setup) as you use SRV records then this won’'t work until the next release of the product.