TURN Server | Installation & Configuration On AWS

This blog post describes the way how to deploy and configure Google TURN server with all required steps. Mainly this installation and configuration has been tested on AWS(Amazon Web Services) cloud computer and confirmed. Because there are some connectivity issues while connecting to the TURN server remotely.

  1. Login to the AWS console and go to the EC2 menu and then launch new instance. In here there is called “Community AMIs”, go to that option and select the AMI called “rfc5766-turn-server”.
    Screen Shot 2015-03-24 at 10.37.52 AM
  2. There are several AMIs are listed under “rfc5766-turn-server”, take the latest version of the TURN server AMI and launch it with the relevant CPU, Memory, HDD, Network ,etc.
    Screen Shot 2015-03-24 at 10.42.17 AM
  3. In next step, you will be asked for configure Network policy and so on, open the relevant ports and for the network traffic. Port NO : 3478 TCP, 3478 UDP, 5349 TCP, 5349 UDP.
    Screen Shot 2015-03-24 at 10.52.12 AM
  4. Launch the instance after all the configuration is over and login to the server over the SSH.
  5. When you logging to the server there is a README.txt file in the home directory. That is good for get a high level knowledge of the TURN server.
  6. If you are planning to use TURN server with authentication, you have to define in users in the userdb in mysql. And also the configuration should be change to use short-term authentication.
    $ vim /etc/turnserver.conf
    # Uncomment to use long-term credential mechanism.
    # By default no credentials mechanism is used (any user allowed).
    # This option can be used with either flat file user database or 
    # PostgreSQL DB or MySQL DB or Redis DB for user keys storage.
    # lt-cred-mech
    # Uncomment to use short-term credential mechanism.
    # By default no credentials mechanism is used (any user allowed).
    # For short-term credential mechanism you have to use PostgreSQL or 
    # MySQL or Redis database for user password storage.
    # This option is opposite to lt-cred-mech or st-cred-mech. 
    # (TURN Server with no-auth option allows anonymous access).
    # If neither option is defined, and no users are defined,
    # then no-auth is default. If at least one user is defined,
     # in this file or in command line or in usersdb file, then
     # lt-cred-mech is default.
     # no-auth
    uncomment the "st-cred-mech” for the short-term authentication. And add the external IP for this configuration file.
  7. Open the turnuserdb.conf file and add the users for accessing TURN server. In short-term authentication mechanism should contains user credentials for the separate users for the same application, because short term authentication does not allow users to connect to the server simultaneously.
    $ vim /etc/turnuserdb.conf

    Define the users as follows in the configuration file, and save and exit the configuration file & restart the turn server.


    $ sudo /etc/init.d/rfc5766-turn-server stop
    $ sudo /etc/init.d/rfc5766-turn-server start

  8. In Long-Term Authentication, users can use the same user for simultaneous access the TURN server. The following configuration will guide you through the steps.
    $ vim /etc/turnserver.conf

    uncomment the lt-cred-mech in the configuration file, then save and exit. after that restart the TURN server.
    $ sudo /etc/init.d/rfc5766-turn-server stop
    $ sudo /etc/init.d/rfc5766-turn-server start

    These are the steps to be followed to install, configuration the TURN server on AWS cloud portal.


Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out /  Change )

Google photo

You are commenting using your Google account. Log Out /  Change )

Twitter picture

You are commenting using your Twitter account. Log Out /  Change )

Facebook photo

You are commenting using your Facebook account. Log Out /  Change )

Connecting to %s