<div dir="ltr"><div>In this case, you *must* restart freeswitch, reloadxml is not enough<br></div><div>-giovanni<br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Aug 11, 2020 at 9:01 PM David P <<a href="mailto:davidswalkabout@gmail.com">davidswalkabout@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="ltr"><div>Thank you for your suggestion, Sergey. However, I found that introducing those two settings (in FSv10.4 on Debian10) made no difference; I still got just one candidate in FS's answer SDP and it's udp rather than tcp (for port 443)...</div><div><br></div><div>Before introducing<br>  <X-PRE-PROCESS cmd="set" data="add_ice_candidates=true"/> in /etc/freeswitch/vars.xml<br>and<br>  <action application="set" data="media_webrtc=true"/>      in /etc/freeswitch/dialplan/mydialplan.xml<br>the browser receives Answer SDP containing only one ice candidate:<br>a=candidate:5500513041 1 udp 659136 35.xxx.yy.zzz 26928 typ host generation 0<br><br>After introducing those two config changes, and `fs_cli -x "reloadxml"`, the set of candidates in the answer the browser gets is the same:<br>a=candidate:4793838179 1 udp 659136 35.xxx.yy.zzz 19518 typ host generation 0<br></div><div><br></div><div>The reason I asked about supporting all media (and signaling) via port 443 is that some users are in firewalls that block all ports except 443 (or 80).</div><div><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Mon, Aug 10, 2020 at 5:14 AM <<a href="mailto:freeswitch-users-request@lists.freeswitch.org" target="_blank">freeswitch-users-request@lists.freeswitch.org</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex">---------- Forwarded message ----------<br>From: Sergey Safarov <<a href="mailto:s.safarov@gmail.com" target="_blank">s.safarov@gmail.com</a>><br><br><div dir="ltr">You can offer ice for all calls from FreeSwitch without coturn<div><br></div><div><X-PRE-PROCESS cmd="set" data="add_ice_candidates=true"/><br><br>More details<br><a href="https://freeswitch.org/confluence/display/FREESWITCH/NAT+Traversal#NATTraversal-FreeSWITCHBehindNAT" target="_blank">https://freeswitch.org/confluence/display/FREESWITCH/NAT+Traversal#NATTraversal-FreeSWITCHBehindNAT</a><br></div><div><br></div><div>also, you can try the variable "media_webrtc=true"</div><div><br></div><div><br></div></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Sun, Aug 9, 2020 at 8:42 PM David P <<a href="mailto:davidswalkabout@gmail.com" target="_blank">davidswalkabout@gmail.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div dir="auto">Can FS v1.10 be configured to handle SRTP of all calls via port 443?<div dir="auto"><br></div><div dir="auto">This would allow us to stop using coturn, which is often too slow to provide a TLS relay candidate before browsers finish gathering ice candidates.</div></div></blockquote></div></blockquote></div></div>
_________________________________________________________________________<br>
<br>
The FreeSWITCH project is sponsored by SignalWire <a href="https://signalwire.com" rel="noreferrer" target="_blank">https://signalwire.com</a><br>
Enhance your FreeSWITCH install with disruptive priced SMS and PSTN services.<br>
Build your next product on our scalable cloud platform.<br>
<br>
Join our online community to chat in real time <a href="https://signalwire.community" rel="noreferrer" target="_blank">https://signalwire.community</a><br>
<br>
Professional FreeSWITCH Services<br>
<a href="mailto:sales@freeswitch.com" target="_blank">sales@freeswitch.com</a><br>
<a href="https://freeswitch.com" rel="noreferrer" target="_blank">https://freeswitch.com</a><br>
<br>
Official FreeSWITCH Sites<br>
<a href="https://freeswitch.com/oss" rel="noreferrer" target="_blank">https://freeswitch.com/oss</a><br>
<a href="https://freeswitch.org/confluence" rel="noreferrer" target="_blank">https://freeswitch.org/confluence</a><br>
<a href="https://cluecon.com" rel="noreferrer" target="_blank">https://cluecon.com</a><br>
<br>
FreeSWITCH-users mailing list<br>
<a href="mailto:FreeSWITCH-users@lists.freeswitch.org" target="_blank">FreeSWITCH-users@lists.freeswitch.org</a><br>
<a href="http://lists.freeswitch.org/mailman/listinfo/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/mailman/listinfo/freeswitch-users</a><br>
UNSUBSCRIBE:<a href="http://lists.freeswitch.org/mailman/options/freeswitch-users" rel="noreferrer" target="_blank">http://lists.freeswitch.org/mailman/options/freeswitch-users</a><br>
<a href="https://freeswitch.com" rel="noreferrer" target="_blank">https://freeswitch.com</a></blockquote></div><br clear="all"><br>-- <br><div dir="ltr" class="gmail_signature">Sincerely,<br><br>Giovanni Maruzzelli<br>OpenTelecom.IT<br>cell: +39 347 266 56 18<br><br></div>