Troubleshoot Firewall Type for WebRTC

Orchid Core VMS Servers need to be behind a compatible NAT type (basically, anything but Symmetric NAT) in order for bidirectional communication to be possible through a firewall.  See here:



Run the below on the client and server side to determine which NAT types are in use.  See the guide at the bottom of the article linked above to determine if STUN will work for a given configuration.

git clone pystun-konrad
cd pystun-konrad/
git checkout research
mv README.rst
sudo python install



Download latest python27:

The latest python installer includes pip. From cmd.exe (Run as Administrator):

cd c:\Python27\Scripts
pip install pystun

If the server has multiple NICs, it may be necessary to tell pystun which NIC to use for testing. E.g.,

pystun -i


Firewall-Specific Configurations


Here's an example which should configure a full-cone NAT for only a certain block of IP addresses (startip and endip would be the address of the Orchid Core VMS server):

config firewall ippool
edit "full_cone-pool1"
set type port-block-allocation
set startip
set endip
set permit-any-host enable


Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request