Skip to content

Access from an Enterprise Network (NAT)

With Genymotion Device image (PaaS), users give or get access to virtual devices through the Internet. Thus, they must be able to connect to them from their corporate network and configure them to make them reachable.

For every asset and webpage, Genymotion instances are accessible through the HTTPS port 443. However, WebRTC connections, needed to display the virtual devices in the web browser, use an alternative protocol relying on the non-standard port range 51000 to 51100 (UDP or TCP). This might cause problems to users who are behind a web proxy or a NAT network.

To workaround this, UDP and TCP are relayed by our STUN/TURN server by default if the TCP/UDP port range 51000 - 51100 is unreachable. However, this may fail (no device display) under the following circumstances:

  • Your local network has tight security

    You may need to whitelist our STUN/TURN server IP if your local network has tight access security. To retrieve our TURN server IPs to whitelist, you can use the dig command:

    dig turn-paas.genymotion.com +short
    

    Alternatively, you can use your own TURN server.

  • The Genymotion instance has no public IP and/or no access to the Internet

    The instance needs to be able to access the Internet to reach our TURN/STUN server. Without a Public IP, you will either need a gateway within the instance VPC or use your own TURN/STUN server.

Use your own TURN server

Installing a TURN server on Linux

We recommend installing the CoTURN server on Ubuntu Server 20.04LTS:

  1. Add the Universe repository if it is not already activated:

    sudo apt-add-repository universe
    
  2. Update and upgrade Ubuntu:

    sudo apt update && sudo apt upgrade
    
  3. Reboot.

  4. Install the server:

    sudo apt-get install coturn
    
  5. Make sure the server restarts on boot by un-commenting TURNSERVER_ENABLED=1 in /etc/default/coturn file.

  6. Edit the file /etc/turnserver.conf
  7. Un-comment listening-port=3478 and change it to listening-port=443 to have the CoTURN server listen on port 443:

    # TURN listener port for UDP and TCP (Default: 3478).
    # Note: actually, TLS & DTLS sessions can connect to the 
    # "plain" TCP & UDP port(s), too - if allowed by configuration.
    #
    listening-port=443
    

    Note

    We chose to use TCP prot 443 to ensure best compatibility with secured networks. Also, make sure no other servers are running and listening to this port, or CoTURN won't be able to use it.

  8. Un-comment listening-ip and relay-ip, and replace the default IP with your Ubuntu server public IP:

    # Specify listening IP, if not set then Coturn listens on all system IPs. 
    listening-ip=xxx.xxx.xxx.xxx
    relay-ip=xxx.xxx.xxx.xxx
    
  9. Add a user and password for your Genymotion virtual device by un-commenting user=username1:password1 and replace username1 and password1 by the username and password of your choice:

    # 'Static' user accounts for long term credentials mechanism, only.
    # This option cannot be used with TURN REST API.
    # 'Static' user accounts are NOT dynamically checked by the turnserver process, 
    # so that they can NOT be changed while the turnserver is running.
    #
    #user=username1:key1
    #user=username2:key2
    # OR:
    user=genymotion:123456
    #user=username2:password2
    
  10. Reboot.

  11. Verify that the CoTURN server started correctly and is listening to port 443:

    sudo systemctl status coturn
    

Configuring the instance to use your TURN server

First, you need to authorize the TURN server public IP in your cloud provider EC2 firewall rules so that it can access your virtual device.

Next, to make sure the web browser uses the TURN server, you must add its configuration to the web page that is served by the Genymotion device internal web server.

From the Web UI

Version badge

  1. Go to the Configuration panel of your instance:
    Configuration screenshot
    You can also reach the instance Configuration panel with the URL https://{your_instance_public_IP}/configuration.
  2. In the TURN & STUN box, fill the form:
    Turn screenshot
  3. Click APPLY to apply the changes.

By Command line

Version badge

Info

  • TURNServerIP and STUN_IP are your STUN/TURN server public IP
  • username1 and password1 are the username and password set in the turnserver.conf file.
  • geny_instance_IP is Genymotion instance IP.
  1. Setup and connect the instance to ADB
  2. Set the instance to use your turn server:

    adb shell setprop persist.webrtcd.turn-uri turn:TURNServerIP:443
    
  3. Set the STUN IP:

    adb shell setprop persist.webrtcd.stun-uri stun:STUN_IP:443
    
  4. Set your turn server username and password:

    adb shell setprop persist.webrtcd.turn-username username1 && adb shell setprop persist.webrtcd.turn-password password1
    

You can also use a script like the following one to automate the process:

#!/bin/bash
adb shell "setprop persist.webrtcd.turn-uri turn:TURNServerIP:443;\
setprop persist.webrtcd.stun-uri stun:STUN_IP:443;\
setprop persist.webrtcd.turn-username username1;\
setprop persist.webrtcd.turn-password password1"
  1. Setup SSH
  2. Connect to the instance shell:

    ssh -i key.pem [email protected]_instance_IP
    
  3. Set your turn server IP:

    setprop persist.webrtcd.turn-uri turn:TURNServerIP:443
    
  4. Set the STUN IP:

    setprop persist.webrtcd.stun-uri stun:STUN_IP:443
    
  5. Set your turn server username and password:

    setprop persist.webrtcd.turn-username username1 && setprop persist.webrtcd.turn-password password1
    

You can also use a script like the following one:

#!/bin/bash
ssh -i key.pem [email protected]_instance_IP \
"setprop persist.webrtcd.turn-uri turn:TURNServerIP:443;\
setprop persist.webrtcd.stun-uri stun:STUN_IP:443;\
setprop persist.webrtcd.turn-username username1;\
setprop persist.webrtcd.turn-password password1"

Your web browser now uses your TURN server on port 443 for webrtc.

Back to top