# Accessing a virtual device from an enterprise network (NAT)

With Genymotion Cloud, users give or get access to virtual devices through the Internet. Thus, they must be able to connect to them from their corporate network and configure them to make them reachable.

For every asset and webpage, the Genymotion virtual devices are accessible through the HTTPS port 443. However, WebRTC connections,needed to display the virtual devices in the web browser, use an alternative protocol relying on the non-standard port range 51003 to 51100 (UDP or TCP). This might cause problems to users who are behind a web proxy to access the Internet. Their proxy must allow CONNECT requests on that port range (eg. Squid). If users cannot modify their corporate network configurations to allow those outgoing connections, then an external TURN server must be configured.

TURN is a server used as a relay for the media part of WebRTC communications. It is used to relay UDP or TCP when one of the peers cannot be reached or cannot contact the other peer because of port restriction.

This section explains how to install and configure the TURN server. The server can be installed on a remote machine that needs to be accessible publicly.

# Installing a TURN server on Linux


We recommend installing a CoTURN server which is available in the latest stable Ubuntu Linux distribution (16.04+).

To install a CoTURN server:

  1. Add the Universe repository using sudo apt-add-repository universe.
  2. Install the server using sudo apt-get install coturn.
  3. Make sure the server restarts on boot by uncommenting TURNSERVER_ENABLED=1 in /etc/default/coturn file.
  4. Modify the configuration file /etc/turnserver.conf to have the CoTURN server listen on port 443:
    1. Make sure the server listens to port 443 by uncommenting listening-port=3478 and changing it to listening-port=443
    2. Add a user and password for your Genymotion virtual device by uncommenting user=your-username:your-password.
  5. Restart your computer.
  6. Make sure the CoTURN server started correctly and that it is listening on port 443 by checking the most recent log file (/var/log/turn_xxxx_2017-02-01.log where xxxx changes at each server boot).
  7. Make sure no other servers are running and listening on port 443, or CoTURN won't be able to use it.

# Configuring the Genymotion virtual device to use the TURN server

First, you need to authorize the TURN server public IP in AWS or GCP firewall rules so that it can access your virtual device.

Next, to make sure the web browser uses the TURN server, you must add its configuration to the web page that is served by the Genymotion device internal web server.


For now, it is possible to modify the TURN/STUN configuration only for the https://X.X.X.X/iframe/ path (and not for the main administration panel), where X.X.X.X is your instance IP address. This has been fixed in the next Genymotion version.

To do so:

  1. Connect to the device using SSH. For more information, you can refer to section Accessing a Genymotion virtual device from SSH.
  2. From the /data/www/iframe/ directory of the index.html page, add a TURN element in the options element:
    var options = {
        template: "god_default",
        god: true,
        token: (typeof token !== 'undefined') ? token :
        turn: {
             urls: [
  • TURNServerPublicIP is your TURN server public IP
  • username1 is the username set in turnserver.conf file
  • password1 is the password set in turnserver.conf file.


Don't forget to add a comma at the end of the previous line in the options structure.

Your web browser now uses the TURN server on port 443 when you cannot reach Genymotion Cloud directly for WebRTC connections (on port 51003 -> 51100).