# Access an Instance from an Enterprise Network (NAT)

With Genymotion Device image (PaaS), users give or get access to virtual devices through the Internet. Thus, they must be able to connect to them from their corporate network and configure them to make them reachable.

For every asset and webpage, Genymotion instances are accessible through the HTTPS port 443. However, WebRTC connections, needed to display the virtual devices in the web browser, use an alternative protocol relying on the non-standard port range 51003 to 51100 (UDP or TCP). This might cause problems to users who are behind a web proxy to access the Internet.

To workaround this, UDP and TCP are relayed by our STUN/TURN server by default. If your instances do not have a public IP, it may be necessary to whitelist our STUN/TURN server IP in order to be able to access the instance display from the web.

Note

To retrieve our TURN server IPs to whitelist, you can use the dig command:

dig turn-paas.genymotion.com +short

Alternatively, users and/or companies may want or need to use their own TURN server for their network infrastructure.

This section explains how to install and configure a custom TURN server. The server can be installed on a remote machine that needs to be accessible publicly within the company network.

# Installing a TURN server on Linux

Note

We recommend installing the CoTURN server which is available in Ubuntu Server 20.04LTS.

To install a CoTURN server:

  1. If the Universe repository is not already activated, add it:

    sudo apt-add-repository universe
    
  2. Install the server:

    sudo apt-get install coturn
    
  3. Make sure the server restarts on boot by un-commenting TURNSERVER_ENABLED=1 in /etc/default/coturn file.

  4. Modify the configuration file /etc/turnserver.conf to have the CoTURN server listen on port 443:

    • Make sure the server listens to port 443 by un-commenting listening-port=3478 and changing it to listening-port=443
    • Add a user and password for your Genymotion virtual device by un-commenting user={your-username}:{your-password}
  5. Restart your computer.

  6. Make sure the CoTURN server started correctly and that it is listening on port 443 by checking the most recent log file (/var/log/turn_xxxx_2017-02-01.log where xxxx changes at each server boot).

  7. Make sure no other servers are running and listening on port 443, or CoTURN won't be able to use it.

# Configuring the instance to use the TURN server

First, you need to authorize the TURN server public IP in your cloud provider EC2 firewall rules so that it can access your virtual device.

Next, to make sure the web browser uses the TURN server, you must add its configuration to the web page that is served by the Genymotion device internal web server:

Your web browser now uses the TURN server on port 443.