topic if WebRTC needs to leak the REAL IP address of the user for the signaling in Firewall and Security Management

if WebRTC needs to leak the REAL IP address of the user for the signaling

SANTHOSH17-8 — Thu, 10 Apr 2025 15:07:52 GMT

App Link https://docs.uneeq.io/networking-webrtc-turn

Context .. THis AI app does not work over VPN because WebRTC is blocked when the user does via VPN.

it works off VPN that the "voice" works

the "voice" is WebRTC via a TURN server

Just more context this protocol runs in the browser in Java so the browser signals the REAL IP to the TURN server. YOu

if WebRTC needs to leak the REAL IP address of the user for the signaling traffic. i don't want to simply opening ip/port to the TURN server. is there any other controls beyond opening the ports wide open. with respect to check point firewall. How can i achieve this in real world production environment.?

As far as I can find other than whitelisting ip/ports there are not other controls in place on checkpoint. If we have then please help me with it. Thanks.

Re: if WebRTC needs to leak the REAL IP address of the user for the signaling

PhoneBoy — Thu, 10 Apr 2025 16:08:35 GMT

Beyond allowing/denying the relevant ports, we do not provide any controls with respect to TURN.

Re: if WebRTC needs to leak the REAL IP address of the user for the signaling

SANTHOSH17-8 — Thu, 10 Apr 2025 16:54:54 GMT

My concern is there we can do other then opening ports wide open in check point firewall

Re: if WebRTC needs to leak the REAL IP address of the user for the signaling

PhoneBoy — Thu, 10 Apr 2025 17:40:53 GMT

Pretty sure we don't act on anything communicated with STUN/TURN.