This page shows how enterprises can use the API methods provided by the Agora Web SDK to access Agora’s services through a company firewall.

This page applies to the Agora Web SDK only. Proxy services by different service providers may result in slow performance if you use the Firefox browser. Therefore, Agora recommends using the same service provider for the proxy services. If you use different service providers, Agora recommends not using the Firefox browser.

Introduction

Enterprises may restrict employees’ access to unauthorized websites through a company firewall. The firewall may also restrict access to Agora’s services. Agora provides two interfaces in the Web SDK. The interfaces allow requests to bypass the company firewall and reach the Agora SD-RTN directly through proxy servers. Enterprises can deploy the Nginx and TURN servers and call these interfaces to enable internal access to Agora’s services.

Implementations

You need to deploy the Nginx and TURN servers before calling the methods in the Web SDK to enable the proxy service. Refer to the following steps to deploy the servers.

1. Deploy the Nginx Server

Ensure that you have acquired the domain name and certificate of the Nginx server before proceeding.

Install the Nginx Server

Refer to the steps in the Nginx Installation Guide to deploy the Nginx server.

Configure the conf file of the Nginx Server

  1. Run the following command line.

    sudo vim /etc/nginx/nginx.conf
  2. Add the following configuration in the http domain of the conf file.

    resolver 8.8.8.8;
    server {
            listen  80;
            listen  443;
            server_name <you dns>;
            ssl     on;
            ssl_certificate         <you certificate file absolute path>;
            ssl_certificate_key     <you certificate key file absolute path>;
            location /cs/ {
                    proxy_pass https://$arg_h:$arg_p/$arg_d;
            }
            location /rs/ {
                    proxy_pass https://$arg_h:$arg_p/$arg_d;
            }
            location /ws/ {
                    proxy_pass https://$arg_h:$arg_p;
                    proxy_http_version 1.1;
                    proxy_set_header Upgrade $http_upgrade;
                    proxy_set_header Connection "upgrade";
            }
    }
  3. Run the following command line.

    sudo nginx -s reload

2. Deploy the TURN Server

Agora provides an open-source TURN server package for you to download and deploy.

  1. Visit https://github.com/AgoraIO/Tools/tree/master/Proxy/proxy-for-webrtc and download the turnServer package. The complete package is composed of the following files: README, turnserver, turnserver.conf, and turnserver.sh.

  2. Open turnserver.sh and set the following parameters:

    Name Description
    extIP The external IP address
    udpport The binding port of the UDP socket. The default value is 3478.
    tcpport The binding port of the TCP socket. The default value is 3433.
    realm Name of your company. For example. agora.io.
  3. Add the names of the users that will use the TURN server in the turnserver.conf file in the format of username=key. Run the following command line to get the value of key:

    echo -n "<username>:<realm>:<password>" | md5sum
  4. Run the following command line to start the TURN server:

    usage: ./turnserver.sh [start/stop]

3. Call the Methods in the Web SDK to Set the Proxy

Choose either one of the following methods to set the proxy servers once you have finished deploying them:

Method 1: Set the proxyServer and turnServer parameters in the createClient method.

createClient(config)

Set the proxyServer and turnServer parameters:

Name Type Description
config Object
  • proxyServer: (Optional) Enterprises with a company firewall can deploy the Nginx server and then use this parameter to pass signaling messages to Agora through the Nginx server.
  • turnServer: (Optional) Enterprises with a company firewall can deploy the TURN server and then use this parameter to send voice and video data to Agora through the TURN server.

Sample Code

var config = {
  mode: 'live',
  codec: 'vp8',
  proxyServer: 'YOUR NGINX PROXY SERVER IP',
  turnServer: {
      turnServerURL: 'YOUR TURNSERVER URL',
      username: 'YOUR USERNAME',
      password: 'YOUR PASSWORD',
      udpport: 'THE UDP PORT YOU WANT TO ADD',
      tcpport: 'THE TCP PORT YOU WANT TO ADD',
      forceturn: false
  }
}
var client = AgoraRTC.createClient(config);

Ensure that you set this parameter before calling the client.join method.

Method 2: Call the setProxyServer and setTurnServer methods in the Web SDK

  • Deploy the Nginx server (setProxyServer).

      client.setProxyServer(domainName);
    Name Type Description
    domainName String Your Nginx server domain name.
  • Deploy the TURN server (setTurnServer).

      that.setTurnServer = function (config);
    Name Type Description
    config Object

    Configure the Turn server:

    • turnServerUrl: Your TURN server URL address.
    • username: Your TURN server username.
    • password: Your TURN server password.
    • udpport: The UDP ports you want to add to the TURN server.
    • forceturn: Sets whether to force data transfer by the TURN server:
      • true: Force data transfer.
      • false: (Default) Do not force data transfer.
    • tcpport: (Optional) The TCP ports you want add to the TURN server.

    Ensure that you call this method before the client.join method.

Working Principles

The following figure shows how the proxy works:

../_images/proxy_web_theory.jpg
  • The enterprise deploys the two proxy servers: Nginx and TURN servers.
  • The enterprise users call the two methods in the Web SDK. Signaling messages are passed to Agora through the Nginx server, while voice and video data streams are sent to Agora through the TURN server, thus enabling access to Agora’s services.