When you live behind a corporate network...
Users behind a corporate firewall and proxy might need to ask their IT department to provide some special network configurations to make Coviu work for them.
Here's how to debug a connectivity issue caused by a firewall and/or Web proxy.
You can use this page to test your devices and network as you progress:
Issue 1: you cannot load coviu.com or any of the pages in the app.
Analysis: your network has a very tight Web proxy which filters out Websites it does not know.
Remedy: ask your network administrators to allow access to the following domains.
static.coviu.com:443 (required - provides static resources)
app-images.coviu.com:443 (required - provides application images)
burger.coviu.com:443 (required - provides the video calling rooms)
plugins.coviu.com:443 (required - to load special in-call functionality)
monitor-listener.coviu.com:443 (advisable - we use this to debug any call issues you're reporting)
use.typekit.net:443 (advised - this provides the right fonts)
nexus-websocket-a.intercom.io:443 (optional - this offers Coviu chat support)
nexus-websocket-b.intercom.io:443 (optional - this offers Coviu chat support)
widget.intercom.io:443 (optional - this offers Coviu chat support)
api-iam.intercom.io:443 (optional - this offers Coviu chat support)
js.intercomcdn.com:443 (optional - this offers Coviu chat support)
d37gvrvc0wt4s1.cloudfront.net:443 (optional - this allows us to capture application issues)
www.google-analytics.com:443 (optional - this allows us to capture usage analytics)
Make sure the Web proxy can do a Websocket upgrade on nexus-websocket-a.intercom.io and nexus-websocket-b.intercom.io port 443.
Issue 2: when trying to connect to another person, they never appear in your Coviu video room.
Analysis: you are not connecting to the Coviu signalling server, which is connecting up the endpoints to each other via Websockets.
Remedy: ask your network administrators to open up the following ports.
These ports are necessary so we get to our ICE/STUN servers to deal with the NAT:
Make sure you also have these accessible in your proxy server:
witchcraft.covi.io:443 (required - to reach ICE/STUN servers)
*.covi.io:443 (required - to reach signalling servers)
*.coviu.com:443 (required - to reach signalling servers)
*.twilio.com:443 (required - to reach our backup TURN servers)
The Web proxy will need to be able to do a Websocket upgrade on all of the above.
Issue 3: when trying to connect to another person, it just says "is being connected" but it never connects.
Analysis: you have decided to close all udp ports and your firewall does deep packet inspection therefore a connection cannot be established.
Remedy: ask your network administrators to do one of two things: either open up some udp ports or make sure you can connect to our TURN server even when your firewall requires authentication and does deep packet inspection.
- Open UDP ports in the media range 49152 to 65535. This will often reduce audio/video latency because it avoids the use of a forwarding server and enables direct peer to peer connections.
- If you cannot open UDP ports, our app will try to connect to our TURN servers on port 443 (not unlike a VPN). These domains need to be added to your proxy (required - to reach TURN servers):
3. If adding the TURN servers to the proxy is not sufficient, you are likely using deep packet inspections and throwing away the video packets on port 443. Therefore, you will need to add a couple of IP addresses to the bypass list on your proxy:
This list may need to be refreshed if the TURN servers change IP addresses. But at least you don't have to open up the UDP ports.