Hey team, I’d love to know whether any of your enterprise customers have run into issues connecting to TURN/STUN.
We have a few enterprise customers with custom network configurations and policies, which has created significant friction. Some core parts of our app aren’t working for those customers due to Twilio TURN server connection issues.
We’re considering migrating to LiveKit, and we’d like to understand whether this is typically less of an issue with LiveKit, or whether you already have solutions in place for customers with restrictive enterprise network policies.
There are firewall configurations that will intentionally block turn solutions and that would require working with the team that configures the firewall to open it up.
With that said, I have only seen a few instances where this is the case.
You can test using this browser test:
Or do a connection test here:
Another good option for testing is to use LiveKit meet:
@Muhammed_A, LiveKit Cloud has the right primitives for this. TURN/TLS runs on TCP 443, which is the standard escape hatch for enterprise firewalls that block UDP or non-standard ports [ docs.livekit.io/home/cloud/firewall/ ]. The same page publishes static IP ranges (EU, US, India) plus a hostname-onlyallowlist with regional DNS endpoints like *.eu.rtc.livekit.cloud, which is what enterprise IT teams need to approve outbound flows.
The usual root cause of Twilio TURN issues in restrictive networks is UDP blocking or IP ranges not on the customer’s allowlist. If their network reaches any HTTPS site, TURN/TLS on 443 gets through. Static IPs plus regional DNS let IT pin allowlists tightly without breaking the path.
If a customer’s network is so locked down they can’t reach LK Cloud at all, self-hosting LK server on their own infra is the fallback.