You are here: Integration > Reverse proxy and TURN server > Example deployment

Example deployment: single NIC on public address

The diagram below depicts an example deployment where the reverse proxy and the TURN server application have been deployed with a single NIC on a public address.

The environment is split into two parts — an internal, private network segment and a DMZ network. The private network has two Pexip Infinity Conferencing Nodes, while the DMZ perimeter network contains the reverse proxy and TURN server.

Note that all IP addresses in this guide are examples only — actual IP addressing will be deployment specific.

Example deployment used in this guide: single NIC on public address

This example is used in the Deploying the reverse proxy and TURN server using an OVA template section.

For this example deployment:

  • Two Conferencing Nodes have been deployed in the LAN segment with IP addresses and
  • The firewall in this scenario has three network interfaces:
    • LAN:
    • DMZ:
    • WAN:
  • The DMZ network ( can route network traffic to the LAN network (no NAT between LAN and DMZ).
  • The reverse proxy and TURN server have been deployed in the DMZ subnet with IP address
  • As there is no NAT between the Conferencing Nodes in the LAN and the TURN server in the DMZ, the Conferencing Nodes have been configured to send their STUN requests to a STUN server in the public internet.
  • The firewall has been configured to:
    • allow the reverse proxy to initiate HTTPS connections towards the Conferencing Node IP addresses
    • allow the Conferencing Nodes to send TURN packets to the TURN server on UDP port 3478
    • allow the Conferencing Nodes to send STUN packets to the STUN server, typically on UDP port 3478, although uses port 19302.