The Parsec Relay Server is part of the Parsec for Teams Enterprise license. It’s a solution when you need more control over your network infrastructure and wants to ensure connections will always be successful. It can be used as a way to route all Parsec traffic through one public IP address and as a solution for managing strict firewall/NAT settings.
I decided to create the Relay Server using our spare HP z800 centos 7 with a 10G Mellanox NIC.
The idea is to have the whole (firewall + secure relay) to reside in the server itself as our Enterprise Palo alto firewall is not yet ready for any networking activities.
Both the 2 networks (public and private) were patched to NIC. Public IP (Globe lease line) was set to ens5f0 while the public LAN was patched to ens5f1.

Installation of the Parsec relay server is straightforward. Download the tar package on their website and follow the instructions provided.

Step 1. After extracting the tar package. Place the files to appropriate locations.

Step 2. Edit parsechpr.service


Add line

ExecStart=/bin/parsechpr (globe public IP) 5000 4900

Step 3. Enable IP_forwarding

To configure Linux IP forwarding on a Linux system in certain scenarios such as the Linux server is acting as a firewall, router, or NAT device, it will need to be capable of forwarding packets that are meant for other destinations (other than itself).

# sysctl net.ipv4.ip_forward
net.ipv4.ip_forward = 1

Step 4. Turn off the Firewall

Not advisable but you have to turn off the Firewall or you need to modify it to allow ports 5000,4900 and other ports needed for the relay server correctly.

sudo systemctl stop firewalld

Step 5. Confirm the status of the parsechpr service

service parsechpr status

Step 6. Set Public IP and port on parsec team global app settings

Every computer with parsec installed and is part of the Team should now use the Performance relay server as a point of connection/stun server. You can verify it on the log and console of each host.