diff --git a/roles/matrix-server/tasks/setup_synapse.yml b/roles/matrix-server/tasks/setup_synapse.yml
index 8359e0f3c..82555a5fe 100644
--- a/roles/matrix-server/tasks/setup_synapse.yml
+++ b/roles/matrix-server/tasks/setup_synapse.yml
@@ -58,15 +58,27 @@
     line: '\1user: "{{ matrix_postgres_connection_username }}"\n\1password: "{{ matrix_postgres_connection_password }}"\n\1database: "homeserver"\n\1host: "postgres"\n\1cp_min: 5\n\1cp_max: 10'
     backrefs: yes
 
+- name: Augment Matrix config (configure Coturn)
+  lineinfile: "dest={{ matrix_synapse_data_path }}/turnserver.conf"
+  args:
+    regexp: "^{{ item.variable }}="
+    line: '{{ item.variable }}={{ item.value }}'
+  with_items:
+    - {'variable': 'min-port', 'value': "{{ matrix_coturn_turn_udp_min_port }}"}
+    - {'variable': 'max-port', 'value': "{{ matrix_coturn_turn_udp_max_port }}"}
+    - {'variable': 'external-ip', 'value': "{{ matrix_coturn_turn_external_ip_address }}"}
+
 - name: Allow access to Matrix ports in firewalld
   firewalld:
-    port: "{{ item }}/tcp"
+    port: "{{ item }}"
     state: enabled
     immediate: yes
     permanent: yes
   with_items:
-    - 3478 # Coturn
-    - 8448 # Matrix federation
+    - '8448/tcp' # Matrix federation
+    - '3478/tcp' # STUN
+    - '3478/udp' # STUN
+    - "{{ matrix_coturn_turn_udp_min_port }}-{{ matrix_coturn_turn_udp_max_port }}/udp" # TURN
 
 - name: Ensure matrix-synapse.service installed
   template:
diff --git a/roles/matrix-server/templates/systemd/matrix-synapse.service.j2 b/roles/matrix-server/templates/systemd/matrix-synapse.service.j2
index 7ec7a062d..8b60fd9ad 100644
--- a/roles/matrix-server/templates/systemd/matrix-synapse.service.j2
+++ b/roles/matrix-server/templates/systemd/matrix-synapse.service.j2
@@ -14,6 +14,8 @@ ExecStart=/usr/bin/docker run --rm --name matrix-synapse \
 			--link matrix-postgres:postgres \
 			-p 8448:8448 \
 			-p 3478:3478 \
+			-p 3478:3478/udp \
+			-p {{ matrix_coturn_turn_udp_min_port }}-{{ matrix_coturn_turn_udp_max_port }}:{{ matrix_coturn_turn_udp_min_port }}-{{ matrix_coturn_turn_udp_max_port }}/udp \
 			-v {{ matrix_synapse_data_path }}:/data \
 			-v {{ ssl_certs_path }}:/acmetool-certs \
 			{{ docker_matrix_image }}
diff --git a/vars/vars.yml b/vars/vars.yml
index c7df7635b..7466a2a3f 100644
--- a/vars/vars.yml
+++ b/vars/vars.yml
@@ -38,4 +38,10 @@ docker_riot_image: "silviof/matrix-riot-docker"
 
 # Specifies when to restart the Matrix services so that
 # a new SSL certificate could go into effect (UTC time).
-matrix_services_restart_cron_time_definition: "15 4 3 * *"
\ No newline at end of file
+matrix_services_restart_cron_time_definition: "15 4 3 * *"
+
+# UDP port-range to use for TURN
+matrix_coturn_turn_udp_min_port: 49152
+matrix_coturn_turn_udp_max_port: 49172
+
+matrix_coturn_turn_external_ip_address: "{{ ansible_host }}"