diff --git a/machines/fuuko/services/matrix/synapse.nix b/machines/fuuko/services/matrix/synapse.nix
index ff98ff4..d8a05d5 100644
--- a/machines/fuuko/services/matrix/synapse.nix
+++ b/machines/fuuko/services/matrix/synapse.nix
@@ -40,6 +40,8 @@ in
     turn_uris = [
       "turns:turn.sbruder.de:5349?transport=udp"
       "turns:turn.sbruder.de:5349?transport=tcp"
+      "turn:turn.sbruder.de:3478?transport=udp"
+      "turn:turn.sbruder.de:3478?transport=tcp"
     ];
     turn_user_lifetime = "3600000"; # 1h
 
diff --git a/machines/vueko/services/coturn.nix b/machines/vueko/services/coturn.nix
index 9cd37d6..720c5ee 100644
--- a/machines/vueko/services/coturn.nix
+++ b/machines/vueko/services/coturn.nix
@@ -14,10 +14,9 @@ let
     # not needed for VoIP
     no-tcp-relay = true;
 
-    # only tls
     no-cli = true;
-    no-tcp = true;
-    no-udp = true;
+
+    listening-port = 3478;
 
     tls-listening-port = 5349;
     cert = "/run/turnserver/fullchain.pem";
@@ -117,8 +116,8 @@ in
   };
 
   networking.firewall = {
-    allowedTCPPorts = [ cfg.tls-listening-port ];
-    allowedUDPPorts = [ cfg.tls-listening-port ];
+    allowedTCPPorts = [ cfg.listening-port cfg.tls-listening-port ];
+    allowedUDPPorts = [ cfg.listening-port cfg.tls-listening-port ];
 
     allowedUDPPortRanges = lib.singleton {
       from = cfg.min-port;