I had big problems with pairdrop and webrtc which also needs coturn stun or turn(s) protocol...
I found a good hiden hint for coturn and webrtc...
For special usecases you need two stun-server with different ip-addresses to be able to detect a working p2p connection.
You can use 2 different machines in different datacenters or it could also work with the same coturn on a vm with 2 different public ip-addresses.
If a p2o-connection is not possible, a turn(s)-server should be configured in matrix homeserver too.
This can be the same coturn as for stun.
AND... this cost me days of research and trial&error...
For a propper webrtc-connection in a federated system as matrix is, BOTH matrix homeservers must have configured 2 stun and at least one turn(s) server in their homeserver.yaml
I reproduced this every time trying to establish a call from two different mobile-phones with natted internet-connections from different ISPs on different matrix homeservers with different or one with no stun/turn-server configured.
I tried all setups many times.
You won't find this info elsewhere...
What i still not got working is, ehen one client is connected through vpn, and the other not.
I've no chance to establish a connection.