diff --git a/src/qemu/qemu.conf b/src/qemu/qemu.conf
index e5ff33d522..6cfb9ea8ca 100644
--- a/src/qemu/qemu.conf
+++ b/src/qemu/qemu.conf
@@ -452,3 +452,14 @@
 # Override the listen address for all incoming migrations. Defaults to
 # 0.0.0.0 or :: in case if both host and qemu are capable of IPv6.
 #migration_address = "127.0.0.1"
+
+
+# Override the port range used for incoming migrations.
+#
+# Minimum must be greater than 0, however when QEMU is not running as root,
+# setting the minimum to be lower than 1024 will not work.
+#
+# Maximum must not be greater than 65535.
+#
+#migration_port_min = 49152
+#migration_port_max = 49215
diff --git a/src/qemu/qemu_conf.c b/src/qemu/qemu_conf.c
index 8d7bee8296..4ef9c75888 100644
--- a/src/qemu/qemu_conf.c
+++ b/src/qemu/qemu_conf.c
@@ -225,6 +225,9 @@ virQEMUDriverConfigPtr virQEMUDriverConfigNew(bool privileged)
     cfg->webSocketPortMin = QEMU_WEBSOCKET_PORT_MIN;
     cfg->webSocketPortMax = QEMU_WEBSOCKET_PORT_MAX;
 
+    cfg->migrationPortMin = QEMU_MIGRATION_PORT_MIN;
+    cfg->migrationPortMax = QEMU_MIGRATION_PORT_MAX;
+
 #if defined HAVE_MNTENT_H && defined HAVE_GETMNTENT_R
     /* For privileged driver, try and find hugepage mount automatically.
      * Non-privileged driver requires admin to create a dir for the
@@ -462,6 +465,24 @@ int virQEMUDriverConfigLoadFile(virQEMUDriverConfigPtr cfg,
         goto cleanup;
     }
 
+    GET_VALUE_LONG("migration_port_min", cfg->migrationPortMin);
+    if (cfg->migrationPortMin <= 0) {
+        virReportError(VIR_ERR_INTERNAL_ERROR,
+                       _("%s: migration_port_min: port must be greater than 0"),
+                        filename);
+        goto cleanup;
+    }
+
+    GET_VALUE_LONG("migration_port_max", cfg->migrationPortMax);
+    if (cfg->migrationPortMax > 65535 ||
+        cfg->migrationPortMax < cfg->migrationPortMin) {
+        virReportError(VIR_ERR_INTERNAL_ERROR,
+                        _("%s: migration_port_max: port must be between "
+                          "the minimal port %d and 65535"),
+                       filename, cfg->migrationPortMin);
+        goto cleanup;
+    }
+
     p = virConfGetValue(conf, "user");
     CHECK_TYPE("user", VIR_CONF_STRING);
     if (p && p->str &&
diff --git a/src/qemu/qemu_conf.h b/src/qemu/qemu_conf.h
index c6fbaa56ed..f9ff7afa09 100644
--- a/src/qemu/qemu_conf.h
+++ b/src/qemu/qemu_conf.h
@@ -161,6 +161,8 @@ struct _virQEMUDriverConfig {
 
     /* The default for -incoming */
     char *migrationAddress;
+    int migrationPortMin;
+    int migrationPortMax;
 };
 
 /* Main driver state */
diff --git a/src/qemu/qemu_driver.c b/src/qemu/qemu_driver.c
index 895681b60b..4977b12d1a 100644
--- a/src/qemu/qemu_driver.c
+++ b/src/qemu/qemu_driver.c
@@ -688,8 +688,8 @@ qemuStateInitialize(bool privileged,
         goto error;
 
     if ((qemu_driver->migrationPorts =
-         virPortAllocatorNew(QEMU_MIGRATION_PORT_MIN,
-                             QEMU_MIGRATION_PORT_MAX)) == NULL)
+         virPortAllocatorNew(cfg->migrationPortMin,
+                             cfg->migrationPortMax)) == NULL)
         goto error;
 
     if (qemuSecurityInit(qemu_driver) < 0)
diff --git a/src/qemu/test_libvirtd_qemu.aug.in b/src/qemu/test_libvirtd_qemu.aug.in
index 7417d124e3..8f4b3a9d2c 100644
--- a/src/qemu/test_libvirtd_qemu.aug.in
+++ b/src/qemu/test_libvirtd_qemu.aug.in
@@ -70,3 +70,5 @@ module Test_libvirtd_qemu =
 { "keepalive_count" = "5" }
 { "seccomp_sandbox" = "1" }
 { "migration_address" = "127.0.0.1" }
+{ "migration_port_min" = "1234" }
+{ "migration_port_max" = "12345" }