diff --git a/hosts/carbon/configuration.nix b/hosts/carbon/configuration.nix
index 933d0ae..66075e8 100644
--- a/hosts/carbon/configuration.nix
+++ b/hosts/carbon/configuration.nix
@@ -75,25 +75,21 @@
       allowedIPsAsRoutes = false;
       privateKeyFile = "/var/src/secrets/wireguard/wg-porter4";
     };
+    wg-heimnetz = {
+      ips = [ "fd00:153:153:201::2/64" ];
+      peers = [ {
+        allowedIPs = [ "::/0" ];
+        endpoint = "[fd00:152:152:101::1]:60001";
+        publicKey = "j/XAIOJGgLieg0jry4AGSkxQySuDdwhJShqC5SCgsWw=";
+      } ];
+      listenPort = 60001;
+      allowedIPsAsRoutes = false;
+      privateKeyFile = "/var/src/secrets/wireguard/wg-heimnetz";
+      postSetup = "ip link set wg-heimnetz mtu 1340";
+    };
   };
 
-  clerie.gre-tunnel = {
-    enable = true;
-    ipv6= {
-      gre-gatekeeper6 = {
-        remote = "fd00:152:152:101::1";
-        local = (lib.head config.networking.interfaces.lo.ipv6.addresses).address;
-        address = "fd00:153:153:201::2/64";
-      };
-    };
-    ipv4 = {
-      gre-gatekeeper4 = {
-        remote = "10.152.101.1";
-        local = (lib.head config.networking.interfaces.lo.ipv4.addresses).address;
-        address = "10.153.201.2/24";
-      };
-    };
-  };
+  networking.firewall.allowedUDPPorts = [ 60001 ];
 
   # Routing tables
   # Table: 10000
diff --git a/hosts/gatekeeper/configuration.nix b/hosts/gatekeeper/configuration.nix
index fd2c996..3a44cab 100644
--- a/hosts/gatekeeper/configuration.nix
+++ b/hosts/gatekeeper/configuration.nix
@@ -72,6 +72,18 @@
       allowedIPsAsRoutes = false;
       privateKeyFile = "/var/src/secrets/wireguard/wg-nonat6";
     };
+    wg-heimnetz = {
+      ips = [ "fd00:153:153:201::1/64" ];
+      peers = [ {
+          allowedIPs = [ "::/0" ];
+          endpoint = "[fd00:152:152:104::1]:60001";
+          publicKey = "x44tpGt+uqIWTEl4qwZE7iPRjEHkYSZGKOQ7EuwLzX8=";
+      } ];
+      listenPort = 60001;
+      allowedIPsAsRoutes = false;
+      privateKeyFile = "/var/src/secrets/wireguard/wg-heimnetz";
+      postSetup = "ip link set wg-heimnetz mtu 1340";
+    };
     wg-vpn = {
       ips = [ "2a01:4f8:c0c:15f1::8001/113" "10.20.30.1/24" ];
       peers = [
@@ -111,7 +123,7 @@
     };
   };
 
-  networking.firewall.allowedUDPPorts = [ 50101 50127 50128 51820 ];
+  networking.firewall.allowedUDPPorts = [ 50101 50127 50128 51820 60001 ];
 
   clerie.nginx-port-forward = {
     enable = true;
@@ -140,24 +152,6 @@
     };
   };
 
-  clerie.gre-tunnel = {
-    enable = true;
-    ipv6= {
-      gre-carbon6 = {
-        remote = "fd00:152:152:104::1";
-        local = (lib.head config.networking.interfaces.lo.ipv6.addresses).address;
-        address = "fd00:153:153:201::1/64";
-      };
-    };
-    ipv4 = {
-      gre-carbon4 = {
-        remote = "10.152.104.1";
-        local = (lib.head config.networking.interfaces.lo.ipv4.addresses).address;
-        address = "10.153.201.1/24";
-      };
-    };
-  };
-
   services.bird2.enable = true;
   services.bird2.config = ''
   router id ${ (lib.head config.networking.interfaces.lo.ipv4.addresses).address };