diff --git a/hosts/dn42-il-gw1/configuration.nix b/hosts/dn42-il-gw1/configuration.nix
index 970165b..0cd44a6 100644
--- a/hosts/dn42-il-gw1/configuration.nix
+++ b/hosts/dn42-il-gw1/configuration.nix
@@ -146,6 +146,9 @@
         "fe80::2574/128"
         # peer fe80::6b61/64
       ];
+      postSetup = ''
+      ip addr replace dev wg1718 fe80::2574/128 peer fe80::6b61/128
+      '';
       listenPort = 51718;
       allowedIPsAsRoutes = false;
       peers = [
@@ -159,6 +162,15 @@
     };
   };
 
+  networking.firewall.allowedUDPPorts = [
+    50565 # wg0565
+    51271 # wg1271
+    51272 # wg1272
+    51280 # wg1280
+    54719 # wg4719
+    51718 # wg1718
+  ];
+
   profiles.clerie.dn42-router = {
     enable = true;
     loopbackIp = "fd56:4902:eca0:1::1";