diff --git a/hosts/gatekeeper/configuration.nix b/hosts/gatekeeper/configuration.nix
index c76d640..71b648c 100644
--- a/hosts/gatekeeper/configuration.nix
+++ b/hosts/gatekeeper/configuration.nix
@@ -72,6 +72,18 @@
       allowedIPsAsRoutes = false;
       privateKeyFile = "/var/src/secrets/wireguard/wg-nonat6";
     };
+    wg-vcp-bula = {
+      ips = [ "fe80::1/64" ];
+      peers = [
+        {
+          allowedIPs = [ "fe80::/64" "2a01:4f8:1c0c:8221::/64" ];
+          publicKey = "lD/4s628IOlb6hTu7MGWWkyZoMveClGiCjuOcHCEhxo=";
+        }
+      ];
+      listenPort = 51876;
+      allowedIPsAsRoutes = true;
+      privateKeyFile = "/var/src/secrets/wireguard/wg-vcp-bula";
+    };
     wg-vpn = {
       ips = [ "2a01:4f8:c0c:15f1::8001/113" "10.20.30.1/24" ];
       peers = [
@@ -116,7 +128,7 @@
     };
   };
 
-  networking.firewall.allowedUDPPorts = [ 53 993 995 50101 50127 50128 51820 60001 ];
+  networking.firewall.allowedUDPPorts = [ 53 993 995 50101 50127 50128 51820 51876 60001 ];
   networking.firewall.extraCommands = ''
     iptables -t nat -I PREROUTING -p udp -m multiport --dports 53,993,995  -j REDIRECT --to-ports 51820
   '';