diff --git a/nodes/ovh/icinga2.py b/nodes/ovh/icinga2.py
index 9b03ed2..6322990 100644
--- a/nodes/ovh/icinga2.py
+++ b/nodes/ovh/icinga2.py
@@ -1,6 +1,7 @@
 nodes['ovh.icinga2'] = {
     'bundles': {
         'icinga2',
+        'iptables',
         'php',
         'postgresql',
         'wireguard',
@@ -30,6 +31,12 @@ nodes['ovh.icinga2'] = {
             'sipgate_user': vault.decrypt('encrypt$gAAAAABfujAmCUnicSAllq8MskXnPodKp3cGcfA6Abvef-rAYwB2CtCwt9oBRVKFskJPVArDaF1wfjNTfLwgX3gTP7xFutJ1HA=='),
             'sipgate_pass': vault.decrypt('encrypt$gAAAAABfui_4B7UmOosI_gsQ-xvmd3X_BUDSl-G2KF_Tg8O6RpUvk0gHexOKsrTb6se1ipXsh7RC9pbZCKMtesW0C6j24LHXDKCOjkqI77oO0ZjnG6SUwfcJqg61biNiRlXy8z-9LCGA'),
         },
+        'iptables': {
+            'custom_rules': {
+                # icinga2 api
+                'iptables -A INPUT -i wg0 -p tcp --dport 5665 -j ACCEPT',
+            },
+        },
         'nginx': {
             'vhosts': {
                 'icingaweb': {