diff --git a/common/wireguard.nix b/common/wireguard.nix
index 751585d..99578c5 100644
--- a/common/wireguard.nix
+++ b/common/wireguard.nix
@@ -16,12 +16,12 @@ with lib; {
         peers = { # TODO
           stelphone = {
             localIp = "142";
-            publicKey = "6ZwilfrS1J/dMYRnwIMcQ3cW0KtJdLRj5VnSOjwOpn8=";
+            publicKey = "UnS5BtlKKTXfNaSsw2PY7Gbd5aLGiJVlCUY7bHosLio=";
           };
         };
 
         prefixes = {
-          ipv4 = [ ]; # TODO
+          ipv4 = [ "192.168.244" ];
           ipv6 = {
             ula = [ ]; # TODO
             gua = [ ];
diff --git a/machines/metis/default.nix b/machines/metis/default.nix
index 783b5e2..6862561 100644
--- a/machines/metis/default.nix
+++ b/machines/metis/default.nix
@@ -40,7 +40,7 @@
     };
 
     # enable wireguard
-    wireguard.enable = false;
+    wireguard.enable = true;
 
 
     # user setup
@@ -77,6 +77,12 @@
       interface = "ens3";
     };
 
+    nat = {
+      enable = true;
+      externalInterface = "ens3";
+      internalInterfaces = [ "wg-stelnet" ];
+    };
+
   };
   system.stateVersion = "22.05";
 }
diff --git a/modules/server/default.nix b/modules/server/default.nix
index ad9e563..d1a2228 100644
--- a/modules/server/default.nix
+++ b/modules/server/default.nix
@@ -8,6 +8,7 @@ with lib; {
     nextcloud.enable = mkEnableOption "Set up nextcloud";
     smailserver.enable = mkEnableOption "Set up simple mail server";
     unbound.enable = mkEnableOption "Set unbound dns up";
+    
   };
 
   imports = [