diff --git a/nixos/hosts/osaka-vultr-01/default.nix b/nixos/hosts/osaka-vultr-01/default.nix
index d98bd607..37a55f43 100644
--- a/nixos/hosts/osaka-vultr-01/default.nix
+++ b/nixos/hosts/osaka-vultr-01/default.nix
@@ -59,6 +59,10 @@
     };
   };
 
+  networking.firewall.extraCommands = "
+    ${pkgs.iptables}/bin/ -t nat -A POSTROUTING -d 10.100.0.2 -p tcp -m tcp --dport 80   -j MASQUERADE
+    ${pkgs.iptables}/bin/ -t nat -A POSTROUTING -d 10.100.0.2 -p tcp -m tcp --dport 443  -j MASQUERADE
+  ";
   networking.nat = {
     enable = true;
     internalInterfaces =  [ "wireguard0" ];