diff --git a/hosts/dalinar/default.nix b/hosts/dalinar/default.nix
index a762fb6..790acd0 100644
--- a/hosts/dalinar/default.nix
+++ b/hosts/dalinar/default.nix
@@ -46,7 +46,8 @@
     firewall = {
       enable = true;
       allowedUDPPorts = [ 53 ];
-      allowedTCPPorts = [ 80 443];
+      allowedTCPPorts = [ 80 443 ];
+      trustedInterfaces = [ "tailscale0" ];
     };
     # head -c4 /dev/urandom | od -A none -t x4
     # Required for ZFS, see https://openzfs.github.io/openzfs-docs/Getting%20Started/NixOS/index.html
@@ -271,7 +272,7 @@
 
   networking.nat = {
     enable = true;
-    internalInterfaces = [ "ve-searx" ];
+    internalInterfaces = [ "ve-*" ];
     externalInterface = "eno1";
   };