diff --git a/system/thinknix/default.nix b/system/thinknix/default.nix
index 943b42e1..849159de 100644
--- a/system/thinknix/default.nix
+++ b/system/thinknix/default.nix
@@ -70,6 +70,14 @@
     #   ${pkgs.iproute2}/bin/ip netns add ${name}
     # '';
 
+    postSetup = ''
+      ${pkgs.iptables} -A FORWARD -i vps-wg-client -j ACCEPT
+      ${pkgs.iptables} -t nat -A POSTROUTING -o ens18 -j MASQUERADE
+    '';
+    postShutdown = ''
+      ${pkgs.iptables} -D FORWARD -i vps-wg-client -j ACCEPT
+      ${pkgs.iptables} -t nat -D POSTROUTING -o ens18 -j MASQUERADE
+    '';
     # postSetup = ''
     #   ${pkgs.iptables} -A FORWARD -i wg0-client -j ACCEPT
     #   ${pkgs.iptables} -t nat -A POSTROUTING -o eth0 -j MASQUERADE