diff --git a/home/agenix.nix b/home/agenix.nix
index 204cc65..40d5d8d 100644
--- a/home/agenix.nix
+++ b/home/agenix.nix
@@ -5,6 +5,9 @@
 
   age.secrets.access-tokens-github.file = ../secrets/gh_argstr.age;
 
+  age.secrets.fbda-wg-privkey.file = ../secrets/fbda_wg_priv_key.age;
+  age.secrets.fbda-wg-psk.file = ../secrets/fbda_wg_psk.age;
+
   age.secrets.obvps-id = {
     file = ../secrets/1bvps.age;
     path = "/home/rhea/.ssh/id_1bvps";
diff --git a/modules/networking.nix b/modules/networking.nix
index 45d62e4..469775d 100644
--- a/modules/networking.nix
+++ b/modules/networking.nix
@@ -1,6 +1,28 @@
+{ config, ... }:
 {
   # Enable networking
   networking.networkmanager.enable = true;
-
   networking.networkmanager.wifi.powersave = true;
+
+  networking.wireguard.enable = true;
+
+  networking.firewall = {
+    allowedUDPPorts = [ 51820 ]; # Clients and peers can use the same port, see listenport
+  };
+
+  networking.wireguard.interfaces."wg0" = {
+     privateKeyFile = "/run/agenix/fbda-wg-privkey";
+     ips = [ "192.168.178.201/24" ];
+     listenPort = 51820;
+
+     peers = [                                                                                                                                                                                                                        
+        { 
+          publicKey = "wwx1Kns34xmK+UJsF4l89uIZ5oc/m8VA9q7+YPWCbX8=";
+          presharedKeyFile = "/run/agenix/fbda-wg-psk";
+          allowedIPs = [ "192.168.178.0/24" "0.0.0.0/0" ];
+          endpoint = "y92dby3elaoma4gg.myfritz.net:57667";
+          persistentKeepalive = 25;
+        }
+     ];
+   };
 }
\ No newline at end of file
diff --git a/secrets/fbda_wg_priv_key.age b/secrets/fbda_wg_priv_key.age
new file mode 100644
index 0000000..7c78f1e
Binary files /dev/null and b/secrets/fbda_wg_priv_key.age differ
diff --git a/secrets/fbda_wg_psk.age b/secrets/fbda_wg_psk.age
new file mode 100644
index 0000000..281ff8b
Binary files /dev/null and b/secrets/fbda_wg_psk.age differ
diff --git a/secrets/secrets.nix b/secrets/secrets.nix
index 95c51bc..e498b10 100644
--- a/secrets/secrets.nix
+++ b/secrets/secrets.nix
@@ -8,4 +8,6 @@ in
   "1bvps.age".publicKeys = [ rhea-laptop ];
   "gcd_etwas.age".publicKeys = [ rhea-laptop ];
   "sign_etwas.age".publicKeys = [ rhea-laptop ];
+  "fbda_wg_priv_key.age".publicKeys = [ rhea-laptop ];
+  "fbda_wg_psk.age".publicKeys = [ rhea-laptop ];
 }
\ No newline at end of file