diff --git a/.secrets b/.secrets
index c7dc80d..8ea79f4 160000
--- a/.secrets
+++ b/.secrets
@@ -1 +1 @@
-Subproject commit c7dc80d23b6bf67ae8e69545b430bb13f000fa03
+Subproject commit 8ea79f48f6fec12860feee749b62cfe2833a09d8
diff --git a/nixosConfigurations/astora/default.nix b/nixosConfigurations/astora/default.nix
index 9153ce3..e29bc6e 100644
--- a/nixosConfigurations/astora/default.nix
+++ b/nixosConfigurations/astora/default.nix
@@ -141,7 +141,7 @@
         Host catarina
             HostName 192.168.156.102
             Port 22
-            User l.nafaryus
+            User l-nafaryus
     '';
 
     programs.direnv.enable = true;
diff --git a/nixosConfigurations/astora/hardware.nix b/nixosConfigurations/astora/hardware.nix
index a17a7aa..210756f 100644
--- a/nixosConfigurations/astora/hardware.nix
+++ b/nixosConfigurations/astora/hardware.nix
@@ -150,6 +150,7 @@
 
     networking = {
         networkmanager.enable = true;
+        networkmanager.unmanaged = [ "interface-name:ve-*" ];
         useDHCP = lib.mkDefault true;
         hostName = "astora";
         extraHosts = '''';
@@ -157,6 +158,19 @@
         firewall = {
             enable = true;
             allowedTCPPorts = [ 80 443 ];
+            trustedInterfaces = [ "ve-+" ];
+            extraCommands = ''
+                iptables -t nat -A POSTROUTING -o wlo1 -j MASQUERADE
+            '';
+            extraStopCommands = ''
+                iptables -t nat -D POSTROUTING -o wlo1 -j MASQUERADE
+            '';
+        };
+
+        nat = {
+            enable = true;
+            externalInterface = "wlo1";
+            internalInterfaces = [ "ve-+" ];
         };
 
         interfaces.wlo1.ipv4.addresses = [ {