diff --git a/ansible/roles/firewall/files/mrmanager_pf.conf b/ansible/roles/firewall/files/mrmanager_pf.conf
index c8a9680..fdd7e3e 100644
--- a/ansible/roles/firewall/files/mrmanager_pf.conf
+++ b/ansible/roles/firewall/files/mrmanager_pf.conf
@@ -19,6 +19,10 @@ nat pass on lagg0 inet from $jail_nat_v4 to $not_jail_nat_v4 -> (lagg0)
 nat pass on $not_ext_if inet from $jail_nat_v4 to 10.215.1.1 port 53 -> ($ext_if)
 rdr pass on $not_ext_if proto {tcp, udp} from any to 10.215.1.1 port 53 -> 1.1.1.1 port 53
 
+rdr pass on $ext_if inet proto tcp from $not_jail_nat_v4 to any port 6443 -> 10.215.1.204 port 6443
+nat pass on $not_ext_if proto {tcp, udp} from any to 10.215.1.204 port 6443 -> (jail_nat)
+
+
 # filtering
 block log all
 pass out on $ext_if