diff --git a/roles/firewall/templates/firewall.j2 b/roles/firewall/templates/firewall.j2
index 1aa198a..f8719c0 100644
--- a/roles/firewall/templates/firewall.j2
+++ b/roles/firewall/templates/firewall.j2
@@ -260,6 +260,17 @@ config rule
 
 {% endfor %}
 
+{% set first_hypervisor = hostvars[groups['hypervisors'][0]] %}
+config redirect
+	option name 'Allow-INPUT-ProxmoxVE-Admin'
+	option src 'wan'
+	option src_dport '8006'
+	list proto 'tcp'
+	option dest 'dmz'
+	option dest_ip '{{ first_hypervisor['ansible_default_ipv4']['address'] }}'
+	option dest_port '8006'
+	option target 'DNAT'
+
 # Allow XMPP traffic
 config rule
 	option name 'Allow-OUTPUT-XMPP-s2s'