diff --git a/m/apex/wireguard.nix b/m/apex/wireguard.nix
index 4721d2df..e1335149 100644
--- a/m/apex/wireguard.nix
+++ b/m/apex/wireguard.nix
@@ -20,7 +20,7 @@
         {
           name = "fox";
           publicKey = "VfMPBQLQTKeyXJSwv8wBhc6OV0j2qAxUpX3kLHunK2Y=";
-          allowedIPs = [ "10.106.0.1/32" ];
+          allowedIPs = [ "10.106.0.1/32" "10.0.40.0/24" ];
           endpoint = "fox.ac.upc.edu:666";
           # Send keepalives every 25 seconds. Important to keep NAT tables alive.
           persistentKeepalive = 25;
diff --git a/m/fox/wireguard.nix b/m/fox/wireguard.nix
index 7a55c2e9..f93c3e41 100644
--- a/m/fox/wireguard.nix
+++ b/m/fox/wireguard.nix
@@ -23,11 +23,11 @@
 
       peers = [
         # List of allowed peers.
-        { 
+        {
           name = "apex";
           publicKey = "VwhcN8vSOzdJEotQTpmPHBC52x3Hbv1lkFIyKubrnUA=";
           # List of IPs assigned to this peer within the tunnel subnet. Used to configure routing.
-          allowedIPs = [ "10.106.0.30/32" ];
+          allowedIPs = [ "10.106.0.30/32" "10.0.40.7/32" ];
         }
         {
           name = "raccoon";
@@ -40,6 +40,7 @@
 
   networking.hosts = {
     "10.106.0.30" = [ "apex" ];
+    "10.0.40.7" = [ "hut" ];
     "10.106.0.236" = [ "raccoon" ];
     "10.0.44.4" = [ "tent" ];
   };