diff --git a/nixos/master/configuration.nix b/nixos/master/configuration.nix
index 0b08652..d22cb40 100644
--- a/nixos/master/configuration.nix
+++ b/nixos/master/configuration.nix
@@ -157,6 +157,17 @@
         listenPort = 51820;
         privateKeyFile = "/etc/wireguard/private-key";
 
+        # This allows the wireguard server to route your traffic to the internet and hence be like a VPN
+        # For this to work you have to set the dnsserver IP of your router (or dnsserver of choice) in your clients
+        postSetup = ''
+          ${pkgs.iptables}/bin/iptables -t nat -A POSTROUTING -s 192.168.20.0/24 -o eth0 -j MASQUERADE
+        '';
+
+        # This undoes the above command
+        postShutdown = ''
+          ${pkgs.iptables}/bin/iptables -t nat -D POSTROUTING -s 192.168.20.0/24 -o eth0 -j MASQUERADE
+        '';
+
         peers = [
           {
             name = "shahab";