diff --git a/templates/frr_conf.j2 b/templates/frr_conf.j2
index ef3c4d6e2ec8fbb74d31a6239e2f61157e06ae2c..f1685e7dea80fa64307b31e12ce8a310173e89b7 100644
--- a/templates/frr_conf.j2
+++ b/templates/frr_conf.j2
@@ -55,7 +55,7 @@ router bgp {{bgp_asn}}
   neighbor firewall4s prefix-list my-networks in
   neighbor nat activate
   neighbor nat prefix-list all out
-  neighbor nat prefix-list my-networks in
+  neighbor nat prefix-list nat in
 {% for neighbor in internet_connections %}
 {%   for ip in neighbor.peer_ips %}
 {%     if ip|ansible.utils.ipv4 %}
@@ -163,6 +163,13 @@ ip prefix-list internet seq {{(loop.index|int)*10+170}} permit any
 {%   endif %}
 {% endfor %}
 !
+{% for range in dc4_ranges %}
+ip prefix-list nat seq {{(loop.index|int)*20-10}} permit {{range}}
+ip prefix-list nat seq {{(loop.index|int)*20}} permit {{range}} ge {{((range|regex_replace('.*/',''))|int)+1}}
+{%   if loop.last %}
+ip prefix-list nat seq {{(loop.index|int)*20+10}} deny any
+{%   endif %}
+{% endfor %}
 {% for range in dc4_ranges + anycast4_ranges %}
 ip prefix-list my-networks seq {{(loop.index|int)*10}} permit {{range}}
 {%   if loop.last %}