diff --git a/nixos/hosts/flandre-m5p/default.nix b/nixos/hosts/flandre-m5p/default.nix
index 4a01360..25429d8 100644
--- a/nixos/hosts/flandre-m5p/default.nix
+++ b/nixos/hosts/flandre-m5p/default.nix
@@ -1,10 +1,16 @@
 {
   suites,
+  profiles,
   mylib,
   ...
 }:
 {
-  imports = suites.server ++ (mylib.path.scanPaths ./. "default.nix");
+  imports =
+    suites.server
+    ++ [
+      profiles.virtualization.libvirtd
+    ]
+    ++ (mylib.path.scanPaths ./. "default.nix");
 
   system.stateVersion = "24.05";
 }
diff --git a/nixos/hosts/flandre-m5p/networking.nix b/nixos/hosts/flandre-m5p/networking.nix
index 9fc7ce8..42dfad9 100644
--- a/nixos/hosts/flandre-m5p/networking.nix
+++ b/nixos/hosts/flandre-m5p/networking.nix
@@ -1,4 +1,9 @@
-{ profiles, lib, ... }:
+{
+  profiles,
+  lib,
+  config,
+  ...
+}:
 {
   imports = with profiles; [
     services.enthalpy
@@ -6,6 +11,15 @@
 
   services.enthalpy.ipsec.interfaces = [ "enp2s0" ];
 
+  networking.netns.enthalpy.forwardPorts = [
+    {
+      protocol = "tcp";
+      netns = "default";
+      source = "[::]:${toString config.networking.ports.ssh}";
+      target = "[::]:${toString config.networking.ports.ssh}";
+    }
+  ];
+
   systemd.network = {
     enable = true;
     wait-online.anyInterface = true;