diff --git a/modules/services/wgautomesh.nix b/modules/services/wgautomesh.nix
index e42c6b8..435ea7e 100644
--- a/modules/services/wgautomesh.nix
+++ b/modules/services/wgautomesh.nix
@@ -40,9 +40,19 @@ in {
     default = true;
   };
   config = {
-    networking.firewall.allowedUDPPorts = [
-      wireguardPort
-    ];
+    networking.firewall = {
+      allowedUDPPorts = [
+        wireguardPort
+      ];
+      extraCommands = ''
+        # Allow UDP packets comming from port 1900 from a local address,
+        # these are necessary for UPnP/IGD
+        iptables -A INPUT -s 192.168.0.0/16 -p udp --sport 1900 -j ACCEPT
+      '';
+      extraStopCommands = ''
+        iptables -D INPUT -s 192.168.0.0/16 -p udp --sport 1900 -j ACCEPT
+      '';
+    };
 
     networking.wireguard.interfaces.wg0 = {
       ips =