diff --git a/roles/firewall/templates/nftables.nft.j2 b/roles/firewall/templates/nftables.nft.j2
index 060c1bc..d0b0892 100644
--- a/roles/firewall/templates/nftables.nft.j2
+++ b/roles/firewall/templates/nftables.nft.j2
@@ -41,8 +41,8 @@ table inet filter {
         iif @link udp dport 3784 ip6 saddr fe80::/10 accept \
         comment "Accept link-local BFD on fabric links"
 
-        iif @outside udp dport 51820 accept \
-        comment "Accept WireGuard from outside"
+        udp dport 51820 accept \
+        comment "Accept WireGuard from anywhere"
 
         iif {{ iface_sync }} ip6 saddr fe80::/10 udp dport 3780 accept \
         comment "Accept connection tracking sync data"