diff --git a/books/vpn.yml b/books/vpn.yml
index 77ab98b..d653753 100644
--- a/books/vpn.yml
+++ b/books/vpn.yml
@@ -3,3 +3,4 @@
 - hosts: vpn
   roles:
     - vpn
+    - networking
diff --git a/host_vars/azerty.fil.sand.auro.re/networking.yml b/host_vars/azerty.fil.sand.auro.re/networking.yml
index f9cf0a7..0719e26 100644
--- a/host_vars/azerty.fil.sand.auro.re/networking.yml
+++ b/host_vars/azerty.fil.sand.auro.re/networking.yml
@@ -6,3 +6,6 @@ interfaces:
   wg0:
     ipv4: "172.20.1.2"
     netmaskv4: 16
+
+ipv4_forwarding: false
+ipv6_forwarding: false
diff --git a/host_vars/hellman.fil.sand.auro.re/networking.yml b/host_vars/hellman.fil.sand.auro.re/networking.yml
index 2083c66..78314de 100644
--- a/host_vars/hellman.fil.sand.auro.re/networking.yml
+++ b/host_vars/hellman.fil.sand.auro.re/networking.yml
@@ -6,3 +6,6 @@ interfaces:
   wg0:
     ipv4: "172.20.1.3"
     netmaskv4: 16
+
+ipv4_forwarding: false
+ipv6_forwarding: false
diff --git a/host_vars/hindley.adh.auro.re/networking.yml b/host_vars/hindley.adh.auro.re/networking.yml
index 8eb57ba..d11b050 100644
--- a/host_vars/hindley.adh.auro.re/networking.yml
+++ b/host_vars/hindley.adh.auro.re/networking.yml
@@ -6,3 +6,6 @@ interfaces:
   wg0:
     ipv4: "172.20.1.1"
     netmaskv4: 16
+
+ipv4_forwarding: true
+ipv6_forwarding: false
diff --git a/roles/networking/tasks/main.yml b/roles/networking/tasks/main.yml
new file mode 100644
index 0000000..903ae9d
--- /dev/null
+++ b/roles/networking/tasks/main.yml
@@ -0,0 +1,14 @@
+---
+- name: Enable ipv4 forwarding
+  ansible.posix.sysctl:
+    name: net.ipv4.ip_forward
+    value: '1'
+    sysctl_set: true
+  when: "{{ ipv4_forwarding }}"
+
+- name: Enable ipv6 forwarding
+  ansible.posix.sysctl:
+    name: net.ipv6.conf.all.forwarding
+    value: '1'
+    sysctl_set: true
+  when: "{{ ipv6_forwarding }}"